TPM
Stands for “Trusted Platform Module.”
TPM is a technology that enables hardware-based security functions. It requires a “crypto-processor,” separate from the primary CPU, used exclusively for security purposes.
Some functions of a TPM chip include:
Providing secure authentication
Generating and storing cryptographic keys
Encrypting and decrypting data
Verifying and recording software loading operations
The TPM is a small chip, typically soldered onto a computer’s motherboard. It has a unique ID, also called an Endorsement Key (EK), that cannot be changed. Because the key is unalterable and tied to the motherboard, it provides a reliable means of device authentication. However, replacing a motherboard on a TPM-enabled system may require reformatting the startup disk.
TPM 2.0
Windows 11 requires TPM 2.0 and a Secure Boot capable PC. These technologies work together to prevent unverified software from loading during the boot process. TPM 2.0 provides several security improvements over the previous standard, including:
support for the SHA-256 hashing algorithm
support for newer hashing algorithms (TPM 1.2 only supports RSA and the SHA-1)
more consistent “lockout policy,” defined at an OS-level
a single semiconductor package (TPM 1.2 hardware may use discrete components)
Most Windows PCs developed after 2015 have TPM 2.0 chips, which require UEFI firmware. If TPM 2.0 is not enabled by default, it may be possible to enable it in the UEFI interface.
Updated December 16, 2021 by Per C.
APA
MLA
Chicago
HTML
Link
https://techterms.com/definition/tpm
Copy