We understand that there is a lot of controversy regarding the support of Windows 11, its CPUs and requirements for the now famous TPM 2.0, but what not everyone knows is that outside of this very specific requirement many PCs can be compatible with Windows 11 without need for this, since both AMD and Intel have proprietary technologies that do the job, albeit in a different way.
TPM 2.0, why so much controversy with AMD fTPM vs Intel PTT?
As we say, it has been Microsoft that has implemented this standard as well as has established a series of processors as compatible and has thereby left out many others. To understand all this framework, let’s go with the most basic and from there we will fray the necklace.
TPM is short for Trusted Platform Module and it is nothing more than a standard developed by the Trusted Computing Group (ISO / IEC 11889 standard) in favor of greater security of PC platforms. This module itself can arrive in two different ways: already installed on the motherboard through a soldered chip or through a connector (there are several types) that allows the physical installation of an external module.
Said module has a physical cryptoprocessor that is responsible for providing a greater degree of security to the PC, since it is capable of storing encryption keys that encrypt our information. Most consumer motherboards do not have this module or chip soldered to the PCB, so the most common thing is that we have the connector so that after buying the module we can click it.
So why is there so much controversy with this TPM 2.0 and fTPM or PTT? Well, because the first is an essential requirement right now to install Windows 11, but at the same time Microsoft allows this to be ignored if we have one of the two versions of AMD or Intel.
AMD fTPM, a twist to TPM
AMD thought at the time that TPM as such was physically hackable on consumer PCs and after a long period of work it launched fTPM. This version is based on the principles of TPM, but although it acquires the module nickname, we will not find anything physical on the manufacturers’ boards.
fTPM is nothing more than a software solution that runs in a reliable environment within the system’s CPU and therefore requires a set of chips to function, something that is logical since currently every motherboard needs its CPU and chipset to operate correctly.
This has a good part and a bad part. The good logically is that if we want to hack the encrypted keys we need the whole PC to do it, understand PC by CPU, motherboard and SSD at least, where the other components could be exchanged, at least initially and in the absence of AMD surprises in this aspect, since the privacy of the information is high.
The bad part is that it is vulnerable to possible software bugs and also to hacking from the outside if it were to be the case (highly unlikely). As it is not a physical and removable chip such as TPM, the information remains on the PC controlled by specific AMD chips. So what about Intel PTT?
Intel PTT, based on TPM 2.0 and standalone
Intel Platform Trust TechnologyThis is how the blue giant defined its technology and point of view of something as delicate as security. This PTT offers the capabilities of the TPM 2.0 on which it is based and is therefore capable of maintaining the platform functionality for credential storage and key management for Windows 8, 10 and future Windows 11.
It also supports hard drive encryption and of course it is compatible with the secure platform designated by Microsoft for its fTPM 2.0 version. Therefore, it is like the AMD version, a software TPM concept for the masses, so that system security is improved and data extraction is made more difficult in the event of an attack or hack.
AMD fTPM vs Intel PTT, which is better for Windows 11?
On the basis that they are sister technologies and meet the same principle, since they are both TPM firmware (hence its name, although AMD has inherited it as is). Therefore, the similarities are very broad, assuming that in both cases security is provided by the system chips and not by an external physical module.
The way of proceeding of both makes the differences, where Intel PTT is now part of MEI, with all that this implies both in terms of software and hardware and above all control. From here the information is confusing, since Intel is very hermetic in everything related to security between PTT and MEI, beyond knowing that they are linked and that both the CPU and the BIOS of the system manage everything.
Instead, AMD with its fTPM leaves everything in the hands of a processor dedicated exclusively to security, which is known as PSP or Platform Security Processor. This processor, and to quote AMD (there is not much information about it available and reliable either): it is responsible for creating, monitoring and maintaining the security environment and manages from the boot process to the independent security modules of the system.
Therefore and in short, beyond the management mode and the resources they use, we cannot affirm or deny which is more optimal or better, since there is not even information. Which is better for Windows 11? It is a question that many ask, and in reality the workload is so negligible that it does not represent any kind of problem for current processors, so it does not influence in any way the performance of the system and the PC.
Here everything is really based on which of the two is more secure, since like any technology they are exposed to attacks due to the juicy loot, exactly like TPM 2.0, where unlike this both Intel and AMD can update their firmwares and correct security problems or holes. So ending, in the war AMD fTPM vs Intel PTT vs TPM 2.0 there is no winner as such, there is simply a greater or lesser degree of security depending on the attacks received and successful.