Table of Contents TPM Configuration Procedure ....................................................................................... 2 1. Configuring the System BIOS .................................................................................... 2 2. Installing the Infineon TPM Driver and the GIGABYTE Ultra TPM Utility .................. 3 3. Initializing the TPM Chip ............................................................................................. 4 3.1. 3.2. 4. Easy Mode .........
TPM Configuration Procedure To enable the TPM, follow the steps below in sequence: 1. Configuring the system BIOS 2. Installing the Infineon TPM driver and the GIGABYTE Ultra TPM utility 3. Initializing the TPM chip 4. Configuring the GIGABYTE Ultra TPM utility 1. Configuring the System BIOS To use the TPM functionality, first enter the system BIOS Setup to activate the TPM chip. Step 1: As the computer starts, enter BIOS Setup and go to the Security Chip Configuration menu.
2. Installing the Infineon TPM Driver and the GIGABYTE Ultra TPM Utility To use GIGABYTE's Ultra TPM, ensure that the Infineon TPM driver and the GIGABYTE Ultra TPM utility have been installed in your system. Method 1: Insert the GIGABYTE motherboard driver disk. "Xpress Install" will automatically scan your system and list all the drivers that are recommended for installation. Click the Install All button.
3. Initializing the TPM Chip After configuring the system BIOS and installing the driver software, a small Infineon Security Platform (This icon indicates that the Infineon Security Platform is not yet initialized.) will appear in your icon system tray. Double-click the icon to enter "Easy Mode" (refer to the instructions in Section 3.1) or select "Advanced Mode" (refer to the instructions in Chapter 3.2) and then begin to initialize and configure the Infineon Security Platform. 3.1.
Step 2: Infineon Security Platform Initialization Begin the initialization of the Infineon Security Platform. The "TPM initialization successful!" message appears upon completion of the initialization. Click Next to proceed with setting up a Personal Secure Drive (PSD). Do not log off, shutdown, enter a power-saving state, or unplug the power cord before the wizard has completed. Step 3: Set up a Personal Secure Drive (PSD) 3-1.
3.2. Advanced Mode When the GIGABYTE Initialization Wizard is launched (by double-clicking the Infineon Security Platform in the system tray), if you wish to configure further settings, click Advanced Mode to access icon the Infineon Security Platform Initialization Wizard. A. Infineon Security Platform Initialization Wizard - Owner Click Advanced Mode to launch the Infineon Security Platform Initialization Wizard.
A-2. Select Security Platform initialization and click Next to create the Security Platform Owner Password. The Infineon Security Platform Owner key is created and stored in the Infineon Trusted Platform Module together with the Infineon Security Platform Owner secret. This key is protected by the Owner Password that must be defined here. You must memorize this password in order to administrate the Security Platform.
A-3. Select Security Platform Features, which comprises Automatic Backup (includes Emergency Recovery) and Password Reset. Click Next. Details on Features Automatic Backup (includes Emergency Recovery) Check this feature, if you want to configure automatic Security Platform backups. Configuring Backup is strongly recommended. Otherwise all user data will be lost in case of emergency. You cannot uncheck this feature, if the policy Enforce configuration of Backup including Emergency Recovery is enabled.
A-5. Select Create a new Recovery Token. Then enter a new token password to be used for Emergency Recovery. A-6. Select Create a new Token to create a Password Reset Token. Then enter a new token password. A-7. Make sure you have selected all the functions you want to perform. Click Next to continue. Do not log off, shutdown, enter a power-saving state, or unplug the power cord before the wizard has completed.
A-8. Click Finish to complete the initialization and configuration of the Infineon Security Platform. Then access the Infineon Security Platform User Initialization Wizard (select the Start Security Platform User Initialization Wizard check box). B.
B-2. Set a Basic User Password and click Next. B-3. Enable the reset functionality for the Basic User Password. Select the location that you wish to save the file and then click Next. B-4. Click Next to continue the initialization.
B-5. Select the Security Platform Features you want to configure and click Next to continue. Details on Features Secure e-mail User-specific e-mail encryption and/or signing to prevent unauthorized persons from reading or changing your e-mails. Using this feature guarantees that only the e-mail creator and the specified recipients will be able to decrypt and read the message or validate the identity of the sender.
B-5-1. Use the File and folder encryption with Personal Secure Drive (PSD) as the example: To configure "Encryption Certificate", click Select. B-5-2. Click Create to create the certificate. After the certificate appears, click the certificate and click Select. B-5-3. The certificate has been selected. Click Next.
B-6. Set up a Personal Secure Drive (PSD) B-6-1. Specify a drive letter and label for your Personal Secure Drive To specify the drive letter for your Personal Secure Drive, select an unused letter from the drop-down list of available letters. To specify the drive label, enter the label in the field provided. The label should be no more than 32 characters in length. Select the Load my Personal Secure Drive at logon check box, if you want to load your PSD at logon. Click Next. B-6-2.
B-7. Click Next to continue. Do not logoff, shutdown, enter a power-saving state, or unplug the power cord before the wizard has completed. B-8. Click Finish to finish the user initialization and features configuration of the Infineon Security Platform. C. Infineon Security Platform Settings Tool With the Security Platform Settings Tool you can get various information about the Trusted Platform Module of your system.
4. Configuring the GIGABYTE Ultra TPM Utility GIGABYTE's unique Ultra TPM (Trusted Platform Module) supports the industry's most advanced TPM hardware-based encryption. With the easy-to-use Ultra TPM user interface, users can store/back up their digital signature keys on a USB flash drive or in the system BIOS. The key(s) will be erased from the computer after being stored on a USB flash drive (or in the system BIOS), preventing unauthorized access to the computer.
Step 3: Enter the User Password created in "Easy Mode" or "Advanced Mode." Click OK to continue. If you incorrectly enter the password three times, Ultra TPM will be locked. To be able to enter the password again, go to the "Security Chip Configuration" menu in BIOS Setup and then set "Security Chip" to "Enabled/Activate." DO NOT turn off or restart the computer when a user key is being generated. Step 4: Click OK to exit and complete the creation of the Portable User Key.