←back to thread

Bypassing disk encryption on systems with automatic TPM2 unlock

(oddlama.org)
189 points arjvik | 1 comments | 17 Jan 25 03:00 UTC | HN request time: 0s | source
Show context
acheong08 ◴[17 Jan 25 04:12 UTC] No.42733994[source]
I don't understand why anyone would use passwordless disk encryption. It just seems inherently vulnerable, especially with the threat model of physical compromise.

Entering a password on boot isn't even that much work

replies(19): >>42734012 #>>42734073 #>>42734132 #>>42734171 #>>42734304 #>>42734370 #>>42734375 #>>42734397 #>>42734516 #>>42734734 #>>42734841 #>>42734892 #>>42734925 #>>42735445 #>>42736160 #>>42739068 #>>42740673 #>>42741392 #>>42742256 #
1. coppsilgold ◴[17 Jan 25 06:37 UTC] No.42734734[source]
Passwordless TPM FDE effectively "pairs" your HDD(s) with the TPM module such that the data on the drive(s) is inaccessible without it or a strong LUKS password if added.

Using even a weak pin/password will allow you to both "pair" and "secure" assuming the TPM is configured to destroy the key on multiple failed attempts.

You should also add a strong (high entropy) LUKS password to allow data recovery in case the TPM chip is lost or the keys are destroyed.

Note that the bits of the encryption keys are present somewhere in the TPM and could in theory be extracted with an exploit or with scanning probe microscopy perhaps.