Updates Using a TPM with GnuPG 2.3


Level 5
Jul 21, 2017

One of the new features added to GnuPG 2.3 is the ability to use a TPM 2.0 (which comes with all reasonably recent laptops) to protect all the private keys. The way TPMs work is that first you load the key into the TPM and then have the TPM perform signature or decryption operations on the loaded key. The loaded key has been wrapped in a way that only one specific TPM (the one that created the key) can unwrap. This means that the key is secure both at rest and when it’s being used (because the signature or decryption operation is performed inside the TPM not on the actual laptop). Thus an attacker can run off with your private key file but will never be able to recover your secret key, even if they know your passphrase. The disadvantage of using a TPM for your secret keys is that those keys become irrevocably tied to the TPM: once converted to TPM loadable form, they can never be converted back again, so if you lose your TPM (say by upgrading your laptop), you’ve lost access to all your TPM based private keys. The way around this problem is the same as when using a token: keep a backup of the secret key on offline storage which you can use to initialize the new laptop when you buy it. The TPM also has the advantage that a single TPM2 clear operation will flush every key the TPM has ever known about, so there’s an easy way to decommission your old laptop without worrying about destroying the old secret keys.
  • Like
Reactions: venustus and Nevi