What is trusted platform module used for?

Platform Integrity

The primary scope of a TPM (in combination with other TCG implementations) is to assure the integrity of a platform. In this context "integrity" means "behave as intended" and a "platform" is generically any computer platform - not limited to PCs or just Windows: Start the power-on boot process from a trusted condition and extend this trust until the OS has fully booted and applications running.

Together with the BIOS, the TPM forms a Root of Trust: The TPM contains several PCRs (Platform Configuration Registers) that allow a secure storage and reporting of security relevant metrics. These metrics can be used to detect changes to previous configurations and derive decisions how to proceed. A good example can be found in Microsoft's BitLocker Drive Encryption (see below).

Therefore the BIOS and the Operating System have the primary responsibility to utilize the TPM to assure platform integrity. Only then can applications and users running on that platform rely on its security characteristics such as secure I/O "what you see is what you get", uncompromised keyboard entries, memory and storage operations.

[edit]Disk encryption

Full disk encryption applications, such as TrueCrypt, the dm-crypt feature of modern Linux kernels and the BitLocker Drive Encryption feature of some Windows operating systems, can use this technology to protect the keys used to encrypt the computer's hard disks and provide integrity authentication for a trusted boot pathway (i.e. BIOS, boot sector, etc.). A number of third party full disk encryption products also support the TPM chip.

[edit]Password protection

Access to keys, data or systems is often protected and requires authentication by presenting a password. If the authentication mechanism is implemented in software only, the access typically is prone to 'dictionary attacks'. Since the TPM is implemented in a dedicated hardware module, a dictionary attack prevention mechanism was built in, which effectively prevents from guessing or automated dictionary attacks, while still allowing the user for a sufficient and reasonable number of tries. With this hardware based dictionary attack prevention, the user can opt for shorter or weaker passwords which are more memorable. Without this level of protection, only passwords with high complexity would provide sufficient protection.

[edit]Other uses and concerns

Almost any encryption-enabled application can in theory make use of a TPM, including:

Other uses exist, some of which give rise to privacy concerns. The "physical presence" feature of the TPM addresses some of these concerns by requiring BIOS-level confirmation for operations such as activating, deactivating, clearing or changing ownership of the TPM by someone who is physically present at the console of the machine.[6][7]