TCPA feature 2: Protected Storage

• Storage Root key is created at platform activation

• Never lives the TPM

• TPM protected objects provide confidentiality and integrity

• TPM creates and protects cryptographic keys

• Protected objects can be bind to PCR values and to the specific TPM (sealing)

• Disclosure of secrets from the TPM occurs only when trusted software runs

Notes: