Hi Dimi,

Sorry to bother you. By installing the latest version of tpm2-tools, encrypted communication is possible.
Seal/unseal was possible as shown below.

But I have one question. How can I detect if a MITM attack occurs during the seal/unseal process? After establishing a session, is there any way to get the EK certificate of that session?
It seems that the tpm2_getekcertificate command can only get certificates created via the createek command. I'd like to know if the TPM I've made a session with is genuine.

Seal:
> tpm2_createprimary -c prim.ctx
tpm2_startauthsession --hmac-session -c prim.ctx -S sess.ctx
tpm2_create -Q -g sha256 -u seal.pub -r seal.priv -i temp.key -C prim.ctx -S sess.ctx
tpm2_load -Q -C prim.ctx -u seal.pub -r seal.priv -n seal.name -c sealctx
tpm2_evictcontrol -C o -c seal.ctx 0x81010001
tpm2_flushcontext sess.ctx

Unseal:
tpm2_startauthsession --hmac-session -c prim.ctx -S sess.ctx
tpm2_unseal -c seal.ctx -S sess.ctx -o out.key
tpm2_flushcontext sess.ctx

Thanks & Regards,
Joseph

------ Original Message ------
보낸 사람: "Joseph Lee (ZeronsoftN)" <joseph@zeronsoftn.com>
받는 사람: "Dimitar Tomov" <dimi@designfirst.ee>; "tpm2@lists.01.org" <tpm2@lists.01.org>
보낸 날짜: 2021-08-02 오전 6:27:36
제목: [tpm2] Re: Is the tpm2_create command safe against sniffing attacks?

Hi Dimi,

Thank you for your kind answer. Looking at the link you gave, I think I can get more ideas.

I've been trying session encryption via tpm2-tools all weekend.
But I haven't found a way to create an encrypted session in tpm2-tools yet. Maybe tpm2-tools doesn't support encrypted sessions?

If this is clear, I will implement parameter encryption through tpm2-tools with referring to wolfTPM

Thanks & Regards,
Joseph

------ Original Message ------
보낸 사람: "Dimitar Tomov" <dimi@designfirst.ee>
받는 사람: "tpm2@lists.01.org" <tpm2@lists.01.org>; "Joseph Lee (ZeronsoftN)" <joseph@zeronsoftn.com>
보낸 날짜: 2021-08-02 오전 4:33:02
제목: [tpm2] Re: Is the tpm2_create command safe against sniffing attacks?

Hi Joseph,

TPM 2.0 offers Parameter Encryption capability and HMAC sessions as measures against Man-in-the-middle attacks

Examples in wolfTPM demonstrate how to enable Parameter Encryption 

 https://github.com/wolfSSL/wolfTPM/blob/b0a65e44b8a25be88b2f9ff4e35fbf08360e5d01/examples/nvram/store.c#L121 

There is also Keygen , Key import and Key loading examples with Parameter Encryption

https://github.com/wolfSSL/wolfTPM/blob/b0a65e44b8a25be88b2f9ff4e35fbf08360e5d01/examples/nvram/store.c#L121

Last week we discussed the Dolos Group story about a stolen laptop with TPM https://developers.tpm.dev/posts/15883726 

If Parameter Encryption and HMAC session have been used, this story would have developed differently.

Hope this helps.

Dimi
--
Founder of TPM.dev


From: Joseph Lee (ZeronsoftN) <joseph@zeronsoftncom>
Sent: Saturday, July 31, 2021 2:09 AM
To: tpm2@lists.01.org <tpm2@lists.01.org>
Subject: [tpm2] Is the tpm2_create command safe against sniffing attacks?
 
Hello,

In this article, can see that communication with the TPM is vulnerable to sniffing if not careful.

Is the disk encryption described in tpm2-software's blog safe against these attacks?

  1. tpm2_createprimary -Q -C o -c prim.ctx
  2. dd if=/dev/urandom bs=1 count=32 status=none | tpm2_create -Q -g sha256 -u seal.pub -r seal.priv -i- -C prim.ctx
  3. tpm2_load -Q -C prim.ctx -u seal.pub -r seal.priv -n seal.name -c seal.ctx
  4. tpm2_evictcontrol -C o -c seal.ctx 0x81010001

My question is:
    1. Is there a tool in linux that can sniff communication with the current system's TPM?
    2. How to encrypt communications if the methods described above are not secure?
        It seems that encryption is possible through tpm2_startauthsession , but I do not know how to apply it to tpm2_create . (The -S option simply did not work.)

Thank you.