linux – How safe is dm-crypt/LUKS? Would TPM make me more secure in this case?

I’ve been looking to purchase a new laptop and I need to have security in mind. I’ve specifically been looking for laptops with discrete or integrated TPM because it’s been my understanding that TPM would improve disk encryption security, but after doing some more research I’ve heard a lot of sources saying that it doesn’t really make a difference and some go so far as to suggest TPM has unpatched vulnerabilities and may even be backdoored by intelligence agencies such as the NSA.

For someone such as myself who is becoming more active in activism and investigative journalism, should I bother with TPM? And how safe is dm-crypt/LUKS? I currently use Linux Mint which I believe uses LUKS by default for disk encryption and I’m wondering how vulnerable it is to attackers with physical access to my laptop.

(P.S I’ve heard of Qubes but at the moment I’m unable to use it. In my case I’ll be using Linux Mint + AppArmor and sometimes Whonix when appropriate.)

Why doesn’t the PIN become part of the encryption key in bitlocker with TPM?

TPM is a fantastic addition to motherboards. But I have read some bitlocker papers and they tell me that if you choose TPM + PIN protection, then the PIN does not become part of the key, it is simply used by the chip as an additional security measure. When I understood this thing, I got stunned, because it doesn’t make sense to me, it would have been much safer and much easier to implement, to use the PIN as part of the key or to encrypt the key saved in the TPM with the hash of the PIN. In fact, since the TPM is only a physical solution, attacks have been made against it and the fact that it is protected by a PIN or not, if the chip is broken, for example, with a good electron microscope, is irrelevant. While with the implementation I said before, which is apparently the most logical (correct me if I’m wrong), there is a protection based on mathematics plus TPM helps for keyloggers and rootkits. I understand that normally the TPM + PIN is used for enemies like thieves etc … where it is more than enough. But as I said before, nothing would change for the end user, it would be easier to implement, and safer, therefore also suitable for other purposes. So why was this choice made?

Are there alternatives to bitlocker that use the method described by me? I have seen that LUKS and veracrypt still have very limited support for the chip, therefore still far from using the PIN at the same time.

tpm – What kind of “actions” can a TPM2 policy authorize?

I’ve been instructed to use the state of our system’s TPM’s PCR registers to prevent the system we’re working on from booting if one of the PCR registers is different from what we expect. In service of that goal, I’m reading over this article: https://threat.tevora.com/secure-boot-tpm-2/

there is a paragraph near the middle that reads:

TPM2 has the ability to create policies based off of PCRs: If the PCR contents do not match expectations, the policy will not authorize the action.

What kind of actions are they talking about here? And what would be the immediate ramifications if the action was not authorized?


Some background:
Before today, I was under the impression that the principle trick of the TPM was to encrypt or decrypt data using a key that the TPM holds securely. Now this article suggests that the TPM can also (two different functions) encrypt or decrypt data based on the current state of its’ PCR registers… this seems similar enough to my previous understanding that I can believe it.

If my understanding is correct, I can see how this would be useful to our project’s goals; encrypt a blob of data that is critical to the success of the boot (say… the kernel*) with the state of the PCR registers while the PCR registers are in a known-trustworthy state (i.e. while known-trustworthy software is loaded). If software that writes different PCR registers replaces the known-trustworthy software, then the kernel blob won’t decrypt properly, and execution “halts”. Presumably there are ways to handle this halting gracefully, like Bitlocker or LUKS; I imagine if I just encrypted executable code and then decrypted it with the wrong key, it would produce gibberish, and the machine would do unexpected things rather than halt gracefully when running that gibberish.

A co-worker has taken the position that there’s a simpler way; that a TPM can permit or refuse an action directly… so, like, it halts the processor or something, I guess? He doesn’t express himself very well, and when I tried to summarize his position he told me I got it wrong, so… I’m deliberately keeping the details of his position scant. Suffice it to say, my understanding of what a TPM does wouldn’t allow for what he describes…

You could interpret the two sentences from the article as supporting his position, or mine, depending on what actions it is possible to ask the TPM to authorize, and what the immediate consequences ramifications of the TPM denying you the authorization to do something. Does anyone here have an opinion?

*…how would I “encrypt the kernel”, exactly? :-p

secure boot – How do we know that the TPM input actually comes from the measured code?

Suppose we use a secure boot and a remote attestation to prove to a server the client software that speaks to it.

