Since the Windows 11 release, TPM 2.0 has been getting considerable attention as a requirement for the operation system. This article will help explain what it is and its use.
Table of Contents
What is a TPM Chip?
The Trusted Platform Module is an international standard for encryption processors. It is a specific microcontroller that protects hardware by embedding cryptographic keys. The TPM chips can be integrated into the motherboard of the PC or integrated into the CPU.
In the early 2000s, a consortium of IT giants (Microsoft, HP, IBM and Sony) joined forces to sponsor and backed the Trusted Computing Group (TCG). They plan to create standards and specifications for secure computers based on the elements of software and hardware operating environments for their TPM specification. The most recent revision of the TPM Standard Specification version 1.2 was released on March 3, 2011. The current TPM version was updated to 2.0.
Compliant chips should be able to create encryption and decryption keys and execute at high-speed encryption. They will serve as an auxiliary processor that can safeguard both the operating system and BIOS from alterations.
What does the TPM do?
TPM is most commonly used to identify devices, authentication encryption, and verification of the device’s integrity. However, the TPM chip can also be utilized for a wide variety of applications.
The principal goal of TPM’s primary function is to safeguard the security of every computer system regardless of the operating system. Its purpose is to ensure that the boot process begins by utilizing a specific combination of software and hardware and will continue until the system has fully booted and the program is running.
The responsibility to ensure the reliability of the use of TPM is on the operating system and firmware. For instance, TPM is a component of the Unified Extensible Firmware Interface (UEFI) can use TPM to create a base of trust. Other examples of integrity for platforms by using TPM are Microsoft Office 365 licenses, TXT and Outlook.
Encrypt any partition on the disk
We can secure any partition on a hard disk using the technology of TPM. Computer producers employ the restore feature with one click, one of the most prominent examples of this function. It can be done by placing the system image inside a TPM encrypted partition. A few large commercial software firms are also using it to encrypt partitions.
Store and track passwords
Operating systems generally need authentication (involving codes or methods) to secure keys systems. The keys are in a memory cell that is embedded within the chip. This ensures information they store is not lost even in a power outage. Compared to BIOS management passwords, the TPM chip is more secure.
- Related: How to Get Windows 11 Officially
What is the Difference Between TPM 1.2 and TPM 2.0
The TPM 1.2 specification allows only for the usage of RSA and SHA-1 has algorithms. TPM 2.0 provides greater flexibility to the encryption algorithm. In addition, TPM 2.0 has newer algorithms that improve the drive signing process and key generation efficiency.
In simple terms, TPM 2.0 technology is more advanced than TPM 1.2 technology. It is more secure in encryption and has better support for more advanced algorithms.
Microsoft Requirement of TPM 2.0 on Windows 11
Microsoft has taken the security of its systems seriously for a long time. As a result, Microsoft makes sure its operating systems are protected by hardware and using the TPM 2.0 chipset.
Although Windows 10 can run well without a TPM, Windows 11 explicitly requires TPM 2.0 to install the system. PCs are vulnerable to everything from phishing attacks to ransomware-related attacks that can cause serious harm. With TPM 2.0, the security risk to Windows 11 is significantly reduced. Thus, making everything in the new Windows 11 operating system less vulnerable.
The latest version of Windows PCs (since July 28, 2016) has enabled TPM 2.0 by default. Therefore, all purchased desktops, laptops, 2-in-1 devices, or any other device preloaded using Windows since then have been required by Microsoft to install TPM 2.0 and have it enabled.
To know whether a computer can operate Windows 11, use Windows 11 Upgrade Checker or PC Health Check.
- Related: How to Bypass TPM 2.0 for Windows 11
Windows 11 System Requirements
|Processor||1 GHz or faster, and 2 or more 64bit cores|
|Storage||64 GB or larger storage|
|System firmware||UEFI, or Secure Boot capable|
|TPM||Trusted Platform Module (TPM) version 2.0.|
|Graphics card||Compatible with DirectX 12 or later with WDDM 2.0 driver.|
|Display||HD 720p display, 9” diagonally with 8 bit color.|