> a disk encryption key is a shared secret and commonly stored in a TPM.
Thinking some more about this, you're right. If the stored shared secret is high entropy, and the user might choose a weak password, then using the TPM as a defense against password cracking is a useful reason for the seeming indirection.
That assumes the TPM can e.g. rate limit extraction attempts and not be foiled by power-loss or sped up oscillators or similar externalities.
Thinking some more about this, you're right. If the stored shared secret is high entropy, and the user might choose a weak password, then using the TPM as a defense against password cracking is a useful reason for the seeming indirection.
That assumes the TPM can e.g. rate limit extraction attempts and not be foiled by power-loss or sped up oscillators or similar externalities.