![]() ![]() The user must provide the entropy, the TPM-protected key, and the TPM that generated that key in order to successfully access the private key. For that matter, the Windows client does not have a copy of the current PIN either. The server does not have a copy of the PIN. With Windows Hello for Business, the PIN is user-provided entropy used to load the private key in the Trusted Platform Module (TPM). With passwords, there's a server that has some representation of the password. When using Windows Hello for Business, the PIN is not a symmetric key, whereas the password is a symmetric key.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |