In computing, Trusted Platform Module (TPM) is both the name of a published specification detailing a secure cryptoprocessor that can store cryptographic keys that protect information, as well as the general name of implementations of that specification, often called "TPM chip", "Fritz chip" or "TPM Security Device" (Dell). Computing is usually defined like the activity of using and developing Computer technology Computer hardware and software. A secure cryptoprocessor is a dedicated Computer or Microprocessor for carrying out Cryptographic operations embedded in a packaging with multiple Cryptography (or cryptology; from Greek grc κρυπτός kryptos, "hidden secret" and grc γράφω gráphō, "I write" In Cryptography, a key is a piece of information (a Parameter) that determines the functional output of a cryptographic algorithm The multinational technology company Dell Inc develops manufactures sells and supports Personal computers and other computer-related products The TPM specification is the work of the Trusted Computing Group. The Trusted Computing Group ( TCG) successor to the Trusted Computing Platform Alliance ( TCPA) is an initiative started by AMD, Hewlett-Packard The current version of the TPM specification is 1. 2 Revision 103, published on July 9, 2007. Events 455 - Roman military commander Avitus is proclaimed Emperor of the Western Roman Empire. Year 2007 ( MMVII) was a Common year starting on Monday of the Gregorian calendar in the 21st century. ^[1]

Contents 1 Overview 2 Uses 2.1 Disk encryption 2.2 Other uses 3 TPM Hardware 4 See also 5 References 6 External links

Overview

A Trusted Platform Module offers facilities for the secure generation of cryptographic keys, and limitation of their use, in addition to a hardware pseudo-random number generator. Cryptography (or cryptology; from Greek grc κρυπτός kryptos, "hidden secret" and grc γράφω gráphō, "I write" In Cryptography, a key is a piece of information (a Parameter) that determines the functional output of a cryptographic algorithm Hardware is a general term that refers to the physical artifacts of a Technology. A random number generator (often abbreviated as RNG is a computational or physical device designed to generate a sequence of Numbers or symbols that lack any It also includes capabilities such as remote attestation and sealed storage. Trusted Computing (TC is a technology developed and promoted by the Trusted Computing Group. Trusted Computing (TC is a technology developed and promoted by the Trusted Computing Group. Remote attestation creates a nearly unforgeable hash key summary of the hardware and software configuration. A cryptographic Hash function is a transformation that takes an input (or 'message' and returns a fixed-size string which is called the hash value (sometimes The extent of the summary of the software is decided by the program encrypting the data . This allows a third party to verify that the software has not been changed. Sealing encrypts data in such a way that it may be decrypted only if the TPM releases the associated decryption key, which it only does for software that can provide the same password that was supplied when software "ownership" of the TPM was initially configured. ^[2] Binding encrypts data using the TPM endorsement key, a unique RSA key burned into the chip during its production, or another trusted key descended from it. Trusted Computing (TC is a technology developed and promoted by the Trusted Computing Group. In Cryptography, RSA is an Algorithm for Public-key cryptography.

A Trusted Platform Module can be used to authenticate hardware devices. Since each TPM chip has a unique and secret RSA key burned in as it is produced, it is capable of performing platform authentication. In Cryptography, RSA is an Algorithm for Public-key cryptography. Authentication (from Greek αυθεντικός real or genuine from authentes author is the act of establishing or confirming something (or someone as For example, it can be used to verify that a system seeking access is the expected system.

Generally, pushing the security down to the hardware level in conjunction with software provides more protection than a software-only solution that is more easily be compromised by an attacker. However even where a TPM is used, the key is still vulnerable while a software application that has obtained it from the TPM is using it to perform encryption/decryption operations, as has been illustrated in the case of a cold boot attack. In Cryptography, a key is a piece of information (a Parameter) that determines the functional output of a cryptographic algorithm In Cryptography, a cold boot attack, platform reset attack, cold ghosting attack or iceman attack is a type of Side channel attack

Uses

Disk encryption

Full disk encryption applications, such as the BitLocker Drive Encryption feature of Microsoft's Windows Vista and Windows Server 2008 operating systems, can use this technology to protect the keys used to encrypt the computer's operating system volume and provide integrity authentication for a trusted boot pathway (i. BitLocker Drive Encryption is a Full disk encryption feature included with Microsoft 's Windows Vista Ultimate, Windows Vista Enterprise Microsoft Corporation is an American multinational Computer technology Corporation, which rose to dominate the Home computer Windows Vista (ˈvɪstə is a line of Operating systems developed by Microsoft for use on Personal computers including home and business desktops Windows Server 2008 is the most recent release of Microsoft Windows ' server line of Operating systems Released to manufacturing on 4 February An operating system (commonly abbreviated OS and O/S) is the software component of a Computer system that is responsible for the management and coordination An operating system (commonly abbreviated OS and O/S) is the software component of a Computer system that is responsible for the management and coordination In the context of computer Operating systems volume is the term used to describe a single accessible storage area with a single File system, typically (though not Authentication (from Greek αυθεντικός real or genuine from authentes author is the act of establishing or confirming something (or someone as e. BIOS, boot sector, etc. In Computing, the BIOS (ˈbaɪoʊs A boot sector (sometimes called a bootblock) is a sector of a Hard disk, Floppy disk, or similar Data storage device that contains ) A number of third party full disk encryption products also support the TPM chip.

