Microsoft is targeting to implement Trusted Platform Module (TPM) 2.0 on all new Windows 10 Mobile devices to making them super-secure. Very interestingly the target date for this implementation is you-guessed-it-right “July 28” one day before Microsoft is planning to release Windows 10 Mobile Anniversary update to market.
Devices that run Windows 10 Mobile must include a Trusted Platform Module (TPM) that implements version 2.0 of the TPM specification. The TPM can be a firmware-based solution integrated into the SoC or included as a discrete component in the device. The TPM 2.0 must meet the following requirements:
- An EK certificate must be either pre-provisioned to the TPM by the hardware vendor or be capable of being retrieved by the device during the first boot experience.
- It must ship with SHA-256 PCR banks and implement PCRs 0 through 23 for SHA-256. Note it is acceptable to ship TPMs with a single switchable PCR bank that can be used for both SHA-1 and SHA-256 measurements.
- It must support TPM2_HMAC command.
Though this implementation date for TPM 2.0 is applicable for Windows 10 Mobile IOT, Windows 10 PC and Windows 10 Server versions too.