What you’ll learn
- Who is Tippecanoe?
- What is a secure element?
- What is a Trusted Platform Module?
- What does TPM 2 have to do with Microsoft Windows 11?
If you’re wondering, this article is about Microsoft’s upcoming Windows 11 and its potential requirement for a Trusted Computing Group’s Trusted Platform Module 2.0 (TPM 2.0). Windows 11 is still in a state of flux, which means things may change, but it’s worthwhile talking about TPM 2.0.
The title of this article is a takeoff of “Tippecanoe and Tyler Too,” which was the slogan in the 1840 United States Presidential campaign. Tippecanoe was the nickname for the Whig candidate, William Henry Harrison, the “hero” of Tippecanoe, a battle that occurred in 1811. As noted in more than one article, “Few American political slogans have been such unadulterated demagoguery.”
The use of TPM with Windows 11 may be less controversial, but it’s an issue for many if the requirement holds. Those with newer hardware may not experience any impact, as TPM has been the norm for most laptops and PCs. However, it’s still an option on embedded motherboards.
Windows 10 and earlier versions are used in a significant number of embedded systems, and Windows 11 will be no different. Unlike consumer and enterprise versions, the embedded market tends to have more control over what’s installed, so TPM may or may not be a requirement for embedded systems.
What is TPM 2.0?
As noted, TPM 2.0 is a standard—ISO/IEC 11889—from the Trusted Computing Group. It’s a “secure element,” which is a secure microcontroller with on-board storage and encryption hardware that’s usually protected from physical and electrical tampering. It normally supports a public/private key system, with each chip having its own private key on-board. This uniquely identifies the secure element and provides it with a way of authenticating any transactions.
A secure element can be a standalone device; actually, many are implemented in this fashion. They can have different interfaces, and it’s possible to get a TPM unit as a USB dongle that can plug into many PCs, providing a possible mechanism for supporting Windows 11 should the requirement for TPM 2.0 remain.
Secure elements also can be incorporated into a larger chip, which is becoming more common. Secure elements may be found inside FPGAs, microprocessors, and other devices, too. This creates a more secure system and reduces the attack surface, since communication between the host and the secure element is on-chip rather than being between chips.
TPM isn’t the only secure element on the market. In fact, secure elements have been around a lot longer than TPM. The main thing that TPM brings to the table is a standard set of features and a standard way of accessing them. This includes functions such as authentication, attestation, and secure key storage. On-chip encryption hardware and a hardware-based random-number generator are usually part of the mix as well.
Many IoT devices utilize secure-element chips connected to microcontrollers and other devices. Likewise, less complex secure elements have been incorporated in microcontrollers. Connection to IoT platforms like Amazon’s AWS, Microsoft’s Azure, and others normally requires secure-element functionality. TPM is often one of the options available to developers.
Secure Elements and Secure Boot
A secure element can be a root-of-trust (RoT). A RoT is needed to implement a secure boot. The key used to verify the secure-boot code is typically stored in the secure element. This key isn’t the secure element’s private key, but rather a key that matches the one used to digitally sign the secure-boot code. The verified code is then used to boot the system.
A secure-boot system normally starts with a small boot loader and progresses to more complex boot code and device drivers. These also can be digitally signed and verified during the boot process. Furthermore, this security chain can be extended to verify additions and updates.
Note that secure boot and TPM aren’t paired requirements, although TPM can be used as the secure element for a secure-boot process. I have a motherboard that provides Windows 10 secure boot, but it doesn’t have TPM, or at least the board doesn’t expose it.
Secure Elements and Digital Rights Management
Secure boot is just one use of a secure element. Digital rights management (DRM) is another, and along with system authentication, it’s probably why secure elements are incorporated into a system.
DRM is typically used to restrict the use, modification, and distribution of copyrighted works such as multimedia content (e.g., movies). It also can be applied to music, eBooks, computer programs, and just about any digital content.
A secure element is able to store keys for individual items. However, the storage capabilities of most secure elements tend to limit the number of keys that can be used. So, instead, it’s more common to have those keys stored outside the secure element, but digitally signed with the key being managed by the secure element. This way a secure-boot system could have the secure element verify the state of the digitally signed block before the keys are used.
DRM has been employed to lock down everything from Philips lightbulbs to John Deere tractors. It’s part of the discussion about the right to repair and right to replace devices and software.
Once upon a time, only security experts knew about secure elements. Now the technology is required by everyday devices. Secure elements are part of every smartphone, but most users are unaware of that fact. TPM and Windows 11 is bringing some of this to light for more people.