With approaches dating back to the 20th century, the idea of a TPM is simple: An isolated, constrained environment to offload trust establishment in a larger computing environment. That implies cryptography, firmware, hardware, and per application, different requirements. This talk elaborates on how the seemingly simple concept has been expanded over the years, enumerating implementations in hardware, firmware, other layers of software, and even web browsers, explaining why it is in fact far more complex than anticipated by looking at contemporary use-cases, ending up with a discussion around the controversy about Microsoft mandating presence of a TPM in order to run Windows 11.
Speakers: Daniel Maslowski