Which of the following has a storage root key?

A.
HSM

B.
EFS

C.
TPM

D.
TKIP

Explanation:
Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the
system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores
cryptographic keys, passwords, or certificates on non-volatile (NV) memory. Data stored on NV memory is
retained unaltered when the device has no power. The storage root key is embedded in the TPM to
protect TPM keys created by applications, so that these keys cannot be used without the TPM.
Incorrect Answers:
A: Hardware Security Module (HSM) hardware-based encryption solution that is usually used in
conjunction with PKI to enhance security with certification authorities (CAs). It is available as an expansion
card and can cryptographic keys, passwords, or certificates. However, the HSM does not have a storage
root key.
B: Encrypting File System (EFS) is used to encrypt files or entire volumes in a Windows computer. It uses
certificates to encrypt the data but do not have a storage root key.
D: TKIP (Temporal Key Integrity Protocol) is an encryption protocol used in Wireless networks. It was
designed to provide more secure encryption than the relatively weak Wired Equivalent Privacy (WEP) and
does not have a storage root key.
http://www.cs.bham.ac.uk/~mdr/teaching/modules/security/lectures/TrustedComputingTCG.html
http://en.wikipedia.org/wiki/Hardware_security_module
http://searchmobilecomputing.techtarget.com/definition/TKIP
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 171, 237