Why is hardware-based disk encryption that uses Trusted Platform Module (TPM) technology stronger than encryption that uses Windows' Encrypting File System (EFS)?

More and more laptops now have a built-in TPM chip as a security feature, and this is a good step forward in protecting the confidential data of mobile users. EFS is a pretty good balance between security, stability, and usability because it's implemented in the OS and has so little effect on the user and doesn't introduce stability problems. Third-party encryption products I've looked at either made life difficult for users by saddling them with key management and encryption/decryption tasks or caused stability problems.

However, EFS is vulnerable to sophisticated attackers who gain physical access to the computer, provided they're skilled enough to tamper with the OS. EFS encryption keys are stored by the OS in the registry, where despite some imaginative and innovative protection methods, they're vulnerable—especially when they're owned by local accounts on computers that don't belong to a domain.

TPM, on the other hand, stores encryption keys in a tamper-resistant chip similar to an internal smart card. The key never leaves the chip; all encryption and decryption operations are carried out on the chip itself. This significantly raises the bar on the sophistication and equipment required to steal the key. Of course, authentication to the TPM is just as important as protecting the key itself, and most laptops today let you use a fingerprint, smart card, or token to authenticate. TPM and Windows XP can coexist effectively, but Windows Vista will have features specifically built to add value to TPM—such as full-volume encryption integrated with TPM—so stay tuned.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.