TPM Speed of Computer

[Shortyman]

Has anyone ever done speed tests on TPM embedded in chip or TPM Module? Which offers a speed improvement or benefits of either? Linus?

[ShadowDog]

5 minutes ago, spunk.funk said:

TPM, or Trusted Platform Module, is a security technology used to secure cryptographic keys and provide secure boot capabilities. It is not directly related to internet speed or bandwidth, so it's not possible to perform a speed test for TPM. There are no processing speed improvements either. 

Not only this, but i believe its even required for certain operating systems including Windows 11, altough one could technically make a custom windows ISO with the requirement disabled i believe.

[Shortyman]

Sorry maybe i did not make myself entirely clear but you're somewhat right. I have a AMD CPU with the TPM enabled in the BIOS. I also have the TPM 2.0 module for the motherboard. I was curious if the TPM module in the CPU takes away CPU cycles or the previous stuttering issue from AMD compared to the TPM module i can plug in the module slot on my motherboard.

 

Also Curious if the TPM module in any of these forms cause any of the windows features listed below to cause one to work better than the other. There is different use cases for in CPU and motherboard TPM as one can be more easily hacked. But that aside it seems an interesting question.

 

Feature	Benefits when used on a system with a TPM
Platform Crypto Provider	If the machine is compromised, the private key associated with the certificate can't be copied off the device. The TPM's dictionary attack mechanism protects PIN values to use a certificate.
Virtual Smart Card	Achieve security similar to that of physical smart cards without deploying physical smart cards or card readers.
Windows Hello for Business	Credentials provisioned on a device can't be copied elsewhere. Confirm a device's TPM before credentials are provisioned.
BitLocker Drive Encryption	Multiple options are available for enterprises to protect data at rest while balancing security requirements with different device hardware.
Device Encryption	With a Microsoft account and the right hardware, consumers' devices seamlessly benefit from data-at-rest protection.
Measured Boot	A hardware root of trust contains boot measurements that help detect malware during remote attestation.
Health Attestation	MDM solutions can easily perform remote attestation and evaluate client health before granting access to resources or cloud services such as Office 365.
Credential Guard	Defense in depth increases so that even if malware has administrative rights on one machine, it is significantly more difficult to compromise additional machines in an organization.

[Shortyman]

 I have a AMD CPU with the TPM enabled in the BIOS. I also have the TPM 2.0 module for the motherboard. I was curious if the TPM module in the CPU takes away CPU cycles or the previous stuttering issue from AMD compared to the TPM module i can plug in the module slot on my motherboard.

 

Also Curious if the TPM module in any of these forms cause any of the windows features listed below to cause one to work better than the other. There is different use cases for in CPU and motherboard TPM as one can be more easily hacked. But that aside it seems an interesting question.

 

Feature	Benefits when used on a system with a TPM
Platform Crypto Provider	If the machine is compromised, the private key associated with the certificate can't be copied off the device. The TPM's dictionary attack mechanism protects PIN values to use a certificate.
Virtual Smart Card	Achieve security similar to that of physical smart cards without deploying physical smart cards or card readers.
Windows Hello for Business	Credentials provisioned on a device can't be copied elsewhere. Confirm a device's TPM before credentials are provisioned.
BitLocker Drive Encryption	Multiple options are available for enterprises to protect data at rest while balancing security requirements with different device hardware.
Device Encryption	With a Microsoft account and the right hardware, consumers' devices seamlessly benefit from data-at-rest protection.
Measured Boot	A hardware root of trust contains boot measurements that help detect malware during remote attestation.
Health Attestation	MDM solutions can easily perform remote attestation and evaluate client health before granting access to resources or cloud services such as Office 365.
Credential Guard	Defense in depth increases so that even if malware has administrative rights on one machine, it is significantly more difficult to compromise additional machines in an organization.