Differences Between TPM 1.2 and TPM 2.0

With the release of wolfTPM, it may be useful to understand the differences and benefits of TPM 1.2 and TPM 2.0. The table below outlines some of the differences/similarities between TPM 1.2 and TPM 2.0 in a side-by-side comparison.

TPM 1.2 TPM 2.0
  • One-size-fits-all specification consists of three parts
  • Required algorithms: RSA-1024, RSA-2048; SHA-1 (hashing and HMAC)
  • Optional algorithms: AES-128, AES-256
  • Required crypto primitives: RNG, key generation, a public-key crypto algorithm, a crypto hash function, a mask generation function, digital signature generation and verification, direct anonymous attestation
  • Optional crypto primitives: Symmetric-key algorithms, XOR
  • One hierarchy level (storage)
  • One root key (SRK RSA-2048)
  • HMAC, PCR, locality, and physical presence for authorization
  • NV RAM: unstructured data
  • Specification varies based on platform being used
  • Required algorithms: RSA-2048, ECC-P256, ECC-BN256; AES-128; SHA-1, SHA-2 (hashing and HMAC)
  • Optional algorithms: RSA-1024; AES-256
  • Required crypto primitives: RNG, key generation and key derivation functions, public-key crypto algorithms, crypto hash functions, symmetric-key algorithms, digital signature generation and verification, mask generation functions, XOR, ECC-based direct anonymous attestation (using the Barreto-Naehrig 256-bit curve)
  • Optional crypto primitives: none
  • TThree hierarchy levels (platform, storage, and endorsement)
  • Multiple root keys and algorithms per hierarchy
  • Password, HMAC, and policy for authorization
  • NV RAM: unstructured data, counter, bitmap, extend

If you have questions about any of the above, please contact us at facts@wolfSSL.com or +1 425 245 8247.

References: https://en.wikipedia.org/wiki/Trusted_Platform_Module