What prevents an attacker from doing this:

  • Start a legitimate copy of the client software on machine A.

  • Get a remote attestation challenge from the server using a modified copy on machine B.

  • To send TPM_Quote to machine the TPM of A and return the signature via B.

I understand that if the attacker had code running on machine A, the PCR values ​​would be wrong. But is the code running on machine A really the only way to talk to your TPM? With physical access, can it not put its own signals between the CPU of machine A and the TPM?

Or even simpler, disconnecting it from the card of machine A and sending it arbitrary inputs from its own hardware, simply by imitating or replaying a legitimate boot? How do we know that the measurements given to TPM_Extend are actually the software that sends the messages vs. replay something that i observed with a logic analyzer?

Windows – Does TPM hardware have a TAB / RM component?

Firstly, I don't know if this is the right place to ask this question. If anyone has an idea of ​​the place of this question, tell me.

Recently, I was reading on TPM and TSS (TPM Software Stack). The diagram in this document – TSS TAB and Resource Manager Specification shows the stack structure. To my knowledge, the TCTI and the above batteries are in the library to communicate with TPM; where TAB and the stacks under TAB are in the real TPM or the virtual TPM device. But I don't know if my understanding is correct.

TSS

My question is this: is there a TAB / RM component (or a component with similar responsibility) in a real TPM device? Or do tbs / some modules in OS take this responsibility?

Thank you!

tpm – Is it possible to make a laptop useless for thieves?

I was robbed …

This included my Linux laptop and my corporate laptop. Both are encrypted.
Mine with LVM on LUKS, using a passphrase to unlock the hard drive once the kernel has been booted by UEFI. But secure booting has been disabled on the machine.

The company uses Bitlocker in transparent operating mode. They claim that the computer would not boot if the hardware configuration was changed, and it was an HP laptop, which has special extra security.

However, for thieves with little interest in the data, this is not a big concern. On my configuration, a simple USB key containing would reinstall an OS on the disk and sell the laptop. If I had enabled secure boot and set a password on the BIOS, it could have been more complicated. But not impossible. Regardless of the security layer, simply unplug the CMOS battery long enough to reset the BIOS settings, and all that extra layer is gone.

You would think that the corporate computer is a little bit more secure, but recent problems with a Microsoft fix have shown that in reality a BIO reset is still possible to access the Computer (not necessarily the data).

My new laptop has Secure Boot and a TPM (ASUS UX433 if that matters, but my question is more generic). Is it possible to configure UEFI and TPM so that tampering with the configuration really locks the computer to those who don't have the required (recovery) secret?

(Consider for the question that really complicated manipulations such as desoldering and replacing a whole component are out of reach. The problem here is rather than it is actually simple to reset CMOS. On my desktop, it's even worse: moving a jumper at startup is enough, and it's well documented in the manual!)

tpm – Can a TPM be used as a Trojan?

Battery exchange network

The Stack Exchange network includes 175 question and answer communities, including Stack Overflow, the largest and most reliable online community for developers who want to learn, share knowledge and develop their careers.

Visit Stack Exchange

tpm – Changing the MOK database does not trigger BitLocker recovery

I am using BitLocker with the following PCR validation profile:

    TPM And PIN:
      ID: {XXX-XXX-XXX-XXX-XXX}
      PCR Validation Profile:
        0, 1, 2, 3, 4, 5, 6, 7, 11

However, using HashTool to add or remove machine owner keys from the MOK database does not trigger BitLocker recovery mode.

Do you have any idea what needs to be done to detect changes in the PK / KEK / DB / MOK databases?

Objective of TPM PCR banks # 12, 13 and 14

Microsoft documentation mentions the following registers:

  • PCR 12: highly volatile data events and events
  • PCR 13: Details of the starter module
  • PCR 14: Start-up authorities

Could someone provide more details as to the exact measurements supposed to be stored in these 3?

I tried to search the web, read chapter 12 of "A practical guide to TPM 2.0" and briefly browse the documentation available on the TCG website, but to no avail.

hard disk – Full Disk Encryption with TPM and without password

I would like to have full disk encryption, but rather than asking for a password, it would automatically get the Hardware TPM 2.0 password. This is for a turnkey appliance where we can not ask for a password when we turn on but we have to run our application. We want encryption so that, if someone steals our hard drive, he can not read it / execute it from another system. or read our configuration files.

Any orientation would be appreciated.