[tpm2] Is the tpm2_create command safe against sniffing attacks?

[tpm2] Is the tpm2_create command safe against sniffing attacks?

[Joseph Lee]

[-- Attachment #1: Type: text/plain, Size: 75 bytes --]

Hello,

https://tpm2-software.github.io/2020/04/13/Disk-Encryption.html

[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 1120 bytes --]

[tpm2] Is the tpm2_create command safe against sniffing attacks?

[Joseph Lee]

[-- Attachment #1: Type: text/plain, Size: 988 bytes --]

Hello,

https://pulsesecurity.co.nz/articles/TPM-sniffing
In this article, can see that communication with the TPM is vulnerable 
to sniffing if not careful.

https://tpm2-software.github.io/2020/04/13/Disk-Encryption.html
Is the disk encryption described in tpm2-software's blog safe against 
these attacks?

tpm2_createprimary -Q -C o -c prim.ctx
dd if=/dev/urandom bs=1 count=32 status=none | tpm2_create -Q -g sha256 
-u seal.pub -r seal.priv -i- -C prim.ctx
tpm2_load -Q -C prim.ctx -u seal.pub -r seal.priv -n seal.name -c 
seal.ctx
tpm2_evictcontrol -C o -c seal.ctx 0x81010001

My question is:
     1. Is there a tool in linux that can sniff communication with the 
current system's TPM?
     2. How to encrypt communications if the methods described above are 
not secure?
         It seems that encryption is possible through 
tpm2_startauthsession , but I do not know how to apply it to tpm2_create 
 (The -S option simply did not work.)

Thank you.

[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 4276 bytes --]