Trusted Platform Module – My understanding

ByFaris

Recently in my line of work, I was required to use a TPM to generate a pair of keys, which to be honest I don’t really understand how it works. So I went on the net and scoured what relevant things that can make sense. I don’t where I get this link but it explains what the TPM is and does.

I still don’t understand everything but I’ll try to summarise from the video and other posts I have read. TPM stands for Trusted Platform Module, where a protocol/standard(??) specifies a hardware (mostly, though I read there is also software) that validates/verifies processes, by using cryptographic keys. Most likely TPM is invoked during startup because that is the moment where malicious software or firmware might try to load (I think).

Analogically, it is like having a guard (TPM) in a guardhouse that allows people(firmware/software) to enter. The guard has a list which he compares when someone tells him their name. But this guard only confirms whether the person is on the list or not and can’t prevent them from trespassing. He does take not and mentions if any of the software or driver are different than the allowed value. End of analogy.

In the video above, one philosophical question was asked, whether we can trust the TPM manufacturer, because they are in essence creating a component that is needed to validate whether we can trust a PC or not, hence the component itself and its manufacturer needs to be trusted too. The speaker did say if we apply the same question to other components, we also face the same problem as Intel or Nvidia can also inject malicious code into their product.

They wouldn’t, not only because they want people to trust them, but also because it is against their existence to compromise. Their survival dictates any notion of malpractice will have dire consequence. It will be very bad for them, even if there is a rumour of something along the line, happening. That is my opinion. It is a trusted platform module, where the trust equals commercial value.

I am sure there is a better post or even a paper describing this in a more eloquent manner but this is what I observer from my brief understanding of TPM. Let’s see in the future if I can find similar cases where my views can be applied. As for now, I trust (and am trying to understand what I am trusting, ha!) what I am working on right now.

Thank you for reading.

Similar Posts

  • Boxes of Gadgets

    ByFaris

    I had to clear my store, or to be exact, the boiler room where I store most of my junks, because the boiler engineer had to come and inspect the state of the boiler. It’s a good thing. But when I had to put the things back in, I had to face the fact that…

  • Kids Communication

    ByFaris

    My kids like to play this game: If you can only choose two types of gummy in your life that you can eat, what would you choose? Who would be eating only on gummies their whole life? And why would you need to choose? What put you in this saccharine situation? I was reading the…

  • |

    Thank You, MRTC

    ByFaris

    MRTC stands for Mass Rapid Transit Corporation, a government linked company in Malaysia which I used to work since 2013 until 2021. Today marks the day that I started working there (and a decade of working there, if I had stayed). I spent 8 years working there, and although I have left the place for…

  • It’s a Mistake

    ByFaris

    Years from now, people will say it is a mistake. A mistake to let it happen, to let the massacre continue. Years from now, when their predecessors have waned in their powers, the then ‘leaders’ will then admit, that it was a blunder. A blunder to let the genocide go on unchecked. Decades have gone…

Leave a Reply

Your email address will not be published. Required fields are marked *