vTPM

vTPM, or virtual Trusted Platform Module, is a virtualization-enabled implementation of a TPM that provides the functionality of a hardware TPM to virtual machines. A vTPM allows a VM to perform cryptographic operations, store keys securely, and use TPM-based attestation and sealing without requiring a dedicated physical TPM per VM. In typical deployments, the hypervisor or host provides the vTPM, and each VM receives its own vTPM instance, which may be backed by a hardware TPM, a software emulator, or a combination of both.

In operation, a vTPM presents the TPM interface to the guest OS (for TPM 1.2 or 2.0

Security and use cases: vTPMs enable secure boot or measured boot for virtual machines, protect disk encryption

Standards and implementations: vTPMs are aligned with the Trusted Computing Group TPM 1.2/2.0 standards. Implementations appear