A Trusted Platform Module (TPM) is a dedicated, tamper-resistant microcontroller that provides hardware-based, root-of-trust security functions. It generates, stores, and manages cryptographic keys used for critical operations like secure boot, full-disk encryption, and platform integrity attestation. By anchoring trust in immutable hardware, it protects against software-based attacks and unauthorized firmware modifications, forming a foundational security layer for modern computing.
Glossary
Trusted Platform Module (TPM)

What is Trusted Platform Module (TPM)?
A Trusted Platform Module (TPM) is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys for functions like secure boot, disk encryption, and platform integrity measurement.
In enterprise AI and secure credential management, a TPM is crucial for safeguarding the secrets used by autonomous agents. It can securely store API keys, OAuth tokens, and other sensitive credentials, preventing their extraction even if the host operating system is compromised. This hardware isolation complements software-based Key Management Services (KMS) and Hardware Security Modules (HSM), providing a robust defense-in-depth strategy for agentic systems interacting with external APIs and data sources.
Core Functions and Security Features
A Trusted Platform Module (TPM) is an international standard (ISO/IEC 11889) for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. It provides a hardware-rooted foundation for critical security operations.
Platform Integrity Measurement
The TPM's Root of Trust for Measurement (RTM) creates a cryptographic hash chain during the boot process. Each component—from the BIOS/UEFI firmware to the bootloader and operating system kernel—is measured (hashed) before execution. These measurements are stored in the TPM's Platform Configuration Registers (PCRs). This creates a verifiable log of the system's state, enabling technologies like Secure Boot to detect unauthorized modifications by comparing current PCR values against known-good baselines.
Secure Key Generation and Storage
The TPM contains a true hardware random number generator (HRNG) for creating cryptographically strong keys. It can generate and store RSA and ECC asymmetric keys and symmetric keys (e.g., for AES). Crucially, private keys never leave the TPM's protected storage. Keys can be marked as non-migratable, binding them permanently to the specific hardware. This enables features like BitLocker or dm-crypt disk encryption, where the volume encryption key is sealed by the TPM and only released if the platform integrity is verified.
Remote Attestation
This allows a remote party (e.g., a corporate server or cloud service) to cryptographically verify the software state of a client machine. The TPM uses its Attestation Identity Key (AIK), a special endorsement key, to sign the current PCR values. The verifier receives this signed report and can check it against a Trusted Policy to ensure the device is running authorized, unmodified software before granting network access or releasing sensitive data. This is a cornerstone for Zero Trust architectures and secure cloud provisioning.
Hardware-Based Authentication
The TPM provides a stronger alternative to password-only authentication. It can be used to:
- Bind system login credentials (Windows Hello for Business) to the TPM.
- Act as a virtual smart card for network authentication.
- Store certificates for machine identity in enterprise environments. Authentication relies on proving possession of a key stored inside the TPM, which is resistant to phishing and keylogging attacks. The TPM 2.0 standard also supports Policy-Based Authorization, where key usage can require multiple factors (e.g., a password AND a specific system state).
Cryptographic Operations Engine
The TPM includes dedicated circuits to perform cryptographic functions internally, shielding sensitive operations from the main CPU and its potentially compromised software. Core operations include:
- RSA Sign/Decrypt: Using internally stored keys.
- ECC Signatures: (TPM 2.0) for more efficient cryptography.
- HMAC (Hash-based Message Authentication Code): For data integrity.
- Key Wrapping: Encrypting keys for external storage.
- True Random Number Generation: For session keys and nonces. By performing these operations in hardware, the TPM protects against software-based side-channel attacks.
Hierarchical Key Structure
TPM keys are organized in a strict hierarchy, providing isolation and clear provenance:
- Endorsement Key (EK): A unique RSA key fused into the TPM at manufacture. It identifies the TPM hardware and is used to create AIKs.
- Storage Root Key (SRK): The root of the user-generated key hierarchy, protected by the TPM owner's authorization.
- Attestation Identity Keys (AIKs): Derived from the EK, used for privacy-preserving remote attestation.
- Leaf Keys: User-created keys (signing, encryption, storage) generated under the SRK. This tree structure ensures that compromising a leaf key does not compromise keys higher in the hierarchy.
