Monday 06 July 2026 16:25:02 GMT+02:00

Netcrook

HomeManifesto
News
Techcrook
Geocrook
WikicrookTeamAppContact
EnglishItalianoArabic

WIKICROOK

Trusted Platform Module (TPM)

A hardware root of trust used by BitLocker to validate boot measurements and support automatic unlock when the system is trusted.

A Trusted Platform Module is a dedicated hardware chip, or hardware-backed component, that stores cryptographic keys and records measurements about early boot components. In Windows systems, BitLocker can use the TPM as a root of trust to check whether firmware, bootloaders, and related startup settings match the expected state before unlocking the drive.

This matters because disk encryption alone does not stop attacks that target the preboot phase. If an attacker can tamper with firmware, change boot media, or influence boot policy, they may be able to affect whether the TPM releases keys automatically. Defenders use the TPM alongside Secure Boot, startup PINs, and recovery-key controls to reduce physical-access risk and detect boot-chain tampering. In practice, the TPM is not the encryption engine itself; it is the trust anchor that helps decide when encryption should be opened safely.

← WIKICROOK index