Back to glossary

Trusted Platform Module (TPM)

A specialized chip on a computer's motherboard that provides hardware-based security functions, such as secure key storage and platform integrity measurement.

AbbreviationTPM
Categorysecurity

Overview

A TPM is a 'root of trust' for a computer system. It is a tamper-resistant hardware component that performs cryptographic operations and protects sensitive data from software-based attacks.

Key Functions

  • Secure Key Storage: Storing cryptographic keys (e.g., for BitLocker) so they cannot be extracted by the OS or malware.
  • Platform Configuration Registers (PCRs): Measuring the state of the system during boot to ensure that the firmware and OS have not been tampered with.
  • Remote Attestation: Providing a verifiable report of the system's security state to a remote party.
  • Random Number Generation: Providing high-quality entropy for cryptographic operations.

Importance

TPM is a foundational technology for modern security features like Secure Boot, disk encryption, and hardware-backed identity.

Related Terms

Secure BootFirmware Security