Trusted Platform Modules (TPMs) are hardware microcontrollers that store cryptographic keys, passwords, and digital certificates. TPMs also provide capabilities that allow authentication of devices, such as desktop computers, laptops, or cellular telephones. Once initialized, TPMs may be used to generate digital signing and encryption keys, allowing confirmation that messages are from the device that the message claims to be from. TPMs support commands including, for example, Init to initialize a TPM, TakeOwnership to set the owner value, and CreateEndorsementKeyPair to internally generate a key pair.
TPMs are often used in enterprise environments to allow systems to verify the source of information. TPMs must be securely and confidentially initialized before the keys and services provided by the device can be trusted.