PQC updates for TPM 2.0 systems using EnactTrust

New PQC features are coming with v1.85 of the TCG specification and EnactTrust eliminates the guess work how to update TPM 2.0 solutions across your systems.

TPM 2.0 solutions like the SLB 9672 and SLB 9673 already support PQC signatures for TPM updates but there is a bigger issue ahead. SLB9678 will have full PQC capabilities and these capabilities will be rolled out with multiple TPM updates. Manufacturers and OEMs will have to manage multiple TPM variants and TPM versions, and at the same time apply the latest updates from TPM vendors for CRA compliance.

The new TPM 2.0 specification v1.85 by the Trusted Computing Group defines PQC algorithms like ML-KEM and ML-DSA for standard operations like encryption, measured boot and attestation. While new TPM 2.0 solutions are being developed to have the capabilities from v1.85 the existing products will also receive significant updates in the next years before PQC-ready TPMs are widely available.

Multiple challenges arise from this major change and our solution covers all of them:

1. EnactTrust supports TPM updates with and without PQC signatures
2. EnactTrust can manage the TPM versions across multiple systems and pick the right one for the update without manual steps and without downtime
3. EnactTrust can recover a TPM from interrupted update (for example due to power loss during update).
4. TPM vendors have different approach to TPM updates but with EnactTrust there is a single unified approach for updating TPM 2.0 solutions. This is true also for PQC-ready TPM 2.0 and legacy TPM 2.0.
5. EnactTrust supports offline updates for products without connectivity
6. EnactTrust also supports online TPM update procedure that also provides the benefits of observability and management of TPMs across your systems
7. All EnactTrust variants can work on large and small systems because our solution is designed for memory constrained embedded systems.
8. All EnactTrust variants have small memory footprint.
9. EnactTrust offers direct support to all of its customers.
10. EnactTrust can update any TPM 2.0 compliant solution currently on the market as of April 2026

Schedule a call to discuss more technical details and our licensing options.

Request more information

Maintain old TPM 2.0 systems using EnactTrust

In use since 2014, TPM 2.0 like the Infineon SLI 9670 require updates. EnactTrust eliminates the manual steps in TPM updates.

Detailed view of automated machinery with warning signals in an industrial setting.

Industrial TPM 2.0 updates using EnactTrust

High security guarantees require the latest TPM 2.0 vendor update for Trusted Platform Modules used in your Industrial systems.

Close-up of a digital payment terminal on a wooden desk with receipts and currency notes.

TPM updates for IoT products using EnactTrust

More than ever IoT devices today use TPM 2.0 for security but many are not using the latest TPM vendor update. EnactTrust solves this in one step.