What is TPM (Trusted Platform Module)?

-

TPM 2.0

What is TPM (Trusted Platform Module)?

TPM stand for Trusted Platform Module. It is a discrete or firmware chip in modern computers that provides hardware-based security to generate, store and protect encryption keys. TPM is also known as ISO/IEC 11889.

TPM generally installed on a motherboard of a computer that communicates with the entire system through a hardware bus. TPM cannot control the SOFTWARE that is running on a system.

TPM is available in two versions: 1.2 and 2.0. The latter is the more suitable system, and that is the type of TPM processor required for Windows 11.

What does a TPM do?

TPM is a microcontroller chip that guards the platform (PC or Laptop) against intruder attacks through securing artefacts and authenticates the platform in case of intrusion with these available artefacts. 

These artefacts can be in the form of passwords, certificates, or encryption keys.

Basically, this chip does the function of authentication and attestation to ensure safer computing in all environments.

TPM Chip contains an RSA key pair called Endorsement key. The pair is maintained inside the chip and cannot be accessed by any software. The storage root key is generated when some take ownership of the platform. A second key called the attestation identity key safeguards the platform from unauthorized attacks. 

RSA is a public-key encryption method that is extensively used to secure sensitive data, particularly when it is transmitted across an insecure network such as the internet. RSA stands for Rivest Shamir Adleman Encryption.

Why you need TPM for Windows? 

First Reason:

TPM checks the integrity of the operating system before it is loaded. This ensures that your system's Operating System is not compromised by malware or rootkits.

A rootkit is a sort of malware that is made to dwell in your operating system undetected. It frequently loads into your operating system during boot time and infects the bootloader or kernel. This allows a hacker to obtain unexpected access to your machine. 

Second Reason:

TPM is derived from a chip on your motherboard. It is a dedicated CPU that performs hardware encryption, allowing users to sign in with Windows Hello and use BitLocker.

As this chip is also utilized by the Windows Hello program and protecting biometric data captured by this program is indeed a potential risk. Storing such information on your computer is a threat within itself. In the lacking of dedicated encryption hardware, such data is most likely to be hacked and dedicated encryption firmware is much more difficult to crack than software methods.

In computing, firmware is a sort of computer software that provides low-level control over the hardware of a device. Firmware, such as a personal computer's BIOS, may simply include the most basic operations of a device and may only provide services to higher-level software.

How many types of TPM are there?

There are mainly two types of TPM – one is discrete dTPM & another is Firmware fTPM. 

(There are three more types of TPM but they are out of scope right now.)

Discrete TPM: dTPM is a dedicated chip that implements TPM capabilities in its own tamper-resistant semiconductor packaging.

Firmware TPM: This type of TMP is a firmware (UEFI) based solution that runs in the ambit of CPU.

TPM is implemented in system firmware using the Intel Platform Trust Technology (PTT) and AMD Platform Security Processor (AMD PSP fTPM). PTT & AMD CPU fTPM enables low cost and lower power devices to support the same root of trust concepts enabled by hardware-based TPM. In other words, Intel and AMD both have already implemented this technology in their many CPU after 2013.

It is managed through UEFI BIOS only.

Does My PC Already Have TPM 2.0? 

Method-1

  • Run the following command to see if your computer has a TPM 2.0 chip.
  • Press Window Icon + R key together 
  • Then type “tpm.msc”
  • It will display the status of TPM in your system.

Method-2

  • Press Windows Key + X, Now Select Device Manager from the Menu 
  • Click Security Devices 
  • If it shows Trusted Platform Module 2.0
  • Then your system is TPM ready.

In most of the computers, this facility remains off and if you find the negative result on both the way then you have to make it on in the BIOS / UEFI settings.

How to Enter the BIOS on a Windows 10 PC to turn on TPM?

If you want to get into BIOS, hold down the shift key while clicking on shutdown in the power icon options. This will disable Windows 10 fast startup and force the computer to turn off completely.

Now to enter the BIOS on a Windows PC, press the BIOS Key (DEL, F1, F2, F10, or F12) as specified by the motherboard manufacturer during the start of the system.

******
Location: India

Comments

Post a Comment

Popular posts from this blog

WHAT SIDE OF THE PAPER DOES THE PRINTER PRINT ON ?

-
Image
It is a common practice by all of us to forget the orientation of the paper in case of printing over a Letter Head or pre-printed paper.  Printer Paper Orientation  This way in order to save the paper, we furthermore generate the waste. Besides this, many times we print the document on assumption and again waste the paper, ink, time & energy. Surely, we can utilize the one-sided paper for the draft printing of documents.   But lack of knowledge about printers leads us to repeat this mistake again and again and unintentionally generate lots of waste. But we can save the papers, ink, and our precious time too if we keep one thing in mind and then print the documents i.e  understand the following icons :  How to place the printed paper on the Printer? The icon embossed over the paper tray tells us about the orientation of the paper quite clearly.  But, we simply ignore it and print it without knowing its worth. Generally, in haste or stress, we often forget about the proper placement
Read more

Metaverse a Virtual Universe Parallel to Real Universe

-
Image
Metaverse is a new word that is made up of a combination of two words “Meta” and “Universe”, where Meta means beyond and “Verse” refers to Universe.  This term first debuted in Neal Stephenson's 1992 novel "Snow Crash," in which the protagonist, a pizza delivery man, hangs out in an online virtual fantasy world. WHEREAS "Ready Player One," a novel set in the Oasis Metaverse, updated the concept in 2011. There are many movies based on this concept that elaborately show the function of the Metaverse and give an idea of that too like Ready Player One and Avatar etc.  What is Metaverse? I t is a virtual 3D world created for interaction, doing business, and forging social connections using immersive, interactive, and collaborative technology in the field of the Internet. This is the world in which peoples interacts with each other through their respective Avatars using the metaphor of the real world but without its physical limits. Immersive technology is an integrat
Read more

What is Operating System Maya?

-
Image
The Maya operating system has been developed in India. It is based on UBUNTU," a popular Linux system that employs free and open-source technologies. The Indian Ministry of Defence has taken this endeavour to secure its computer systems against unforeseen, vulnerable Cyberattacks that may cause minor to severe disruptions to our internal systems. It was designed with an easy and error-free transition from Windows OS to Maya OS in mind. Its interface and functionalities are quite similar to those of the Windows system, thus switching from Windows to Maya would be seamless. Maya OS also has a feature called Chakravyuh, which is end-point anti-malware and antivirus software that prevents system hacking.  As the name implies, it might be a multi-layer system that protects the system from digital threats. Its development began in 2021, following a series of cyberattacks on India's crucial information and military systems.  India recognises the importance of developing a robust ope
Read more