• @[email protected]
    link
    fedilink
    English
    1811 months ago

    Because the CPU has to decrypt the bulk of the data coming from the disc. And it needs a key to do that. Unless we route all traffic through the TPM to decrypt the disc. The CPU needs a key to do that

    • @[email protected]
      link
      fedilink
      English
      411 months ago

      Surely some smart key exchange algorithm could be used for that, e.g. the CPU provides a public key to the TPM and the TPM encrypts the symmetric disk key with that public key. Similar to how TLS works.