298
edits
RidgeRun Platform Security Manual/Platform Security/TPM: Difference between revisions
RidgeRun Platform Security Manual/Platform Security/TPM (view source)
Revision as of 01:18, 21 February 2025
, 21 Februaryno edit summary
No edit summary |
|||
| Line 10: | Line 10: | ||
The Trusted Platform Module, more commonly known as '''TPM''', is a type of chip that helps to enhance the security of a system. A TPM is a is a secure crypto-processor that includes physical security measures so that the chip can be tampered with and the security features provided by the TPM are not affected. | The Trusted Platform Module, more commonly known as '''TPM''', is a type of chip that helps to enhance the security of a system. A TPM is a is a secure crypto-processor that includes physical security measures so that the chip can be tampered with and the security features provided by the TPM are not affected. | ||
Some of the uses of a TPM are the following: | |||
* Generating and storing cryptographic keys. | |||
* Device authentication with the TPM's RSA key, that is burned into the chip. | |||
* Help ensure platform integrity by taking and storing security measurements of the boot process. | |||
During the boot process, the boot code can be measured to ensure the integrity of the system, which can be done by using the TPM key. In this case, "measuring" refers to the current object being analyzed in the chain of trust, computing the hash of the next object in the chain and stores it. These hashes can be retrieved later to know exactly which objects were loaded, this technique is known as '''Measured Boot'''. It is important to know that measured boot does not stop a system from booting in the same way that secure boot does. | |||
<noinclude> | <noinclude> | ||