If you want to know more about Vista's use of the TPM, Sarad, I suggest that you subscribe to the "cypherpunks" mailing list. An anoymous message was sent to the list on September 7 which outlined Vista's TPM use and discussed some security implications. Although the list has not been too active, it has the advantage of accepting anonymous postings, which the moderated cryptography mailing list does not. If you would pay attention to the contents of that list, you would have found many of your questions answered even before you asked them. Here is an excerpt from that posting which describes typical attack scenarios and how Vista Bitlocker stops them: "Vista's new disk encryption software, called BitLocker, optionally uses this feature of the TPM to strengthen its encryption. For example, consider various attack models for disk encryption. A laptop is stolen and the attacker now seeks to decrypt the disk and recover the data." "The first step often applied in this situation is to take an image of the disk and run the attacks on that image, from a computer controlled by the attacker. This prevents the laptop OS from performing self-destruct operations or otherwise keeping the attacker from being able to reset the disk to a pristine state. But with BitLocker, the disk decryption key is sealed to a TPM key (a 2048 bit RSA key). No amount of brute force password guessing will work to recover a key from a disk image; the TPM chip itself has to be involved." "An alternative for an attacker, then, might be to use the laptop itself but to boot into another OS, such as via a Linux "Live CD" or external device. It can then mount the partitions with the encrypted data and apply similar attacks. This will give access to the TPM hardware while still preventing the BitLocker software from having control." "Again, the BitLocker design will thwart this attack, because the sealed storage locks the encrypted disk key to the boot configuration. Changing that configuration by booting into another OS will change PCR values and prevent the TPM from unlocking the key, even if the correct password is used." In exchange for providing you with this useful information, Sarad, your assigment is to find a public archive of cypherpunks mailing list postings, so that links to these messages can be provided instead of having to type long segments in verbatim. CP