From: Olga C. <ol...@gm...> - 2011-08-31 13:35:43
|
> > But, I'm curious: have you - or anyone else - successfully accessed an > SRK to decrypt a storage-key even after re-installing an OS (as long as > the TPM was NOT reinitialized in the re-installation of the OS)? TIA. > > Someone please correct me if I am wrong, but as far as I can tell, the TPM only stores EK, SRK, and (maybe) some owner-evict keys inside. The rest are stored encrypted on the hard drive. If the OS is completely re-installed, wouldn't that wipe out the disk area that the TPM is using the its key storage? I couldn't find anywhere any indication that the TPM is using some sort of "hidden" disk partition for its key storage that is not affected by the OS. So I would think that after re-installing the OS, the on-disk key storage would go away. Can anyone confirm that this is actually true? |