| Key Name | Purpose |
| Endorsement Key (EK) | A key-pair based on RSA algorithm; imposed by TPM manufacturer to identify uniquely TPM. |
| Storage Root Key (SRK) | A non-transferable key generated by the platform owner to serve as the root key in the hierarchy of keys associated with the TPM. |
| Attestation Identity Key (AIK) | Used for attestation and identification of a TPM (i.e. activated mode). Trusted third party can create identity certificate by signing public key part of AIK. |
| Signing Key | Used by the system to sign messages. |
| Storage Key | Used to encrypt and decrypt other keys. (using RSA) |
| Identity Key | Used for operations that requires TPM identity. |
| Binding Key | Used for Unbind operations to decrypt a data. |