Trusted Platform Module (TPM)

Established: January 1, 2000

Overview

Microsoft has led the architecture and adoption of the TPM since its inception.  Microsoft invented and contributed the attestation, sealing and Platform Configuration Register (PCR) features to the original TPM, and contributed to the overall design.

More recently, Microsoft architected and and edited the TPM2.0 specification.  Many new concepts and features were introduced with TPM2.0, including crypto-agility, easier management, a more flexible authorization model, and better extensibility.  TPM2.0 devices are now available from many vendors, and are incorporated into most business class PCs and many servers.  TPM2.0 is also making increasing inroads into network equipment, mobile and IoT devices.

The TPM2.0 specification is unique in that it is machine readable.  Most of the normative behavioral specification is written in a subset of the C programming language, and the TPM programming interface is defined in machine-readable tables.  This allows vendors to quickly build high-quality and interoperable TPM implementations.

The TPM is an evolving standard:  Individuals, organizations and governments that would like to participate in its growth should join the Trusted Computing Group (TCG.)  TCG has many TPM-related standards activities, including specifications that describe how TPMs are built into platforms, standardized software-stacks for building TPM applications, as well as protocol design and digital certificate profiles.

The TPM is both an industry and international standard (ISO/IEC) specification with wide international support.

TPM in a Nutshell

The TPM is a low-cost, but powerful and flexible, crypto-processor.  A TPM does many of the things that a smart-card or hardware security module (HSM) does – for example, it is able to create, manage and use cryptographic keys, as well as store confidential data.  But a TPM is intimately tied into how a computer boots and runs, which means it is far more powerful and useful than a simple “smart-card on the motherboard.”

For example, platforms that incorporate TPMs “measure” and log the software that boots on the device.  The resulting boot-log can be used to verify that devices are running known-software and are up-to-date using a TPM feature called quoting or attestation.  The boot-log can also be used to protect keys for disk encryption, because the TPM incorporates a feature called sealing that can be used to make sure that the encryption key is only disclosed to authorized software, and not to disk-cracking tools.

Other advanced TPM features include a secure clock, monotonic counters, a non-volatile storage facility, and very flexible and secure mechanisms for key management operations like key import and export.

More information on how TPMs work and how that they can be used to solve common security problems can be found in A Practical Guide to TPM2.0.

Microsoft Research TPM Resources

In addition to continuing to develop and maintain the TPM reference implementation, Microsoft has open-sourced software libraries and solutions that allow TPM-based applications to be built.

  • A pre-built TPM simulator
  • TSS.NET, for programming the TPM in C# (part of TSS.MSR)
  • TSS.C++, for programming a TPM in C++ (part of TSS.MSR)
  • TSS.Java, for programming a TPM in Java (preliminary release – part of TSS.MSR)
  • Urchin: A simple library for accessing the TPM on resource-constrained devices
  • The Platform Crypto Provider Toolkit and PCPTool, for programming a TPM in C (part of TSS.MSR)

Microsoft Features using the TPM

Microsoft products and services lead the world in the use of international standards-based security solutions based on the TPM.    Products and services that use the TPM include:

Other useful Windows resources include:

People

People

Portrait of Paul England

Paul England

Distinguished Engineer

Portrait of Andrey Marochko

Andrey Marochko

Principal SDE

Portrait of Dennis Mattoon

Dennis Mattoon

Principal Software Development Engineer

Portrait of Ronald Aigner

Ronald Aigner

Principal SDE