Lee Duna@lemmy.nz to Technology@lemmy.worldEnglish · 10 months agoBitLocker encryption broken in less than 43 seconds with sub-$10 Raspberry Pi Pico — key can be sniffed when using an external TPMwww.tomshardware.comexternal-linkmessage-square71fedilinkarrow-up1760cross-posted to: hackernews@lemmy.smeargle.fans
arrow-up1760external-linkBitLocker encryption broken in less than 43 seconds with sub-$10 Raspberry Pi Pico — key can be sniffed when using an external TPMwww.tomshardware.comLee Duna@lemmy.nz to Technology@lemmy.worldEnglish · 10 months agomessage-square71fedilinkcross-posted to: hackernews@lemmy.smeargle.fans
minus-squareLojcs@lemm.eelinkfedilinkEnglisharrow-up1·10 months agoJust generate one anew. You don’t need to use the same one each time
minus-squarexradeon@lemmy.onelinkfedilinkEnglisharrow-up1·9 months agoWhat do you mean by that? Generate a new private/public key pair every time you setup a new TPM? Or when you boot the system or something?
minus-squareLojcs@lemm.eelinkfedilinkEnglisharrow-up1·edit-29 months agoOn each connection. Or boot. Whenever you need Edit: to be clear, this would still be vulnerable to mitm attacks without a user entered password on top but at least you can’t just read the secrets from the bus. E2: And having a password wouldn’t be fully secure without such a scheme neither
Just generate one anew. You don’t need to use the same one each time
What do you mean by that? Generate a new private/public key pair every time you setup a new TPM? Or when you boot the system or something?
On each connection. Or boot. Whenever you need
Edit: to be clear, this would still be vulnerable to mitm attacks without a user entered password on top but at least you can’t just read the secrets from the bus. E2: And having a password wouldn’t be fully secure without such a scheme neither