Inferensys

Glossary

Trusted Platform Module (TPM)

A Trusted Platform Module (TPM) is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys.
Operations room with a large monitor wall for system visibility and control.
SECURE CREDENTIAL MANAGEMENT

What is Trusted Platform Module (TPM)?

A Trusted Platform Module (TPM) is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys for functions like secure boot, disk encryption, and platform integrity measurement.

A Trusted Platform Module (TPM) is a dedicated, tamper-resistant microcontroller that provides hardware-based, root-of-trust security functions. It generates, stores, and manages cryptographic keys used for critical operations like secure boot, full-disk encryption, and platform integrity attestation. By anchoring trust in immutable hardware, it protects against software-based attacks and unauthorized firmware modifications, forming a foundational security layer for modern computing.

In enterprise AI and secure credential management, a TPM is crucial for safeguarding the secrets used by autonomous agents. It can securely store API keys, OAuth tokens, and other sensitive credentials, preventing their extraction even if the host operating system is compromised. This hardware isolation complements software-based Key Management Services (KMS) and Hardware Security Modules (HSM), providing a robust defense-in-depth strategy for agentic systems interacting with external APIs and data sources.

TRUSTED PLATFORM MODULE

Core Functions and Security Features

A Trusted Platform Module (TPM) is an international standard (ISO/IEC 11889) for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. It provides a hardware-rooted foundation for critical security operations.

01

Platform Integrity Measurement

The TPM's Root of Trust for Measurement (RTM) creates a cryptographic hash chain during the boot process. Each component—from the BIOS/UEFI firmware to the bootloader and operating system kernel—is measured (hashed) before execution. These measurements are stored in the TPM's Platform Configuration Registers (PCRs). This creates a verifiable log of the system's state, enabling technologies like Secure Boot to detect unauthorized modifications by comparing current PCR values against known-good baselines.

02

Secure Key Generation and Storage

The TPM contains a true hardware random number generator (HRNG) for creating cryptographically strong keys. It can generate and store RSA and ECC asymmetric keys and symmetric keys (e.g., for AES). Crucially, private keys never leave the TPM's protected storage. Keys can be marked as non-migratable, binding them permanently to the specific hardware. This enables features like BitLocker or dm-crypt disk encryption, where the volume encryption key is sealed by the TPM and only released if the platform integrity is verified.

03

Remote Attestation

This allows a remote party (e.g., a corporate server or cloud service) to cryptographically verify the software state of a client machine. The TPM uses its Attestation Identity Key (AIK), a special endorsement key, to sign the current PCR values. The verifier receives this signed report and can check it against a Trusted Policy to ensure the device is running authorized, unmodified software before granting network access or releasing sensitive data. This is a cornerstone for Zero Trust architectures and secure cloud provisioning.

04

Hardware-Based Authentication

The TPM provides a stronger alternative to password-only authentication. It can be used to:

  • Bind system login credentials (Windows Hello for Business) to the TPM.
  • Act as a virtual smart card for network authentication.
  • Store certificates for machine identity in enterprise environments. Authentication relies on proving possession of a key stored inside the TPM, which is resistant to phishing and keylogging attacks. The TPM 2.0 standard also supports Policy-Based Authorization, where key usage can require multiple factors (e.g., a password AND a specific system state).
05

Cryptographic Operations Engine

The TPM includes dedicated circuits to perform cryptographic functions internally, shielding sensitive operations from the main CPU and its potentially compromised software. Core operations include:

  • RSA Sign/Decrypt: Using internally stored keys.
  • ECC Signatures: (TPM 2.0) for more efficient cryptography.
  • HMAC (Hash-based Message Authentication Code): For data integrity.
  • Key Wrapping: Encrypting keys for external storage.
  • True Random Number Generation: For session keys and nonces. By performing these operations in hardware, the TPM protects against software-based side-channel attacks.
06

Hierarchical Key Structure

TPM keys are organized in a strict hierarchy, providing isolation and clear provenance:

  1. Endorsement Key (EK): A unique RSA key fused into the TPM at manufacture. It identifies the TPM hardware and is used to create AIKs.
  2. Storage Root Key (SRK): The root of the user-generated key hierarchy, protected by the TPM owner's authorization.
  3. Attestation Identity Keys (AIKs): Derived from the EK, used for privacy-preserving remote attestation.
  4. Leaf Keys: User-created keys (signing, encryption, storage) generated under the SRK. This tree structure ensures that compromising a leaf key does not compromise keys higher in the hierarchy.
SECURE CRYPTOPROCESSOR STANDARDS

TPM 2.0 vs. TPM 1.2: Key Differences

A technical comparison of the two major specification versions of the Trusted Platform Module, highlighting cryptographic, architectural, and security enhancements relevant for hardware-backed credential management.

Cryptographic & Architectural FeatureTPM 1.2 (2003, 2011)TPM 2.0 (2014, 2019)

Cryptographic Algorithm Agility

Default Asymmetric Algorithm

RSA 2048-bit

Elliptic Curve Cryptography (ECC)

Supported Hash Algorithms

SHA-1 primarily

SHA-1, SHA-256, SHA-384, SM3

Key Storage Hierarchy

Single Storage Root Key (SRK)

Three Hierarchies (Platform, Storage, Endorsement)

Authorization Model

Mandatory HMAC-based sessions

Flexible (HMAC, Policy, Password)

Attestation Structure

Binary, Proprietary (TPM_QUOTE)

Standardized (TPM2_Certify, TPM2_Quote)

Direct Anonymous Attestation (DAA)

Enhanced Authorization (EA) Policies

Algorithm Specification

Hardcoded in specification

Defined via TPM2_ALG_ID identifiers

NIST FIPS 140-2 Certification

Level 2 common

Designed for Level 2 & 3

Command Set & API

TPM 1.2 Command Set (TCG Software Stack)

TPM 2.0 Command Set (TSS 2.0)

NV Storage Flexibility

Limited, static indices

Dynamic, attribute-rich

TRUSTED PLATFORM MODULE

Frequently Asked Questions

A Trusted Platform Module (TPM) is a dedicated microcontroller that provides hardware-based, security-related functions. These FAQs address its core mechanisms, applications in secure systems, and its role in modern credential management.

A Trusted Platform Module (TPM) is an international standard (ISO/IEC 11889) for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. It provides a root of trust by performing critical security functions in isolated, tamper-resistant hardware, separate from the main system CPU. Its primary roles include secure key generation and storage, platform integrity measurement via secure boot, and providing cryptographic operations like encryption and digital signing. By anchoring trust in physical silicon, a TPM protects against software-based attacks and ensures that a system boots with genuine, unaltered firmware and operating system components.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.