Microsoft Pluton - the security chip designed for the future of Windows PCs

Published by at

While our desktop and mobile OS are ever-more-secure intrinsically, there are still opportunities for hackers who have physical access to the hardware. Specifically, being able to intercept data between a computer's CPU and its TPM (Trusted Platform Module), i.e. where all the deepest keys and passwords are kept. Pluton solves this by integrating the TPM into the CPU/chipset itself. See below for the Microsoft announcement text, but essentially PCs from 2022 onwards shouldn't even be vulnerable to physical, in-person 'attacks' with sophisticated equipment. For example, if your laptop or hybrid got stolen and then taken somewhere to be broken into.

PlutonFrom the Microsoft post:

Today, Microsoft alongside our biggest silicon partners are announcing a new vision for Windows security to help ensure our customers are protected today and in the future. In collaboration with leading silicon partners AMD, Intel, and Qualcomm Technologies, Inc., we are announcing the Microsoft Pluton security processor. This chip-to-cloud security technology, pioneered in Xbox and Azure Sphere, will bring even more security advancements to future Windows PCs and signals the beginning of a journey with ecosystem and OEM partners.

Our vision for the future of Windows PCs is security at the very core, built into the CPU, where hardware and software are tightly integrated in a unified approach designed to eliminate entire vectors of attack. This revolutionary security processor design will make it significantly more difficult for attackers to hide beneath the operating system, and improve our ability to guard against physical attacks, prevent the theft of credential and encryption keys, and provide the ability to recover from software bugs.

Today, the heart of operating system security on most PCs lives in a chip separate from the CPU, called the Trusted Platform Module (TPM). The TPM is a hardware component which is used to help securely store keys and measurements that verify the integrity of the system. TPMs have been supported in Windows for more than 10 years and power many critical technologies such as Windows Hello and BitLocker. Given the effectiveness of the TPM at performing critical security tasks, attackers have begun to innovate ways to attack it, particularly in situations where an attacker can steal or temporarily gain physical access to a PC. These sophisticated attack techniques target the communication channel between the CPU and TPM, which is typically a bus interface. This bus interface provides the ability to share information between the main CPU and security processor, but it also provides an opportunity for attackers to steal or modify information in-transit using a physical attack.

The Pluton design removes the potential for that communication channel to be attacked by building security directly into the CPU. Windows PCs using the Pluton architecture will first emulate a TPM that works with the existing TPM specifications and APIs, which will allow customers to immediately benefit from enhanced security for Windows features that rely on TPMs like BitLocker and System Guard. Windows devices with Pluton will use the Pluton security processor to protect credentials, user identities, encryption keys, and personal data. None of this information can be removed from Pluton even if an attacker has installed malware or has complete physical possession of the PC.

This is accomplished by storing sensitive data like encryption keys securely within the Pluton processor, which is isolated from the rest of the system, helping to ensure that emerging attack techniques, like speculative execution, cannot access key material. Pluton also provides the unique Secure Hardware Cryptography Key (SHACK) technology that helps ensure keys are never exposed outside of the protected hardware, even to the Pluton firmware itself, providing an unprecedented level of security for Windows customers.

Another benefit of Pluton is that it 'provides a flexible, updateable platform for running firmware that implements end-to-end security functionality authored, maintained, and updated by Microsoft'. In other words, Pluton will also be integrated with the Windows Update process in the same way that the Azure Sphere Security Service connects to IoT devices. So, more secure updates that can't be tampered with.

Just a heads-up. The Windows devices you'll be using in 2030 will be, essentially, unhackable. (At the TPM/firmware level, at least. There's still plenty of room for users being tricked into installing malicious spyware and ransomware!)

Source / Credit: Microsoft