Difference between revisions of "Fitlet2 TPM"

From fit-PC wiki
Jump to: navigation, search
(fTPM (Firmware Trust Platform Module))   (change visibility)
 
(13 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
=What is TPM?=
 
=What is TPM?=
A Trusted Platform Module (TPM), is a cryptographic coprocessor including capabilities for random number generation, secure generation of cryptographic keys and limitation of their use. It also includes capabilities such as remote attestation and sealed storage.  
+
* A Trusted Platform Module (TPM), is a cryptographic coprocessor with capabilities of random number generation, secure generation of cryptographic keys and managed access to these keys. It includes additional capabilities such as remote attestation and sealed storage.  
TPM's technical specification is publicly available, driven by the Trusted Computing Group (TCG). The latest version TPM 2.0 (released October 2014), is a major redesign of the specification which adds new functionality and fixes weaknesses of the former TPM 1.2.
+
* TPM technical specifications are publicly available, driven by the Trusted Computing Group (TCG).  
 +
* TPM 2.0 (released October 2014) adds new functionality and fixes weaknesses of the former TPM 1.2.
  
 
==dTPM (Discrete Trusted Platform Module)==
 
==dTPM (Discrete Trusted Platform Module)==
  
* TPM is a microcontroller that stores encryption keys, passwords and digital certificates.  
+
* Discrete TPM is a microcontroller that stores encryption keys, passwords and digital certificates.
* When TPM technology first hit the market, it was available only in discrete form.
+
* fitlet2 can be ordered with an optional discrete TPM.
That is, the silicon module was separate from other system elements and communicated with them via a dedicated hardware bus.
+
* More recently, silicon manufacturers have begun to integrate TPM functionality into existing parts.
+
* Advances in on processor technologies combined with the flexibility of the TPM protocols mean that it is possible to implement the TPM as an integrated solution or in firmware.
+
  
 
==fTPM (Firmware Trust Platform Module)==
 
==fTPM (Firmware Trust Platform Module)==
  
 
* fTPM is a Firmware based TPM 2.0 implementation.
 
* fTPM is a Firmware based TPM 2.0 implementation.
* Intel® PTT is an integrated solution in the Intel® Management Engine for 4th Generation Intel® Core™ processors with ultra-low TDP (Thermal Design Power) platforms and later.
+
* Intel® PTT is an integrated solution in the Intel® Management Engine.
* '''fitlet2''', designed around Apollo Lake's SoC, features fTPM as part of Intel® Platform Trust Technology (Intel® PTT)
+
** The platform supports Microsoft requirements for firmware Trusted Platform Module 2.0 (fTPM). <br>Specifically it supports credential storage and key management as used by Windows 8 and Windows® 10.  
** Intel® PTT is a platform functionality for credential storage and key management used by Windows 8 and Windows® 10.  
+
** Also possible in Linux to encrypt partitions using LUKS (Linux Unified Key Setup). <br> See [[Linux: Full Disk Encryption]]
 
** Intel® PTT supports BitLocker for hard drive encryption.  
 
** Intel® PTT supports BitLocker for hard drive encryption.  
** The platform also supports all Microsoft requirements for firmware Trusted Platform Module 2.0(fTPM).
+
* fitlet2 is based on Intel Apollo Lake SoC, featuring Firmware TPM as part of Intel® Platform Trust Technology (Intel® PTT)
** Intel® PTT is an integrated solution in the Intel® Management Engine for 4th Generation Intel® Core™ processors with ultra-low TDP (Thermal Design Power) platforms and later.
+
  
For more information please refer to the following - [https://www.intel.com/content/www/us/en/support/articles/000007452/mini-pcs.html Link]
+
For more information please refer to - [https://www.intel.com/content/www/us/en/support/articles/000007452/mini-pcs.html Intel TPM information]

Latest revision as of 06:31, 2 July 2019

What is TPM?

  • A Trusted Platform Module (TPM), is a cryptographic coprocessor with capabilities of random number generation, secure generation of cryptographic keys and managed access to these keys. It includes additional capabilities such as remote attestation and sealed storage.
  • TPM technical specifications are publicly available, driven by the Trusted Computing Group (TCG).
  • TPM 2.0 (released October 2014) adds new functionality and fixes weaknesses of the former TPM 1.2.

dTPM (Discrete Trusted Platform Module)

  • Discrete TPM is a microcontroller that stores encryption keys, passwords and digital certificates.
  • fitlet2 can be ordered with an optional discrete TPM.

fTPM (Firmware Trust Platform Module)

  • fTPM is a Firmware based TPM 2.0 implementation.
  • Intel® PTT is an integrated solution in the Intel® Management Engine.
    • The platform supports Microsoft requirements for firmware Trusted Platform Module 2.0 (fTPM).
      Specifically it supports credential storage and key management as used by Windows 8 and Windows® 10.
    • Also possible in Linux to encrypt partitions using LUKS (Linux Unified Key Setup).
      See Linux: Full Disk Encryption
    • Intel® PTT supports BitLocker for hard drive encryption.
  • fitlet2 is based on Intel Apollo Lake SoC, featuring Firmware TPM as part of Intel® Platform Trust Technology (Intel® PTT)

For more information please refer to - Intel TPM information