TPM based security. Any good?

[proud2deviate]

So I just discovered my laptop has a TPM chip installed. I downloaded the software and set it up, and I now have a supposedly encrypted partition on my hard drive. I'm wondering; how strong is the encryption/security of such a setup? This is mostly out of idle curiosity. Is it just good enough to keep honest people honest, as they say, or is there any genuine security behind it? Of course, I'm sure that any security measures can be defeated, the only variable being the degree of difficulty involved.

So, in short, is TPM worth a damn?

 

[storl]

Well, any encryption can eventually be cracked, but unless you have government secrets on there, I doubt anyone would go through the effort.

 

[Sevorius]

I am not a fan of the TPM chip, it is intended more to protect the industry than the consumer. read this Article and you'll see why. for encryption I use Truecrypt, its free and offers very high levels of protection including triple cascading algorithms. It lets you choose from AES, Twofish, Serpent, or any cascading combination thereof. It also allows you to create a hidden encrypted partition within an encrypted partition which is very nearly impossible to detect because "The principle is that a TrueCrypt volume is created within another TrueCrypt volume (within the free space on the volume). Even when the outer volume is mounted, it is impossible to prove whether there is a hidden volume within it or not, because free space on any TrueCrypt volume is always filled with random data when the volume is created and no part of the (dismounted) hidden volume can be distinguished from random data" You can learn a lot about encryption in general at http://www.truecrypt.org/. What do I have on my PC that needs this kind of protection? well to be honest... nothing I just think its really cool. Any encryption could theoretically be broken by means of brute force (trying every combination), but the amount of time and power required is unfathomable. One article on wikipedia claims that "The amount of time required to break a 128-bit key is also daunting. Each of the 340,282,366,920,938,463,463,374,607,431,768,211,456 possibilities must be checked. A device that could check a billion billion keys per second would still require about [10 to the 13th power] years to exhaust the key space. This is a thousand times longer than the age of the universe, which is about 13,000,000,000 years." AES has not yet been cracked, and the 128 bit and 256 bit keys are extremly safe for the moment until someone comes up with a method exponentially faster than brute force, and although many people have tried none have been successful. One pair of mathematicians claimed it was possible in theory, but it is currently impossible to even test much less succeed. you can read about that here.