It’s just a little cpu and some nonvolatile memory running a program. You can send it messages, and it will send back replies, but you cannot control which program is running on it. Of course this is vague enough that it could implement almost anything you want.

What makes it a TPM is the protocol it answers to. The TPM has a hardware RNG, and you can just ask it for some random numbers. That’s very simple. You can have it create encryption keys for you, since those are primarily just random numbers. You can ask it to _store_ a key for you, to be released to anyone who asks for it provided the TPM is in a certain state. What is this state? This is the really interesting part of the TPM.

The TPM has a number of registers that start off empty when the computer boots. At any point any program running on the computer can send a message to the TPM that asks it to incorporate an input into one of these registers. The input is a number, and the new value of the register is basically just the hash of the current value of the register and the new input.

If the BIOS/UEFI computes a hash of its own code plus the bootloader’s code and measures that into a register on the TPM then the bootloader could check the TPM to make sure that it hasn’t been tampered with before it boots. It’s easier though if the bootloader hashes the kernel (and the kernel command line) that it’s going to run and measures that into the same register. The kernel can then hash the initial ram disk and measure that in. At each step of the process we can measure the next important part of the OS and incorporate its value into the same register and at the very end we will have a number. If that number is the same every time we boot up the computer then we know that the computer and the software have not been tampered with. We can even send that number off over the network as part of a Remote Attestation protocol. You might have all the laptops you supply to your employees do this so that you can know that they haven’t been tampered with. Or all of your cloud instances could do this for the same reason. (Of course the exact number that the TPM ends up storing changes after every OS upgrade, and you need to have some way of knowing what numbers to expect, so this is a fair amount of work.) Remote Attestation is not really of any use to the average consumer, but reliably detecting a hacked OS would be.

Going back to encryption keys, you could store the encryption key for your home directory in the TPM, locked to a specific value of a specific register. You would then not be able to unlock your home directory if the computer has been tampered with. An attacker who boots off of a USB drive can’t possibly arrange for the same value to end up in the TPM, even assuming that they know what value is required. It will do them no good to take the encrypted disk out of the computer and put it in another one, because the key doesn’t go with it. Rubber hose cryptography isn’t useful either, even if there is also a password for your account. This should be quite valuable to many, if perhaps not all, users.