Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Tpm2-totp Alternatives
Similar projects and alternatives to tpm2-totp
-
keepassxc
KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
ios-application
A native, lightweight and secure one-time-password (OTP) client built for iOS; Raivo OTP!
-
heads
A minimal Linux that runs as a coreboot or LinuxBoot ROM payload to provide a secure, flexible boot environment for laptops, workstations and servers.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
google-authenticator
Discontinued Open source version of Google Authenticator (except the Android app)
-
safeboot
Scripts to slightly improve the security of the Linux boot process with UEFI Secure Boot and TPM support
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
tpm2-totp reviews and mentions
-
TOTP tokens on my wrist with the smartest dumb watch
You need a TPM 2.0 compatible CPU, but something like this sounds really excellent: https://github.com/tpm2-software/tpm2-totp
This means your laptop itself would be your hardware device, the TOTP secret would be stored in the TPM and theoretically impossible to steal/copy. Of course this means you will probably want a mobile device (possibly a second laptop also) as a backup.)
- Can you detect tampering in /boot without SecureBoot on Linux?
-
Authenticated Boot and Disk Encryption on Linux
>But okay, you may extend my attack by saying that you exchange the motherboard between the victim and the attacker laptop, so that you don't need to replicate the chassis.
Modern computers has tamper detection and if you open them you'll need to type the BIOS password.
However, replacing the motherboard is going to replace the TPM. This is easily detectable with something like tpm2_totp in the bootchain.
https://github.com/tpm2-software/tpm2-totp
- Attest computer secure boot state to phone via time-based OTP and TPM
-
Does the TPM boost secure boot security?
You could also use TOTP for a kind of remote attestation (e.g., with your phone computing TOTP). In this setup, the CPU sends the timestamp to the TPM, and it returns the TOTP value. So instead of you looking at your phone to give the TOTP to a service provider to prove that you're in possession of your phone, the computer gives you a TOTP value to prove that it's in possession (inside the TPM, sealed to the boot chain hashes) of the TOTP secret, and you use your phone to verify this. A possible weakness (short of a full-blown TPM compromise) would be to send a bunch of forged timestamps to the TPM while your computer is running and store the resulting TOTP values, then tamper with Secure Boot and emit the precomputed TOTP corresponding to the current timestamp whenever you boot up your computer. But this would require running malicious code on your compute while you're logged in with the trusted boot chain.
-
A note from our sponsor - InfluxDB
www.influxdata.com | 2 May 2024
Stats
tpm2-software/tpm2-totp is an open source project licensed under BSD 3-clause "New" or "Revised" License which is an OSI approved license.
The primary programming language of tpm2-totp is C.
Sponsored