How to securly store arbitrary data in TPM?

by

Summary

A Windows TPM cannot directly store arbitrary data. The only safe and architecturally correct pattern is to seal (encrypt) your data using a TPM‑protected key and store the encrypted blob outside the TPM. Properties attached to NCrypt keys do not live inside the TPM; they live in the Windows Key Storage Provider (KSP) on disk.

Root Cause

The TPM is designed with extremely limited non‑volatile storage and is optimized for key protection, not general data storage.
Key points:

  • TPM NV memory is small and reserved for internal structures.
  • Windows CNG/PCP stores metadata and properties on disk, not inside the TPM.
  • TPM operations revolve around sealing/unsealing, wrapping, and non‑exportable key usage, not arbitrary data persistence.

Why This Happens in Real Systems

Real TPM implementations avoid arbitrary storage because:

  • Security model: TPM protects keys, not bulk data.
  • Hardware constraints: NV storage is tiny and expensive.
  • Performance: TPMs are slow for large data operations.
  • OS integration: Windows KSP abstracts key metadata and stores it on disk for flexibility.

Real-World Impact

Misunderstanding TPM storage leads to:

  • False assumptions about where sensitive data resides
  • Incorrect threat models (e.g., assuming TPM stores your blob)
  • Designs that break across hardware vendors
  • Insecure fallback paths if developers rely on KSP properties for confidentiality

Example or Code (if necessary and relevant)

Below is a minimal example of sealing data using a TPM‑protected key (conceptual C++ using Windows APIs):

// Pseudocode: Seal data using a TPM-backed key
NCRYPT_PROV_HANDLE prov = 0;
NCRYPT_KEY_HANDLE key = 0;

NCryptOpenStorageProvider(&prov, MS_PLATFORM_CRYPTO_PROVIDER, 0);
NCryptCreatePersistedKey(prov, &key, NCRYPT_RSA_ALGORITHM, L"MyTPMKey", 0, NCRYPT_OVERWRITE_KEY_FLAG);
NCryptFinalizeKey(key, 0);

BYTE encrypted[4096];
DWORD encryptedSize = 0;

NCryptEncrypt(key, data, dataSize, nullptr, encrypted, sizeof(encrypted), &encryptedSize, 0);

This produces a TPM‑sealed blob that you store on disk. Only the same TPM can decrypt it.

How Senior Engineers Fix It

Experienced engineers follow these principles:

  • Never store arbitrary data in TPM NV memory
  • Always seal data using a TPM‑protected key
  • Store encrypted blobs externally (disk, registry, DB)
  • Use PCP (Platform Crypto Provider) for TPM‑backed keys
  • Rely on TPM for confidentiality + integrity, not persistence

They design systems where:

  • TPM = root of trust
  • Disk = storage
  • OS = policy + access control

Why Juniors Miss It

Common misunderstandings include:

  • Assuming TPM is a “secure flash drive”
  • Believing NCrypt properties live inside the TPM
  • Not realizing TPM NV memory is tiny and restricted
  • Confusing key storage with data storage
  • Overestimating TPM performance and capabilities

The key takeaway:
You never store arbitrary data in a TPM. You seal it with a TPM‑protected key and store the encrypted blob elsewhere.

Leave a Comment