• Phoenixz
    link
    fedilink
    English
    arrow-up
    15
    ·
    10 months ago

    CPU communicates with TPM in plaintext

    Because of course

    • Eufalconimorph@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      7
      ·
      10 months ago

      CPU doesn’t have any secure storage, so it can’t encrypt or authenticate comms to the TPM. The on-CPU fTPMs are the solution, the CPU then has the secure storage.

      • baseless_discourse@mander.xyz
        link
        fedilink
        English
        arrow-up
        2
        ·
        10 months ago

        That make sense, CPU has no place to store private keys, since that is the functionality of TPM…

        Unless there is a firmware solution, which defeats the purpose of a standalone tpm.