From SPI Sniffing to Keys: Extracting Clevis/BitLocker Secrets from TPM Traffic #HardwareHacking
Mateusz Lewczak
In September 2024, a real-world penetration test was conducted to assess the security of a laptop using LUKS disk encryption on Linux, with Clevis facilitating automatic disk unlocking. The tested device relied on a TPM (Trusted Platform Module) to secure the decryption key used by Clevis. The focus of the test was to explore potential vulnerabilities to SPI Sniffing attacks.
READ article
