Microsoft Pluton vs TPM: The differences and similarities
10 min. read
Updated on
Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more
Key notes
- Microsoft Pluton is a relatively newer technology than the TPM.
- If we compare the Microsoft Pluton vs. TPM, we can find some differences and similarities in terms of features, performance, and effectiveness.
- This article explains some other essential information about these two security chips for Windows devices that you may want to know.
Are you curious about Microsoft Pluton? Do you want to know about the difference between this new security processor and the existing popular one? This article is all about Microsoft Pluton vs. TPM.
Microsoft already announced its security processor called Microsoft Pluton. It is currently known as the future of the next generation of Windows PCs, laptops, and tabs. Also, many people have started considering it as a powerful alternative for TPM.
As MS Pluton seems to be an alternative, what will be the future of TPM? Also, there is a lot of confusion among the people about these two chips, particularly the Pluton.
In this article, we will try to bring the end to all of these confusions so you can understand these two security modules properly, find their differences, and know some essential key information.
What does a security processor do?
A security processor is a dedicated chip embedded into modern devices or microprocessors that handles multiple security measures that improve security and create resistance against various security threats, including cyber-attacks.
Without a security chip, we cannot imagine any modern smart devices. It has been an industry standard now. There are various security processors we see in different types of devices. Some of the known chips are HSM, TPM, Secure Enclave, Microsoft Pluton, etc.
TPM has been an industry-standard security chip for PCs for years. However, Recently, Microsoft Pluton has entered the competition. So, we will talk about these two security modules in this article and find the differences and similarities.
Microsoft Pluton vs. TPM: The similarities and differences between two security processors
What is Microsoft Pluton?
Microsoft Pluton is a security processor for modern smart devices which was first introduced for Xbox game consoles back in 2013. Later, it was introduced on Azure Sphere to bring better security. In this year, the Pluton has landed on the PC and laptops too.
AMD Ryzen 6000 series laptop CPUs have come with MS Pluton embedded into it. Qualcomm and Intel are also bringing support for Pluton with their processors.
People think that, in the future, Pluton may replace the TPM chips for Windows devices as it provides the same level of security plus some other extra benefits.
The main goal of Microsoft Pluton is to bring better security in the PC industry as well as provide better protection for Windows 11 or future Windows operating systems. Microsoft has claimed that Pluton has solved the weaknesses of TPM.
Key features
1. Physical attack resistance
Pluton provides much better security than the traditional security chips. It is because the MS Pluton comes as a built-in part with the CPU itself rather than being available as a separate module.
As a result, there is no external communication between the CPU and the security processor. So, the data passing between chips are not exposed to physical attacks.
2. Security updates from the cloud
Microsoft has announced that their new security chip will get the update directly from the cloud via Windows update. As a result, the security module’s framework will always remain up to date, which will make it very secure.
3. Trusted and proven
Pluton is already a proven chip with better technology. Microsoft has been using this security module in Xbox and Azure Sphere for years. They also collaborated with other companies like AMD, Intel, Qualcomm and now collaborating with other ecosystem partners. It has made the Pluton more trusted and reliable.
Compatibility
One of the fantastic things about this new security chip is it is totally compatible with the existing security systems that have been used for Windows computers. Pluton works with existing TPM APIs. So, you can continue using BitLocker and System Guard without any problem.
Limitations
No security chip is hacker-proof. Pluton is not different. But, It is indeed a better option than the existing ones which have been used on PCs, laptops for years. If you talk about the realistic limitation, we only see one thing. That is, Pluton is relatively new for the computer industry. There are no other significant things that we can see as limitations or downsides.
What is TPM?
The full form of TPM is the Trusted Platform Module. It is a tiny chip that enhances your computer’s security. It provides cryptographic keys to the computer operating system for doing various tasks that require authentication.
TPM can be separate from CPU and memory or sometimes may be embedded into the CPU. The PC industry has been using this small security chip for years.
When the first time it was introduced, it brought a lot of security advantages which were game-changers.
Sometimes, TPM can be totally virtual. It means there may not be any physical chip. It will work as software. But, security experts don’t recommend this type of TPM.
Modern Windows operating systems require TPMs for security purposes. When Windows 11 was introduced, it was mandatory to have TPM version 2.0 on a computer in order to be able to run Windows 11. In that time, people started to know about TPM more.
But, TPM was introduced as the industry standard in 2009. Since then, we have got several TPM versions.
Key features
1. Trusted
TPM has been in the industry for quite a long time. As a result, it has gained trust in the industry. Else, this security module has been protecting users for many years without any major drawbacks.
2. Resistance against cyber threats
TPM has been improved a lot after a lot of developments over the past few years. It can now protect users from more types of threats. The latest version of TPM can use different algorithms to protect against specific threats in case the existing algorithm doesn’t work.
