TPM sniffing attacks and session encryption

Hey people,

I think we should look into session encryption based on ECDH in order to mitigate TPM 2.0 sniffing attacks.
I think go-tpm has no real mutual auth session encryption yet.

https://twitter.com/XMPPwocky/status/1420527243172868097

Any thoughts about it?