What are the differences between TPM and HSM?
TPM (Trusted Platform Module) and HSM (Hardware Security Module) are considered as cryptoprocessor, but what are the differences exactly?
Does one of them has more advantages than another?
They are similar, and TPMs can actually be used as rudimentary HSMs and keep private keys secure, though conventional HSMs are focused on performance and key storage space, where as TPMs are only designed to keep a few values (PCRs) and a single key in memory and don't put much effort into performance (cf. the 1 request/second on the SSL example).
Trusted Platform Modules
A Trusted Platform Module (TPM) is a hardware chip on the computer’s motherboard that stores cryptographic keys used for encryption. Many laptop computers include a TPM, but if the system doesn’t include it, it is not feasible to add one. Once enabled, the Trusted Platform Module provides full disk encryption capabilities. It becomes the "root of trust" for the system to provide integrity and authentication to the boot process. It keeps hard drives locked/sealed until the system completes a system verification, or authentication check.
The TPM includes a unique RSA key burned into it, which is used for asymmetric encryption. Additionally, it can generate, store, and protect other keys used in the encryption and decryption process.
Hardware Security Modules
A hardware security module (HSM) is a security device you can add to a system to manage, generate, and securely store cryptographic keys.
High performance HSMs are external devices connected to a network using TCP/IP. Smaller HSMs come as expansion cards you install within a server, or as devices you plug into computer ports.
One of the noteworthy differences between the two is that HSMs are removable or external devices. In comparison, a TPM is a chip embedded into the motherboard. You can easily add an HSM to a system or a network, but if a system didn’t ship with a TPM, it’s not feasible to add one later. Both provide secure encryption capabilities by storing and using RSA keys.
You beat me to the post. Some things I would add are that HSMs perform sign / decrypt operations _on the device_ so that the private keys never enter the RAM of the host OS. Also worth noting is that HSMs are often embedded on corporate ID badges so that when someone walks away from their desk, their computer is _no longer capable_ of decrypting / signing, even if an attacker knows all their passwords.
Very good start on PCM, do extend on sealing and PCRs though :-) An excellent application of TPMs is trusted code execution, see https://www.cs.unc.edu/~reiter/papers/2008/EuroSys.pdf
s/if a system didn’t ship with a TPM/if a system wasn't designed for a TPM/ I'm quite sure I've seen motherboards which had a special socket designed to accept a TPM. And in fact you can find plenty of evidence of this
It is not true that you cannot add a TPM chip to a motherboard later; at least not for workstation/server motherboards, you can easily add the TPM later.
This answer apepars to be plagiarised completely from this author: https://blogs.getcertifiedgetahead.com/tpm-hsm-hardware-encryption-devices/ The book was published in 2014. https://www.amazon.com/gp/product/1939136024/ref=dbs_a_def_rwt_bibl_vppi_i3 Text can be found: https://archive.org/stream/CompTIASecuritySY0401StudyGuideGetCertifiedDarrilGibsonCrackedBySystemErrorOne/CompTIA%20Security%2B%20SY0-401%20Study%20Guide%20-%20Get%20Certified%20-%20Darril%20Gibson%20~Cracked%20By%20SystemErrorOne~_djvu.txt