Welcome to the SecAware blog

I spy with my beady eye ...

29 Jun 2008

Are you using TPM yet?

Secure Computing Magazine explains what the Trusted Platform Module (TPM) is, and what it can be used for. It stops short of explaining how to use it but has links to other sites that do so.

The TPM is a hardware crypto module on a chip, pre-installed by the manufacturers in ~100 million PCs. Being hardware based makes it more resistant to attacks than pure software based crypto systems - note 'more resistant to' not 'totally secure against'. I'm sure it's only a matter of time before some enterprising hacker hacks the TPM, perhaps using side channels (e.g. power consumption) or electron microscopy, attacks that have worked to some extent against smart cards. Meanwhile, TPM is considered stronger than normal software-based password vaults etc.

Here's a list of the top 10 uses for TPM, extracted from the article:

1. Multi-factor authentication.
2. Strong login authentication.
3. Machine binding.
4. Digital signatures.
5. Password vaults.
6. File and folder encryption.
7. Strong client/server authentication.
8. Network access control.
9. Endpoint integrity.
10. Trusted client/server security.


No comments:

Post a Comment