Why doesn’t the PIN become part of the encryption key in bitlocker with TPM?
I have read here that if you choose TPM + PIN protection the PIN does not become part of the key, it is simply used by the TPM as an additional security measure. It doesn't make sense to me, it would have been much safer and much easier to implement by encrypting the key stored in the TPM with the hash of the PIN. Since the TPM is only a physical solution, attacks have been made against it and the fact that it is protected by a PIN or not is irrelevant. While with the implementation I said before, which is apparently the most logical (correct me if I'm wrong), there is a protection based on mathematics plus TPM help for keyloggers and rootkits. So why was this choice made?
Are there alternatives to bitlocker that use the method described by me? I have seen that LUKS and veracrypt still have very limited support for the chip, therefore still far from using the PIN at the same time.