Other uses

Almost any encryption-enabled application can in theory make use of a TPM, including:

• Digital Rights Management
• Software license protection & enforcement
• Password protection

These potential other uses have given rise to privacy concerns. Digital rights management ( DRM) is a generic term that refers to Access control technologies used by hardware manufacturers publishers and Copyright holders A software license (or software licence in commonwealth usage is a Legal instrument governing the usage or redistribution of copyright protected software In computing a password is a Word or string of characters that is entered often along with a user name, in modern times usually into a computer system Privacy is the ability of an individual or group to seclude themselves or information about themselves and thereby reveal themselves selectively Consequently, to address these concerns, the TPM chip cannot be enabled via software alone - a "physical presence request" operation is required, whereby a human sitting at the computer must acknowledge the request to activate the device via a prompt at BIOS level. In Computing, the BIOS (ˈbaɪoʊs ^[3] Furthermore, each application that uses the TPM must register a unique passphrase when it takes ownership of the TPM in order to prevent other applications from also making unauthorized use of the TPM while it's enabled. ^[4] Future operating systems are expected to have increased TPM support for additional cryptographic features.

TPM Hardware

Starting in 2006, many new laptop computers have been sold with a Trusted Platform Module chip built-in. In the future, this concept could be co-located on an existing motherboard chip in computers, or any other device where a TPM's facilities could be employed, such as a cell phone. A motherboard is the central or primary Printed circuit board (PCB making up a complex electronic system such as a modern Computer or Laptop Intel is planning to integrate the TPM capabilities into the southbridge chipset in 2008. The Southbridge, also known as the I/O Controller Hub ( ICH) in Intel systems (AMD VIA SiS and others usually ^[5]

Trusted Platform Module microcontrollers are currently produced by:

• Atmel
• Broadcom
• Infineon (Infineon TPM)
• Intel (via Intel Manageability Engine as iTPM)
• Sinosun
• STMicroelectronics
• Winbond

See also

• Cryptography
• Hengzhi chip
• Next-Generation Secure Computing Base
• Trusted Computing

References

1. ^ Trusted Platform Module (TPM) Specifications. } Atmel Corporation ( is a manufacturer of Semiconductors, founded in 1984. Broadcom Corporation is an American supplier of Integrated circuits (ICs for broadband communications Infineon Technologies AG () was founded in April 1999 when the Semiconductor operations of parent company Siemens AG, were spun off to form a separate STMicroelectronics (,)is an franco-italian Electronics and Semiconductor manufacturer headquartered in in Geneva, Switzerland. Winbond Electronics Corporation is a Taiwan -based corporation which was founded in 1987 and is a producer of Semiconductors and several types of integrated Cryptography (or cryptology; from Greek grc κρυπτός kryptos, "hidden secret" and grc γράφω gráphō, "I write" The Hengzhi chip ( is a Microcontroller that can store secured information designed by the People's Republic of China government and manufactured in China The Next-Generation Secure Computing Base ( NGSCB) formerly known as Palladium, is a software architecture designed by Microsoft which is expected to implement Trusted Computing (TC is a technology developed and promoted by the Trusted Computing Group. Trusted Computing Group.
2. ^ TakeOwnership Method of the Win32_Tpm Class. Microsoft. Microsoft Corporation is an American multinational Computer technology Corporation, which rose to dominate the Home computer Retrieved on 2008-05-27. 2008 ( MMVIII) is the current year in accordance with the Gregorian calendar, a Leap year that started on Tuesday of the Common Events 927 - Simeon the Great, Tsar of Bulgaria, dies 1120 - Richard III of Capua is anointed
3. ^ SetPhysicalPresenceRequest Method of the Win32_Tpm Class. Microsoft. Microsoft Corporation is an American multinational Computer technology Corporation, which rose to dominate the Home computer Retrieved on 2008-05-20. 2008 ( MMVIII) is the current year in accordance with the Gregorian calendar, a Leap year that started on Tuesday of the Common Events 325 - The First Council of Nicaea &ndash the first Ecumenical Council of the Christian Church is held
4. ^ TakeOwnership Method of the Win32_Tpm Class. Microsoft. Microsoft Corporation is an American multinational Computer technology Corporation, which rose to dominate the Home computer Retrieved on 2008-05-20. 2008 ( MMVIII) is the current year in accordance with the Gregorian calendar, a Leap year that started on Tuesday of the Common Events 325 - The First Council of Nicaea &ndash the first Ecumenical Council of the Christian Church is held
5. ^ Microsoft PowerPoint - GovSec Presentation_052505_v05.ppt

External links

• Trusted Computing Group
• Device Authentication-The answer to attacks launched using stolen passwords?
• LWN: OLS: Linux and trusted computing
• GRC podcast: Trusted Platform Module (TPM) (TPM content starts 27 minutes 30 seconds in. )
• TPM Setup (for Mac OS X)
• Trusted Computing Group Bulletin on the Security of the Trusted Platform Module (TPM) February 2008
• Take Control of TCPA

---

© 2009 citizendia.org; parts available under the terms of GNU Free Documentation License, from http://en.wikipedia.org
Dapyx Software network: MP3 Explorer | Ebook Manager | Zenithic