A system, method, and program product is provided that initializes expected PCRs stored in a TPM by generating and storing a random number, seeding expected PCRs with the random number, inputting a set of startup code processes to a hash algorithm resulting in a set of hash values, updating the expected PCRs using the set of hash values, and saving the expected PCRs in a nonvolatile data area that is secured by the TPM. Upon reboot, the random number is retrieved from the nonvolatile data area, the PCRs are seeded with the retrieved random number, the startup code processes are input to the hash algorithm process resulting in another set of hash values, the PCRs are updated using the resulting set of hash values, and an encrypted data object is decrypted in response to the PCRs being the same as the expected PCRs.