Jump to content

Talk:Trusted Platform Module

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia

Reorganize the availability section

[edit]

I'd like to reorganize the availability section, which is titled TPM is implemented by several vendors: into sections on the TPM itself, platforms, software support, virtualization.

Is that OK? — Preceding unsigned comment added by Kgold1 (talkcontribs) 17:55, 2021 June 17 (UTC)

Restriction law section

[edit]

The restriction law section states that Chinese and Russian laws restrict TPM access and then link to an article that speculates the reason that Windows 11 has optional flags to remove the TPM requirement is due to these laws.

However, the following press release shows that China and Russia both approved of TPM 2.0 -- https://trustedcomputinggroup.org/trusted-computing-group-tpm-2-0-library-specification-approved-isoiec-international-standard-date-published-june-29-2015/

I can also confirm that desktops that have been purchased in China have TPMs in them. — Preceding unsigned comment added by 59.148.176.172 (talk) 08:04, 2021 July 21 (UTC)

Needs reference for edit on Chinese algorithms.

[edit]

A recent edit says (in the past). This needs a citation. — Preceding unsigned comment added by Kgold1 (talkcontribs) 21:11, 2021 August 13 (UTC)

Attacks

[edit]

I've read somewhere that Win11 with disk encryption with TPM can be decrypted using a oscilloscope (if you can get between the chip and the CPU). 89.67.244.199 (talk) 19:49, 20 December 2023 (UTC)[reply]

Link to source? –Novem Linguae (talk) 22:08, 20 December 2023 (UTC)[reply]


Here's something Microsoft's Bitlocker & TPM encryption combo defeated with a $10 Raspberry Pi and a bit of braininess | PC Gamer[1]

Wolf1098 (talk) 04:22, 12 February 2024 (UTC)[reply]

For those who aren't inclined to read the article, the essence of the flaw is that any encryption/decryption engine has to be initialized with cryptographic keys that can be intercepted and used to decrypt the data. A well designed hardware implementation requires physical access to intercept the keys. In the example a raspberry pi was modified to allow it to connect to the target PC's cryptographic engine chip so that it could intercept the cryptographic keys when they were loaded. Once the keys were intercepted the laptop's SSD could be removed and decrypted on another computing platform and then replaced without detectably altering the laptop. PolychromePlatypus (talk) 20:49, 5 May 2024 (UTC)[reply]
Yes, there are much better chips today, and they handle the operations that involve secrets, so briefly, private keys or symmetric keys. And the key never leaves the chip or the HSM. I work in this area... And Microsoft has Pluton and Azure Sphere, Samsung Knox... but people freak out and cannot understand, given the false information that is everywhere, Wikipedia and technology, a good example of history being rewritten... So why would they need a security chip? not that their phones or gaming consoles have one for a long time... 2A02:2788:10C4:5E:3527:ADD1:42B6:B2C9 (talk) 00:58, 22 December 2024 (UTC)[reply]

References

  1. ^ Laird, Jeremy (9 February 2024). "Microsoft's Bitlocker & TPM encryption combo defeated with a $10 Raspberry Pi and a bit of braininess". Retrieved 11 February 2024.{{cite web}}: CS1 maint: url-status (link)