E.g.: Can I make a better full disc encryption with e.g.: LUKS using the TPM? How?
Asked
Active
Viewed 2,731 times
6
1 Answers
6
With TPMCrypt: https://www.tpmcrypt.org/trac
john
- 11,088
- 2
- 37
- 43
-
Would you please elaborate? Even looking at the link you provided it is not easy to discern what TPM is. – this.josh Jun 08 '11 at 23:03
-
2@this.josh unfortunately I don't have much time at this period to write extended posts, but I've provided a related answer before, here: http://security.stackexchange.com/questions/4008/status-of-trusted-computing-and-remote-attestation-deployment/4013#4013 – john Jun 08 '11 at 23:17
-
1@this.josh, I doubt @john's answer was intended to explain what TPM is - if you want to read the basics, head over to http://en.wikipedia.org/wiki/Trusted_Platform_Module... If @john did put a tutorial in his answer it would have been edited out, anyway ;) – AviD Jun 09 '11 at 21:03
-
@AviD I looked at Wikipedia yesterday, as well as other search results. My understanding is that TPM is an architecture with a trusted hardware anchor. TPMCrypt appears to be an open source Linux based set of utilities and libraries. It references truecrypt but I can't tell if truecrypt is required. I can't tell what hardware it requires, and I assume it needs a trusted hardware anchor. I can't tell if it works with BIOS or EFI/UEFI. The most useful document I found appears to be in German, which I don't know. It looks to be of alpha status, so this seems to be a theoritical solution. – this.josh Jun 09 '11 at 22:40
-
@this.josh, fair enough, and I dont claim to know much about TPMCrypt - I was just referring to TPM, as per your comment... – AviD Jun 09 '11 at 22:50
-
1@AviD You are right. My intent wasn't obvious. I guess I should have asked; What is the relationship of TPMCrypt to TPM, and how does it improved disk encryption over LUKS. – this.josh Jun 09 '11 at 23:00
http://security.stackexchange.com/a/24660/16522
– shpedoikal Nov 28 '12 at 16:48