In base alle Domande frequenti di VeraCrypt , relative alla presenza o meno di TPM supportati:
No. Those programs use TPM to protect against attacks that require the attacker to have administrator privileges, or physical access to the computer, and the attacker needs you to use the computer after such an access. However, if any of these conditions is met, it is actually impossible to secure the computer (see below) and, therefore, you must stop using it (instead of relying on TPM).
If the attacker has administrator privileges, he can, for example, reset the TPM, capture the content of RAM (containing master keys) or content of files stored on mounted VeraCrypt volumes (decrypted on the fly), which can then be sent to the attacker over the Internet or saved to an unencrypted local drive (from which the attacker might be able to read it later, when he gains physical access to the computer).
Forse ho torto, ma il contenuto della RAM non conterrà mai le chiavi principali, giusto? Il TPM verrà utilizzato come un HSM, pertanto le operazioni di crittografia verranno eseguite all'interno del TPM e non verrà memorizzato nulla sulla chiave nella RAM. Puoi confermarmi?
If the attacker can physically access the computer hardware (and you use it after such an access), he can, for example, attach a malicious component to it (such as a hardware keystroke logger) that will capture the password, the content of RAM (containing master keys) or content of files stored on mounted VeraCrypt volumes (decrypted on the fly), which can then be sent to the attacker over the Internet or saved to an unencrypted local drive (from which the attacker might be able to read it later, when he gains physical access to the computer again).
Non sono sicuro di ciò che chiamano "logger della chiave hardware". È una sorta di analisi elettromagnetiche (DEMA)? In tal caso, TPM è protetto per impostazione predefinita.