TPM 2.0 vs. TPM 1.2: Key Differences
A technical comparison of the two major specification versions of the Trusted Platform Module, highlighting cryptographic, architectural, and security enhancements relevant for hardware-backed credential management.
| Cryptographic & Architectural Feature | TPM 1.2 (2003, 2011) | TPM 2.0 (2014, 2019) |
|---|---|---|
Cryptographic Algorithm Agility | ||
Default Asymmetric Algorithm | RSA 2048-bit | Elliptic Curve Cryptography (ECC) |
Supported Hash Algorithms | SHA-1 primarily | SHA-1, SHA-256, SHA-384, SM3 |
Key Storage Hierarchy | Single Storage Root Key (SRK) | Three Hierarchies (Platform, Storage, Endorsement) |
Authorization Model | Mandatory HMAC-based sessions | Flexible (HMAC, Policy, Password) |
Attestation Structure | Binary, Proprietary (TPM_QUOTE) | Standardized (TPM2_Certify, TPM2_Quote) |
Direct Anonymous Attestation (DAA) | ||
Enhanced Authorization (EA) Policies | ||
Algorithm Specification | Hardcoded in specification | Defined via TPM2_ALG_ID identifiers |
NIST FIPS 140-2 Certification | Level 2 common | Designed for Level 2 & 3 |
Command Set & API | TPM 1.2 Command Set (TCG Software Stack) | TPM 2.0 Command Set (TSS 2.0) |
NV Storage Flexibility | Limited, static indices | Dynamic, attribute-rich |
Frequently Asked Questions
A Trusted Platform Module (TPM) is a dedicated microcontroller that provides hardware-based, security-related functions. These FAQs address its core mechanisms, applications in secure systems, and its role in modern credential management.
A Trusted Platform Module (TPM) is an international standard (ISO/IEC 11889) for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. It provides a root of trust by performing critical security functions in isolated, tamper-resistant hardware, separate from the main system CPU. Its primary roles include secure key generation and storage, platform integrity measurement via secure boot, and providing cryptographic operations like encryption and digital signing. By anchoring trust in physical silicon, a TPM protects against software-based attacks and ensures that a system boots with genuine, unaltered firmware and operating system components.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Related Terms
A Trusted Platform Module (TPM) is a foundational component within a broader ecosystem of hardware and cryptographic security standards. The following terms are essential for understanding how TPMs interact with other systems to establish a root of trust and manage secrets.
Secure Boot
Secure Boot is a security standard that ensures a device boots using only software that is trusted by the Original Equipment Manufacturer (OEM). It relies on a chain of trust anchored in hardware, often starting with keys stored in a TPM or firmware.
- Boot Process: Each stage of the bootloader (firmware, OS loader) is cryptographically verified before execution.
- TPM Role: The TPM can measure and store hashes of each boot component in its Platform Configuration Registers (PCRs) for remote attestation.
- Critical Function: Prevents rootkits and other low-level malware from persisting by blocking unauthorized or tampered boot code.
Remote Attestation
Remote Attestation is a process where a trusted platform (client) provides cryptographically verifiable evidence of its software and hardware state to a remote verifier (server). This proof is rooted in a hardware trust anchor like a TPM.
- Mechanism: The TPM signs a quote of its Platform Configuration Register (PCR) values, which represent measured components (BIOS, bootloader, OS).
- Verification: The remote party verifies the TPM's signature and compares the PCR values against known-good baselines.
- Application: Critical for zero-trust architectures, enabling a server to grant access only to clients that prove they are in a known-secure state.
Platform Configuration Registers (PCRs)
Platform Configuration Registers (PCRs) are special memory locations within a TPM used to store cryptographically hashed measurements of the platform's state. They are fundamental to the TPM's integrity measurement and reporting capabilities.
- Immutable Logging: PCRs do not store normal data; they extend it. Extending a PCR means:
PCR[new] = Hash(PCR[old] + new measurement). - Integrity Evidence: This creates a tamper-evident record of all measured components (e.g., firmware, OS kernel).
- Core Use: PCR values are used in Secure Boot validation and are the basis for Remote Attestation quotes. They are also used to "seal" encryption keys to a specific system state.
Root of Trust
A Root of Trust is an inherently trusted component within a computing system from which the trustworthiness of all other components is derived. In a system with a TPM, the TPM chip itself, and specifically its Endorsement Key (EK), serves as a critical root of trust.
- Types: Includes Root of Trust for Measurement (RTM), Storage (RTS), and Reporting (RTR).
- TPM as Anchor: The TPM's unique, factory-installed cryptographic keys provide a verifiable identity and a secure location for cryptographic operations.
- Chain of Trust: Secure Boot builds a chain of trust from this root (the TPM/firmware) up through the operating system, with each step verifying the next.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us