Solving the TPM key provisioning problem with Fortanix Data Security Manager

  1. The TPM inside the device to provision.
  2. A provisioning script running on the device itself.
  3. A Fortanix Data Security Manager (DSM) account, running the Fortanix TPM Key Provisioning Plugin. This plugin will take on the role of identity CA.

List of References

  1. Trusted Computing Group, “TCG EK Credential Profile For TPM Family 2.0, Level 0, Specification Version 2.0, Revision 20,” 3 May 2017. [Online]. Section B.3. Available: [Accessed 11 May 2021].
  2. Trusted Computing Group, “Trusted Platform Module Library Specification, Family “2.0”, Level 00, Revision 01.38,”, September 2016. [Online]. Section 25.1.4. Available: [Accessed 11 May 2021].



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store



Fortanix™ has created the world’s first runtime encryption solution. Enterprises get provable, portable, and preventive security for their applications!