Trusted Platform

Module
(TPM)
What is TPM?
The TPM is a tamper-resistant security chip
that stores keys, passwords and digital
certificates.
It typically is soldered to the motherboard
of a PC, but can be used in any computing
device that requires these functions.
The nature of this silicon ensures that the
information stored there is made more
secure from external software attack and
physical theft.
How did everything started?
On October 11, 1999, the Trusted Computing Platform Alliance (TCPA), a consortium
of various technology companies including Compaq, Hewlett-Packard, IBM, Intel, and
Microsoft, was formed in an effort to promote trust and security in the personal
computing platform.
Later on, in 2001, the TCPA announced the release of version 1.0 of its Trusted
Computing Platform Specifications.
In 2003 the Trusted Computing
Group was announced as the
successor to the Trusted Computing
Platform Alliance. TGC is a non-profit
industry consortium, which develops
hardware and software standards.
Why Hardware Security?
Software security: software protects software
Vulnerable to attacks
Is the antivirus/hardware untouched?
Easy infiltration
Fast spread
Hardware security: hardware protects software
Attacks need physical access
Software infiltration is much more difficult
Trusted Platform Module
Architecture
Provided facilities
Secure generation of cryptographic keys, in addition to a
random number generator.
Platform integrity
Disk encryption
Authentication
Platform integrity
The primary scope of a TPM (in combination with other TCG implementations)
is to assure the integrity of a platform. In this context "integrity" means
behave as intended.
Together with UEFI, TPM forms a "root of trust": TPM contains several PCRs
(Platform Configuration Registers) that allow a secure storage and reporting
of security relevant metrics. These metrics can be used to detect changes to
previous configurations and derive decisions how to proceed.
Therefore, the BIOS and the operating system have the primary responsibility
to utilize TPM in order to assure platform integrity. Only then can applications
and users running on that platform rely on its security characteristics.
Disk encryption
Full disk encryptionapplications, such as BitLocker Drive Encryptionin some
versions ofMicrosoft Windows, can use this technology to protect the keys
used to encrypt the computer's hard disks.
A number of third-party full-disk encryption products also support TPM.
Prevents thieves from using another OS or software hacking tool to break OS
file and system protections.
Prevents offline viewing of user data and OS files.
Authentication
Software can use a Trusted Platform Module to authenticate hardware
devices. Since each TPM chip has a unique and secretRSAkey burned in as it
is produced, it is capable of performing platformauthentication.
Password protection
Access to keys, data or systems is often protected and requires
authentication by presenting apassword.
If the authentication mechanism is implemented in software only, the access
typically is prone to "dictionary attacks". Since TPM is implemented in a
dedicated hardware module, a dictionary attack prevention mechanism was
built in, which effectively protects against guessing or automated dictionary
attacks, while still allowing the user a sufficient and reasonable number of
tries.
With this hardware based dictionary attack prevention, the user can opt for
shorter or weaker passwords which are more memorable. Without this level
of protection, only passwords with high complexity would provide sufficient
protection.
Conclusion
TPM is a tamper-resistant security chip that can be used for:

-Machine authentication

-Machine attestation

-Data protection
-Key generation.
Questions?