Is fTPM more secure than a real TPM module when using Bitlocker? As far as I know, you should enable pre-boot authentication if you use a TPM module that is plugged separately onto the motherboard to prevent possible reading / sniffing of the key from the TPM.
Here and here it is said that it is much more difficult or even impossible to read the key during the boot process when using fTPM, because there is no open connection (bus) between TPM and processor. Thus, in my opinion, one would not need a pre-boot authentication when using fTPM or do I see it wrong?
I am interested in the relatively normal protection of my hard drives and data, for example, if something is stolen or who knows for whatever reason the police is at the door.
Therefore the following would be sufficient to use Bitlocker for such cases:
- Use fTPM (without pre-boot authentication)
- Put PC to hibernate (write RAM to Disk) or complete power off and not into sleep / energy saving mode to prevent reading the key from RAM
This should be safe enough against normal attacks (especially reading / sniffing of the key) or am I wrong? Of course you can cool down the running PC or RAM, etc. massively to be able to read out the data longer, but these are all scenarios that are rather used under laboratory conditions or in really extreme cases (if at all).
As i know without pre-boot authentication the key will be released immediately and with pre-boot authentictaio enbaled the key will be released only when the PIN is entered. So as fTPM implementation is much faster and harder to sniff, i think when using fTPM pre-boot authentication is not really needed or am i wrong?
