Microsoft announced that it is developing a new security chip, Microsoft Pluton. Microsoft partners AMD, Intel, and Qualcomm are participating in the development of Pluto.
The newly announced Pluto is designed with a security processor integrated into the CPU and the Xbox One, a game console created by cooperation between Microsoft and AMD. It is said that the ability to prevent key discovery and repair software bugs will become feasible.
The security core functions of most modern PC operating systems are procured by TPM (Trusted Platform Module), a semiconductor chip mounted on a main board. However, since the TPM is independent from the CPU, there has been an attack method that steals data by physically blocking communication between the TPM and the CPU through the bus interface. As a countermeasure against this attack technique, Pluto adopted a design that integrates directly into the CPU.
Windows PCs adopting the Pluto architecture can emulate TPM based on existing specifications and APIs to enhance Windows functions such as BitLocker and System Guard. In addition, Windows PCs equipped with Pluto cannot be removed by malicious code because the authentication information, user identity encryption key and personal data are stored in an independent Pluto security processor in the system. Pluto’s security processor implements a proprietary protection system called SHACK (Secure Hardware Cryptography Key) to prevent leakage of important information other than protected hardware.
The Pluto system firmware will be updated through Windows Update, and Microsoft can directly sign, repair, and update it. It is explained that it will be easier to achieve security challenges, such as keeping the system firmware up to date, provided by Windows Update.
It is not clear when a CPU equipped with Pluto will appear, but processor makers AMD, Intel, and Qualcomm have promised to integrate Pluto into future CPUs. Related information can be found here .