Bypassing disk encryption on systems with automatic TPM2 unlock
(oddlama.org)
from tedu@inks.tedunangst.com to inks@inks.tedunangst.com on 17 Jan 16:26
https://inks.tedunangst.com/l/5169
from tedu@inks.tedunangst.com to inks@inks.tedunangst.com on 17 Jan 16:26
https://inks.tedunangst.com/l/5169
Have you setup automatic disk unlocking with TPM2 and systemd-cryptenroll or clevis? Then chances are high that your disk can be decrypted by an attacker who just has brief physical access to your machine - with some preparation, 10 minutes will suffice. In this article we will explore how TPM2 based disk decryption works, and understand why many setups are vulnerable to a kind of filesystem confusion attack. We will follow along by exploiting two different real systems (Fedora + clevis, NixOS + systemd-cryptenroll).
threaded - newest