Device owners using the latest Trusted Platform Modules (TPMs) are now better equipped to protect their sensitive data from quantum attacks, thanks to a new specification from the Trusted Computing Group (TCG).
The new Trusted Platform Module 2.0 v185 specification includes support for two post quantum cryptography (PQC) algorithms – ML-KEM (including Endorsement Keys) and ML-DSA (including Attestation Keys) – to deliver enhanced security and integrity to computing systems.
“This specification update marks a major milestone for TCG in our PQC roadmap,” said TCG President Joe Pennisi. “While full industry migration to post quantum will take some time, it’s fantastic to see TCG hardware standards lead the way in ensuring underlying infrastructure is capable of using quantum-resistant algorithms.”
PQC refers to cryptographic algorithms specifically designed to be secure against attacks from adversaries with cryptographically relevant quantum computers (CRQC), which threaten to break existing widely used cryptographic algorithms such as Rivest-Shamir-Adleman (RSA) and Elliptic Curve Cryptography (ECC).
By using ML-KEM for the TPM’s Endorsement Key, users can also rely on long-term confidentiality even if an adversary records encrypted traffic today for future decryption.
ML-DSA replaces traditional digest-based signing workflows with a scheme that signs the entire message. The new TPM commands SignVerifySequenceStart, SignSequenceComplete, and VerifySequenceComplete provide comprehensive support for signing and verifying signatures over messages of arbitrary size.
“I would like to commend our members for their hard work in updating our specifications for PQC,” said Co-Chair of the TCG’s TPM Work Group, Chris Fenner. “Releasing our first TPM specification with PQC capabilities is not only a critical milestone for TCG, but for every vendor out there who uses our standards and wants to ensure their customers’ data remains secure.”
Both cryptographic algorithms supported by the new specification are standardized by the National Institute of Standards and Technology (NIST). These algorithms are among the first to be standardized globally for defending against quantum-era threats.
Trusted Platform Module 2.0 v185 also introduces support for Curve25519 and Curve448, enabling improved compatibility with systems and protocols designed for use with those curves such as ISO 15118.
For more information about the specification, please visit the TCG website.
-ENDS-
About TCG
TCG is a not-for-profit organization formed to develop, define and promote open, vendor-neutral, global industry specifications and standards, supportive of a hardware-based root of trust, for interoperable trusted computing platforms.
TCG enables secure computing through open standards and specifications. Benefits of TCG include protection of business-critical data and systems, secure authentication and strong protection of user identities, and the establishment of strong machine identity and network integrity. More than a billion devices include TCG technologies.
X: @TrustedComputin
LinkedIn: https://www.linkedin.com/company/trusted-computing-group/
Membership in the Trusted Computing Group is your key to participating with fellow industry stakeholders in the quest to develop and promote trusted computing technologies.
Standards-based Trusted Computing technologies developed by TCG members now are deployed in enterprise systems, storage systems, networks, embedded systems, and mobile devices and can help secure cloud computing and virtualized systems.
Trusted Computing Group announced that its TPM 2.0 (Trusted Platform Module) Library Specification was approved as a formal international standard under ISO/IEC (the International Organization for Standardization and the International Electrotechnical Commission). TCG has 90+ specifications and guidance documents to help build a trusted computing environment.