A Trusted Platform Module, TPM, can be used for several purposes. Most PC users learn about the TPM when they upgrade – or want to upgrade – to Windows 11. Indeed, the latest version of Windows requires a TPM 2.0 chip to be present. Allegedly, Microsoft uses it to secure your system and improve your user experience. Among the many features of a TPM, there is a source of entropy. That phenomenon kills us all at the end of the day. But before reaching that deadline, and in computer science at least, it is required if you need truly random numbers. And crypto needs it a lot.

If you don’t have a TPM or want another entropy source, you can buy dedicated hardware. For example, I am using TrueRNGpro by ubld.it (here). But is there a middle path? Yes. Maybe your motherboard can be extended with a TPM module. If so, you can buy such a module for a few bucks. For my system, I found several ones for less than $30. Installing the module is trivial: plug it in. You may need to enable it in the BIOS as well. More importantly, check the pinout and interface before picking your module. The mobo documentation is your best friend for this exercise. A few years ago, I created a C/ASM routine to generate random bytes, using the best available entropy source at runtime. Now that TPMs are becoming ubiquitous, it will be worth the time to check how well they work. Stay tuned!