In this way, it has gained strong resistance against various cyber attacks.
3. Variousness
There are different types of TPMs available. Each of them has little difference in terms of performance and features. TPM can be available as a separate external module on your motherboard, or it can be integrated into the CPU.
Else, there are Firmware or software-based TPMs too. These are similar in terms of functionalities. However, the physical ones are always a bit better for security and smoothness.
Compatibility
As TPM has been available in the PC industry for a very long time, there are no major compatibility issues. Many matured authentication systems and security solutions are already utilizing TPM.
Windows Hello, BitLocker, Measured boot, Credential guard, etc., utilize the TPM to ensure better security. Microsoft Pluton is also compatible with the existing solutions that are using TPM.
Limitations
Basically, TPM is a very secure technology. However, it has some downsides too. Software-based or virtual TPMs may have bugs. Also, it provides security against theft of the system only. TPM can be more vulnerable to external attacks while rebooting the system.
It has more minor flaws. As a result, new security chips are under development to replace TPM.
How is Pluton different than TPM?
Though TPM can be integrated into the CPU, usually, it comes as a separate hardware chip that communicates with the CPU via the appropriate communication channel. That leaves the data vulnerable, especially when cybercriminals get physical access to a computer.
On the other hand, Microsoft Pluton is built-in with the processor itself. It reduces the chance of physical attacks.
Microsoft Pluton is the next step of TPM. It means the Pluton is far more advanced than the TPM. According to Microsoft, Pluton has solved many security issues of TPM.
Another difference is the updating process. TPM firmware gets an update from different channels. It may not get a proper update in some cases due to various factors. But, Microsoft Pluton has one official channel for the update. So, the update process is much more stable and better.
Microsoft Pluton also uses the SHACK (Secure Hardware Cryptography Key) technology that hides the data from the rest of the system, even from the Pluton firmware. It makes the encryption keys not exportable from this new security chip. For TPM, it is not the case.
Pluton also can emulate TPM and act as an ideal alternative to this security chip. It allows MS Pluton to work smoothly with existing software that utilizes the TPM features. However, on the other hand, TPM cannot emulate the Pluton.
There are many other minor differences exists between these two security processors. But, significant ones have been mentioned to give you an idea.
Microsoft Pluton vs. TPM: Main similarities
When we have already discussed the differences, we cannot ignore the similarities. The first similarity is that both are security chips, which are made to provide better security for Windows users.
Both Pluton and TPM store cryptographic keys and other data that are used to verify various things of OS in the hardware. Both technologies are compatible with existing features like Bitlocker, Windows Hello, etc.
People may have a misconception that only Pluton has the feature to protect digital media rights using DRM technology. In fact, TPM also can do the same. Also, both of them can protect software licenses.
Though not in all cases, sometimes, like Microsoft Pluton, you may see the TPM is directly embedded into the SoC.
Will Pluton end piracy on Windows?
Microsoft has ended piracy on Xbox using the Pluton chip and integrating the software with it. Now, people may want to know if the same thing will happen on Windows 11 or not.
Though Pluton has not come into the mainstream market yet, right now, Microsoft addressed that the objective to bring their own security chip is to improve the security of the Windows operating system. As things may change, we may see DRM technology may be strictly used on Windows using the advantage of Microsoft Pluton.
However, Microsoft also addressed that OEMs have the option to turn Pluton off and use the TPM or just use the Pluton as the replacement. So, If Microsoft plans to end piracy on Windows, it may not happen anytime soon.
What is the future of TPM?
Microsoft partnered with AMD, Intel, and Qualcomm to bring Pluton in the future PCs. AMD is using Pluton for their Ryzen 6000 series processors. But, the OEMs will be the ones who will decide what will be the default security chip in their laptops or PCs.
However, We are seeing that some pluton-enabled laptop models are coming. It doesn’t say anything about the TPM’s future.
Before releasing Windows 11, Microsoft made the TPM 2.0 as one of the key requirements to run their new desktop operating system. So, Many users with old systems were not able to install Windows 11.
Microsoft is continuously bringing new features and changes to its latest operating system. In the recent Windows 11 Build 22572, Microsoft has brought some changes that indicate that Windows 11 is not finished yet. We will see more features and changes that will make it complete.
We can predict that if Microsoft releases Windows 12 in the near future, they may make the Pluton as the requirement to run this next-generation Windows OS. However, for this, there should be a significant amount of Pluton-enabled PCs and laptops in the market.
If the above thing happens, the future of TPM may be ended there for Windows devices. However, to gain that much market share, Microsoft will need to do many things that may require a few years.
So, if you don’t have a Pluton-enabled computer right now, you should not worry.
This article has explained the differences and similarities between Microsoft Pluton and TPM, along with some essential information. If you have any thoughts or opinions about the topic, just let us know in the comment box.
User forum
0 messages