Lee DunatoTechnology@lemmy.worldEnglish·8 months agoBitLocker encryption broken in less than 43 seconds with sub-$10 Raspberry Pi Pico — key can be sniffed when using an external TPM(www.tomshardware.com)external-linkarrow-up1756arrow-down118message-square71fedilink
arrow-up1738arrow-down1external-linkBitLocker encryption broken in less than 43 seconds with sub-$10 Raspberry Pi Pico — key can be sniffed when using an external TPM(www.tomshardware.com)Lee DunatoTechnology@lemmy.worldEnglish·8 months agomessage-square71fedilink
minus-squarexradeonEnglisharrow-up1arrow-down0·8 months agolinkfedilinkWhat do you mean by that? Generate a new private/public key pair every time you setup a new TPM? Or when you boot the system or something?
minus-squareLojcsEnglisharrow-up1arrow-down0·8 months agoedit-28 months agolinkfedilinkOn each connection. Or boot. Whenever you need Edit: to be clear, this would still be vulnerable to mitm attacks without a user entered password on top but at least you can’t just read the secrets from the bus. E2: And having a password wouldn’t be fully secure without such a scheme neither
What do you mean by that? Generate a new private/public key pair every time you setup a new TPM? Or when you boot the system or something?
On each connection. Or boot. Whenever you need
Edit: to be clear, this would still be vulnerable to mitm attacks without a user entered password on top but at least you can’t just read the secrets from the bus. E2: And having a password wouldn’t be fully secure without such a scheme neither