📖 What is Trusted Platform Module (TPM)?
A Trusted Platform Module (TPM) is a specialized hardware chip integrated into a motherboard to provide secure generation and storage of cryptographic keys. It ensures platform integrity by performing a measured boot process to detect unauthorized changes to firmware.
"TPMs are 'bound' to the hardware. Remember that they provide a hardware-based Root of Trust for the specific device they are installed in."
📚 Certification: Certified Information Systems Security Professional (CISSP)
🔑 What are the Key Concepts of Trusted Platform Module (TPM)?
- ▸ Acts as a hardware-based Root of Trust, providing a secure foundation for cryptographic operations isolated from the main operating system and CPU.
- ▸ Utilizes Platform Configuration Registers (PCRs) to store hashes of firmware and boot components, enabling the detection of unauthorized system modifications during startup.
- ▸ Supports 'Binding' to encrypt data to a specific TPM and 'Sealing' to ensure data is only decrypted if the system is in a trusted state.
- ▸ Stores the Endorsement Key (EK), a unique, permanent identifier burned into the hardware during manufacturing to prove the authenticity of the TPM chip.
- ▸ Integrates with Full Disk Encryption (FDE) solutions to securely store decryption keys, preventing data access if the drive is moved to another machine.
🎯 How does Trusted Platform Module (TPM) appear on the CISSP Exam?
You may be asked to identify the best mechanism for ensuring that a laptop's bootloader has not been tampered with before the OS loads.
A scenario might describe a requirement for 'Remote Attestation,' where a server must verify the integrity of a client's hardware and firmware before allowing network access.
Expect questions comparing software-based keystores with hardware-based solutions, requiring you to select TPM for maximum protection against cold-boot or memory-dump attacks.
❓ Frequently Asked Questions
What is the difference between Binding and Sealing in the context of a TPM?
Binding encrypts data using a TPM's public key so only that specific TPM can decrypt it. Sealing goes further by requiring the system to be in a specific, healthy state (PCR values) before decryption is allowed.
How does Measured Boot differ from Secure Boot?
Secure Boot stops the boot process if a signature is invalid. Measured Boot does not stop the boot; instead, it records the hashes of each component in PCRs for later verification via attestation.
What happens to the encrypted data if the TPM chip fails or the motherboard is replaced?
Because the keys are hardware-bound to that specific chip, the data becomes inaccessible unless a recovery key, such as a BitLocker recovery password, was backed up externally.