> We can't use the TPM because there's no secure communications channel between the fingerprint reader and the TPM, so we can't configure the TPM to release secrets only if an associated fingerprint is provided.
Is there no privative in fingerprint readers to sign a blob only when a valid fingerprint is provided? If so you could do something like:
1) Gnome tells the TPM to start an unlock action 2) TPM generates a nonce which includes time, returns it so Gnome 3) OS sends this off to fingerprint reader 4) OS prompts the user to touch their fingerprint 5) Fingerprint matches, reader signs the nonce, returns it to OS 6) OS returns it to TPM 7) TPM verifies signature, ensures time is within acceptable window, returns secret
Power management, mobile and firmware developer on Linux. Security developer at Aurora. Ex-biologist. mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer. Also on Mastodon.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
no subject
Date: 2023-12-10 04:19 pm (UTC)Is there no privative in fingerprint readers to sign a blob only when a valid fingerprint is provided? If so you could do something like:
1) Gnome tells the TPM to start an unlock action
2) TPM generates a nonce which includes time, returns it so Gnome
3) OS sends this off to fingerprint reader
4) OS prompts the user to touch their fingerprint
5) Fingerprint matches, reader signs the nonce, returns it to OS
6) OS returns it to TPM
7) TPM verifies signature, ensures time is within acceptable window, returns secret