Security mechanisms are commonly used by computer systems to secure data stored on the computer system and/or secure the operation of the system itself. For example, data may be encrypted to prevent or limit unauthorized access to the data. Additionally, computer systems may authenticate a boot image before it is executed by the central processing unit (CPU), thereby improving the security of the system itself as well as the data stored on the system.
Conventional computer systems utilize a trusted platform module (TPM) to perform authentication operations. For example, the CPU may execute microcode which accesses a boot image and sends the boot image to the TPM for authentication. The TPM is often implemented in software or in a hardware device separate from the CPU. Once authenticated, the conventional computer system will run the authenticated boot code for booting the system.
Although TPMs are commonly used on desktop (e.g., non-portable) computer systems, they are susceptible to various avenues of attack. For example, unauthorized users may compromise system and/or data security by executing code-based attacks, hardware-based attacks, or the like, on the TPM or other system components. As such, TPMs provide insufficient security measures for certain systems and/or data.