Trusted Platform Module – My understanding

ByFaris

Recently in my line of work, I was required to use a TPM to generate a pair of keys, which to be honest I don’t really understand how it works. So I went on the net and scoured what relevant things that can make sense. I don’t where I get this link but it explains what the TPM is and does.

I still don’t understand everything but I’ll try to summarise from the video and other posts I have read. TPM stands for Trusted Platform Module, where a protocol/standard(??) specifies a hardware (mostly, though I read there is also software) that validates/verifies processes, by using cryptographic keys. Most likely TPM is invoked during startup because that is the moment where malicious software or firmware might try to load (I think).

Analogically, it is like having a guard (TPM) in a guardhouse that allows people(firmware/software) to enter. The guard has a list which he compares when someone tells him their name. But this guard only confirms whether the person is on the list or not and can’t prevent them from trespassing. He does take not and mentions if any of the software or driver are different than the allowed value. End of analogy.

In the video above, one philosophical question was asked, whether we can trust the TPM manufacturer, because they are in essence creating a component that is needed to validate whether we can trust a PC or not, hence the component itself and its manufacturer needs to be trusted too. The speaker did say if we apply the same question to other components, we also face the same problem as Intel or Nvidia can also inject malicious code into their product.

They wouldn’t, not only because they want people to trust them, but also because it is against their existence to compromise. Their survival dictates any notion of malpractice will have dire consequence. It will be very bad for them, even if there is a rumour of something along the line, happening. That is my opinion. It is a trusted platform module, where the trust equals commercial value.

I am sure there is a better post or even a paper describing this in a more eloquent manner but this is what I observer from my brief understanding of TPM. Let’s see in the future if I can find similar cases where my views can be applied. As for now, I trust (and am trying to understand what I am trusting, ha!) what I am working on right now.

Thank you for reading.

Similar Posts

  • Are We Aliens

    ByFaris

    After dinner tonight, my son asked me the reason why Allah made us like this. “What do you mean like this?” I asked. “You know, like this,” he said and raised his arm.”You mean five fingers?” ”Yes,” he said. “Allah could have made us like a blob and like an alien, and then if we…

  • Slowest in The Room

    ByFaris

    My daughter has a tendency to complain, a lot. Especially if she finds something to be a bit difficult and she didn’t want to do it in the first place, i.e. it was a task set either by her parents or teacher. She’ll huff and puff while complaining that it is so hard! I’ll then…

  • Good Enough

    ByFaris

    I was about to write this post and I felt that I have written this before. Sure enough, there it was, a post I wrote two years ago. Well this shows that human are a creature of habit, and history repeats itself. Life has been a bit hectic recently and it feels a bit overwhelming…

  • AI Promo Code

    ByFaris

    I have been using AI these days to find ways to save money, one of it to search for promo codes. It doesn’t always work but I managed to get a few pounds discount, a few times, so it’s worth having a try. It doesn’t take long. Plus it skips all the popups that voucher…

Leave a Reply

Your email address will not be published. Required fields are marked *