What is TPM (Trusted Platform Module)
TPM stands for Trusted Platform Module and is a hardware technology developed to protect the security of the hardware of systems or device. It consists of several keys which are incorporated in the electronic device to protect the security of the device and developed by a company called as Trusted Computing group.
The Trusted Computing Group:
- The trusted computing group is a standard body which creates specifications that is used to design trusted module platform for devices like laptops, personal computers, mobile phones and other devices. These Specifications should be fulfilled to meet the requirements of any device.
- Trusted computing group is an international group which comprises of 140 companies.
- Once the specifications imposed by the trusted computing group are met they are ready for usage.
These devices are implemented by various vendors. The main advantages of trusted platform module are its low cost. They are included in electronic systems like laptops or personal computers for trusted usage. It is mainly used for prevention of unauthorized access to a notebook computer. It works with supporting software and firmware. The TPM comprises of a hardware engine to perform encryption or decryption up to 2048-bit.
It is used to store information like passwords, email address, and other secured details. It can be used in mobile phones or laptops other than PCs and it has capabilities like remote attestation and storage seals.
Components of Trusted Platform Module:
According to TPM, information in the device are protected by any outward authentication of any software. A variety of applications is used to protect the system from external software links. Processes that need to maintain secrets like passwords, digital signing, bank details, and any other important sources are protected by authentication of external software links. However, it cannot be used to protect from internal software.
Trusted platform module Keys:
- TPM hardware is made up of two keys called as Endorsement keys. These Endorsement keys are important to maintain the security of the device. External software links will not be able to access the information because these keys are placed inside the chip.
- The two keys of the Trusted Platform are
- The storage root key
- When a person gets a new device, the storage Root key is created. It is created by the Trusted Module Platform keys and password created by the user.
- The storage root key
- Attestation Identity Key
- This is the other pair of the key which protects the system from the external software or any other links to endanger the security of the device.
Trusted Module software which can be made of these keys are used with all types of operating systems. Various security technologies use this hardware. For example:
- Business Smart cards
- Antivirus software.
- Platform Integrity:
- It ensures the integrity of any platforms like a computer. It forms trust and the trust is entitled till the OS is working and till all applications are successfully running.
- Disk encryption
- Many applications in windows like Secure-Doc, BitLocker Drive Encryption are using this technology for trusted security and it provides integrity by protecting the keys encrypted on a computer’s hard disk. A number of the third party also supports TPM.
- Password protection
- This technology protects the passwords by denying access to the keys and requires authentication by asking the password. A protected mechanism which denies authentication by guessing or automated password generation.
- It is used for digital rights management, protection and enforcement of software licenses and any prevention of forgery.
- It is also used to secure email, secure documentations.
Areas of Usage:
The trusted security provided by this technology can be used in various areas of computing like
- Online Banking
- E- commerce
- Government applications
- Confidential communications of government or companies
- Various other sectors where confidentiality is a requirement.
Trusted Module Platform Hardware:
Most of the laptops from 2006 uses this technology of trusted platform module. The chips and the microcontrollers are manufactured by companies like Atmel, Broadcom, Infineon, and Intel. ITE, Nuvoton, Toshiba.
Examples include Intel’s Trusted Hardware
Versions of TPM:
There are two versions of trusted platform module. They are
- TPM 1.2
Both TPM1.2 and TPM 2 offers same uses and functionality but only the components are different. TPM1.2 uses cryptographic algorithms like RSA, SHA1, and HMAC.
- It is used in many well-known companies like Wipro, Samsung, IBM, Acer, Sony, Super Micro, Toshiba all uses this technology in their devices to protect the system from external software links
- Microsoft operating systems use this technology from Windows Vista and in others.
- Google uses in Google Chrome books.
- Apple started using Trusted Platform Module from 2006
- Other companies which use trusted platform technology are Infineon, Oracle, Private core, Wave Systems, VMware.
- It cannot be used in an academic circle because there are many questions pertaining to its security.
- Trusted platform module cannot be used to control the attack of internal software in a device.
- A user cannot decide what software to be run, it’s only the manufacturer who decides the software running so the user is completely unaware of the situations.
According to Market survey, about 100 million products are sold from 2007 incorporating this technology
So, Trusted Platform Module is a technology used to protect the security of the hardware by preventing any illegal authentication of other external software links. With the help of this TPM, we can securely store our confidential information, passwords, email and digital signing.