What is the Microsoft Pluton security processor?
A quick look at Microsoft's new approach to CPUs that promises to revolutionise Windows security
Microsoft Pluton is a new type of secure processor that promises to revolutionise PC security by housing sensitive data inside the chip.
This approach deviates markedly from existing processor architecture, which normally forces the CPU to communicate with a separate trusted platform module (TPM), which stores sensitive data such as encryption keys and critical system information. As cyber security threats have become more sophisticated, hackers have started to target the TPM, something which has led to an explosion in the number of potential attack vectors.
Pluton is designed to address this vulnerability by effectively removing this channel of communication and instead hosting this sensitive information inside the chip. Microsoft claims this makes it impossible to lift things like encryption keys from the hardware, regardless of the type of attack used.
How does Microsoft Pluton work?
On most PCs today, operating system security is largely handled by the trusted platform module (TPM). This separate hardware component that stores encryption keys and has been a mainstay in computing for more than a decade. Today it’s used to support Windows security programmes like Hello and BitLocker.
The CPU needs to communicate with the TPM, usually across a bus interface, in order for this information to be shared. However, this communication channel also exposes this information to the outside world, something which is frequently being targeted and exploited by hackers in order to lift sensitive data as it moves.
Pluton attempts to solve this by removing this communication channel altogether. Instead, the CPU emulates a TPM onboard the chip, complete with the same specs and APIs, and while still being able to support the same security features that Windows users have come to know. Data such as encryption keys, user biometric data, and account credentials can all be stored directly on the Pluton processor, which are effectively isolated.
Secure Hardware Cryptography Key (SHACK) technology is also used to encrypt the data it holds, adding an additional layer of security.
Hackers would be unable to extract this data as a result, even if they have malware installed or physical access to the machine, according to Microsoft.
When will Pluton processors be released?
The Pluton architecture is expected to feature in a future range of chips designed by AMD, Intel, and Qualcomm. No release date has been given.
Four cyber security essentials that your board of directors wants to know
The insights to help you deliver what they needDownload now
Data: A resource much too valuable to leave unprotected
Protect your data to protect your companyDownload now
Improving cyber security for remote working
13 recommendations for security from any locationDownload now
Why CEOS should care about the move to SAP S/4HANA
And how they can accelerate business valueDownload now