This TPM is designed to connect to your PC's motherboard and will allow security features such as Windows BitLocker drive encryption to be used to their full potential.
- Gives full Trusted Platform Module functionality
- Easy to install on TPM-ready motherboards from Gigabyte and ASUS
- Allows Microsoft BitLocker drive encryption to fully operate
- Simple upgrade to increase security of any compatible TPM-ready PC
What is a TPM?
A TPM is a microchip designed to provide basic security-related functions, primarily involving encryption keys. The TPM is usually installed on the motherboard of a computer, and communicates with the rest of the system by using a hardware bus.
Computers that incorporate a TPM have the ability to create cryptographic keys and encrypt them so that they can be decrypted only by the TPM. This process, often called "wrapping" or "binding" a key, can help protect the key from disclosure. Each TPM has a master wrapping key, called the Storage Root Key (SRK), which is stored within the TPM itself. The private portion of a key created in a TPM is never exposed to any other component, software, process, or person.
Computers that incorporate a TPM can also create a key that has not only been wrapped, but is also tied to specific hardware or software conditions. This is called "sealing" a key. When a sealed key is first created, the TPM records a snapshot of configuration values and file hashes. A sealed key is only "unsealed" or released when those current system values match the ones in the snapshot. BitLocker uses sealed keys to detect attacks against the integrity of the Windows operating system.
With a TPM, private portions of key pairs are kept separated from the memory controlled by the operating system. Because the TPM uses its own internal firmware and logic circuits for processing instructions, it does not rely upon the operating system and is not exposed to external software vulnerabilities.