Chapter 14 Β· Concepts

Encryption Technologies β€” Core Concepts

Comparison tables and visual guides for TPM, HSM, KMS, and Secure Enclave.

The Four Hardware Encryption Technologies

TechnologyWhat It IsWhere It LivesPrimary UseScale
TPMChip on the motherboardBuilt into deviceDevice encryption (BitLocker), measured boot, device attestationSingle device
HSMDedicated hardware appliance or PCIe cardData center / server rackCA keys, payment processing, enterprise key vaultEnterprise / many applications
KMSSoftware service (often HSM-backed)Server / cloud serviceKey lifecycle management, rotation, audit, access controlEnterprise / cloud
Secure EnclaveIsolated coprocessor in main chipMobile device / modern PCBiometric data protection, device encryption keysSingle device

TPM Capabilities

Key Generation & Storage

The TPM generates its own cryptographic keys using its internal random number generator. Keys can be stored inside the TPM's non-volatile memory β€” they never need to be exported to the main system.

Keys bound to the TPM are hardware-bound: they can only be used on that specific device.

Measured Boot

At each boot stage, the TPM measures (hashes) the firmware, bootloader, and OS. These measurements are stored in Platform Configuration Registers (PCRs).

Keys can be "sealed" to specific PCR values β€” they will only be released if the system boots in exactly the expected state. Malware in the boot path = measurements don't match = key not released.

BitLocker Integration

Windows BitLocker uses the TPM to seal the drive encryption key. At boot, the TPM verifies the boot measurements match expected values, then releases the key to decrypt the drive.

Removing the drive and connecting to another machine fails β€” that machine has a different TPM with no record of the sealed key.

Remote Attestation

The TPM can produce a cryptographically signed report of the device's current PCR measurements. A remote server can verify this report to confirm the device is in a known-good state before granting access to a network or resource.

TPM vs. HSM: Key Differences

FeatureTPMHSM
Form factorChip soldered to motherboardNetwork appliance or PCIe card
AccessLocal to one deviceNetwork-accessible by many applications
ThroughputLow β€” personal useHigh β€” hundreds of ops/second
Tamper responseLimitedActive key destruction on tamper detection
CertificationTCG standardFIPS 140-2 Level 3 or 4 (typically)
Cost~$1-5 (built into device)$5,000 – $50,000+
Use caseDevice encryption, attestationCA, payment keys, enterprise vault

Key Management System β€” Lifecycle Flow

1
Generation
KMS generates cryptographic keys using a secure source of randomness (often backed by HSM hardware entropy). Keys are created with defined purposes and expiration policies.
↓
2
Storage
Keys are stored encrypted within the KMS (backed by an HSM or protected master key). Applications never receive raw key material β€” they call the KMS API to perform operations.
↓
3
Distribution
Applications authenticate to the KMS and receive authorization to use specific keys. The KMS performs the cryptographic operation on the application's behalf, or issues a time-limited data encryption key.
↓
4
Rotation
KMS automatically rotates keys on a configured schedule. New data is encrypted with the new key; data encrypted with old keys can still be decrypted during the transition period. Old keys are retired.
↓
5
Revocation & Destruction
If a key is suspected compromised, it is immediately revoked. The KMS logs all access and provides an audit trail. At end of life, keys are cryptographically destroyed (overwritten with zeros and confirmed).

Secure Enclave: Isolation Architecture

Isolation from the main OS

The Secure Enclave has its own boot ROM, encrypted memory, and dedicated storage. The main processor cannot read the enclave's memory through normal instructions β€” hardware memory protection barriers enforce isolation.

Biometric protection

On Apple devices, Touch ID fingerprint templates and Face ID mathematical models are stored exclusively in the Secure Enclave. The biometric sensor sends raw data to the enclave for comparison β€” the main CPU never sees the templates or the raw biometric data.

Device encryption key

The device's file system encryption key is stored in the Secure Enclave, protected by a unique device identifier (UID) fused into the enclave hardware during manufacturing. Apple cannot access this key β€” it is not stored anywhere else.

Even a compromised OS cannot access enclave data

If malware fully controls the main operating system, it still cannot extract keys or biometric data from the Secure Enclave. The hardware isolation is enforced at the silicon level, not by software.