Ariel, My knowledge of TPMs is not as deep as it could be, but I'm curious about something.
In theory, it sounds like if the entire hard disk was wiped out and reinstalled with a new OS, software on the new OS should still be able to use the SRK with the proper authorization (because the TPM is not associated with the software on the hard-disk, and the authorization is, typically, provided by the human user in such environments). However, the Java library I'm used to, creates certain objects on the file-system after a TPM initialization, and these objects are needed by the library to access the SRK. I know there are no secrets in those objects. But, I've never tried to access an SRK after re-installing a new OS on the hard-disk (I will most likely test this in the next week or two). But, I'm curious: have you - or anyone else - successfully accessed an SRK to decrypt a storage-key even after re-installing an OS (as long as the TPM was NOT reinitialized in the re-installation of the OS)? TIA. Arshad Noor StrongAuth, Inc. On 8/30/2011 4:09 PM, Segall, Ariel E wrote: > Alternately, if the "new tpm" you created is actually a new TPM encryption > key, not a complete reset of the TPM, it is possible-- depending on how > Win7 encryption works, and I have never worked with it myself-- that what > you have is two separate TPM storage keys, only one of which Windows knows > how to use internally for decryption. > > If this is the case, you should be able to create a program that will load > your old key into the TPM. I would guess that what this key actually is > used for is decrypting a bulk encryption key, because the TPM is very > slow, but you would need to consult a Windows expert to determine what the > actual decryption mechanism is and thus how to use it to decrypt your > data. In Windows 7, you may to need to use the Trusted Base Services > rather that TrouSerS if you want to test this theory (the only Windows 7 > version of TrouSerS or, in fact, the TSS that I know of is a beta version > put out by a research group in Italy). Directions for how to do this are > overly long for a hypothetical e-mail, but the short form is that you'll > want to look for the "LoadKey" command and see if you can successfully use > it with your old key. > > Ariel > > On 8/30/11 4:35 PM, "Arshad Noor"<[email protected]> wrote: > >> I have never used the TPM on Windows, Keith - I tend to use it primarily >> with Java applications - but, if I understand what I think you did from >> your description, you've re-initialized your TPM chip, thereby erasing >> and over-writing the (Storage Root) key that could have decrypted the >> key(s) that encrypted your files. >> >> I'm sorry to be the bearer of bad news, but I would recommend contacting >> Microsoft to see if their process of initializing the TPM, perhaps, >> escrowed your storage key(s) by migrating it under a public key from >> some Microsoft Migration Authority or something equivalent. Its a long >> shot, but perhaps, its worth pursuing. >> >> Good luck. >> >> Arshad Noor >> StrongAuth, Inc. >> >> On 8/29/2011 3:08 PM, Keith J. wrote: >>> /*I recently backed up over ten years of hard drive space onto another >>> hard drive. 90% of my info I had encrypted using tpm via windows 7. I >>> did a clean install of win 7. I then created a new tpm for my new >>> files. >>> >>> Here is my problem. On my external hard drive where I placed my back up >>> files, they were all encrypted via tpm. I cannot get any file to open. >>> I even have the encryption tpm key on the drive that I "forgot" to >>> decrypt prior to backing up my files. Now, all ten years of info cannot >>> be accessed. I am starring at the tpm key yet because it is encrypted I >>> have not found a solution or work around. I need some assistance or a >>> direction to the right "people" that can help me decrypt this drive that >>> has win 7 tpm encryption. >>> >>> >>> *//*Love& Peace...Always,*/ >>> /*Keith J.*/ >> >> -------------------------------------------------------------------------- >> ---- >> Special Offer -- Download ArcSight Logger for FREE! >> Finally, a world-class log management solution at an even better >> price-free! And you'll get a free "Love Thy Logs" t-shirt when you >> download Logger. Secure your free ArcSight Logger TODAY! >> http://p.sf.net/sfu/arcsisghtdev2dev >> _______________________________________________ >> TrouSerS-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/trousers-users > ------------------------------------------------------------------------------ Special Offer -- Download ArcSight Logger for FREE! Finally, a world-class log management solution at an even better price-free! And you'll get a free "Love Thy Logs" t-shirt when you download Logger. Secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsisghtdev2dev _______________________________________________ TrouSerS-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-users
