The Trusted Platform Module (TPM), developed by the Trusted Computing Group (TCG), is a mandatory security component in any computer running Windows 11. It stores sensitive information such as encryption keys in a separate, secure chip, passing it to the CPU as required.
However, there’s a problem. If an attacker can get physical access to the device, they can use hardware costing less than $20, running readily available software, to grab those encryption keys as they are sent to the CPU, allowing data on the system to be readily decrypted by the attacker and stolen.
At its Imagine event this week, HP announced a product that it says prevents this kind of attack without the need to make changes to device encryption software such as BitLocker. TPM Guard is a combination of hardware and firmware that creates an authenticated and encrypted tunnel between the TPM and the CPU to protect the communication between them, said Ian Pratt, HP’s vice president of security and commercial systems. The TPM is cryptographically bound to the host processor so if the chip is removed from the system, the TPM will cease to function.
Read the full article here
