Microsoft has recently announced their push for TPMs to be mandatory with the next iteration of Windows 11. So what are TPMs?
A TPM, or trusted platform module, is an integrated chip or an add-on module for the system motherboard. This chip adds hardware-level security to the system. They can be used to encrypt disk drives and be used to stop dictionary attacks. Firmware attacks are on the rise and the use of TPMs may reduce those attacks.
In particular, Windows 11 is said to require a TPM 2.0 and explicit processors, which could mean that any processor before the 8th generation of Intel or AMD Ryzen 2000 will not work. While we are still fairly early in the development cycle, it shows promise that Microsoft is opting to push for higher security as many vulnerabilities are exploited due to their code.
How does a TPM work? By being part of the hardware, the chip accepts the I/O functions of the mother board and utilizes an onboard random number generator and secure program engine to encrypt contents as they flow through the system.
References:
Warren, T. ‘Why Windows 11 is forcing everyone to use TPM.’ 25 June 2021. The Verge. Why Windows 11 is forcing everyone to use TPM chips – The Verge
TCG. ‘Trusted Platform Module.’ Accessed 11 July 2021. Trusted Computing Group. Trusted Platform Module (TPM) Summary | Trusted Computing Group
Cybersecurity In Action 