gpg and TPM
Raja Saha
raja at rsdisk.com
Fri May 14 08:46:44 CEST 2021
Hi,
I was reading about Debian UEFI and secure boot. If tpm isn't secured
at boot, will that make tpm less secure than key pair where user puts a
strong password?
Thanks.
On Thu, 2021-05-13 at 22:03 +0100, Damien Goutte-Gattat via Gnupg-users
wrote:
> On Tue, May 11, 2021 at 02:03:21PM +0000, mailinglisten at posteo.de
> wrote:
> > I´m not that familiar with the TPM in general
>
> Me neither.
>
>
> > is the TPM owner (and SRK) password safe against brute force
> > attacks?
> > Or do you need a complex password for the TPM?
>
> My understanding is that the TPM offers the *possibility* to protect
> against brute force attacks (through the “dictionary attack lockout
> reset” mechanism), but I am not sure whether that protection is
> enabled
> by default or if the tpm2daemon (the new component within GnuPG in
> charge of using the TPM) makes use of it.
>
> Until I know more, I use with my TPM stronger PINs than what I
> normally
> use with my OpenPGP tokens, just in case. :)
>
> - Damien
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
More information about the Gnupg-users
mailing list