Google recently announced the launch of OpenTitan, an open-source silicon root of trust (RoT) project that can be adopted by almost every organisation and which ensures that the hardware infrastructure and their underlying software in an industrial system or a data centre can work securely using authorised and verifiable code.
In a blog post published last week, Royal Hansen, vice president of Google and Dominic Rizzo, lead of the OpenTitan project, said that open-source silicon RoT will allow organisations to run their hardware and software systems without having to worry about malware infections or malicious tampering by hackers.
This is because the OpenTitan will ensure that critical system components such as servers and other devices will boot securely using authorised and verifiable code and firmware, thereby ensuring that hackers will not be able to infiltrate such systems using low-level malware.
OpenTitan silicon RoT will assure secure booting of hardware & software systems
They said that the silicon RoT will provide cryptographically-unique machine identities that will allow operators to verify that a server or a device is legitimate, and will protect encryption keys and other secrets in a tamper-resistant way even for people with physical access.
“The silicon RoT technology can be used in server motherboards, network cards, client devices (e.g., laptops, phones), consumer routers, IoT devices, and more. For example, Google has relied on a custom-made RoT chip, Titan, to help ensure that machines in Google’s data centres boot from a known trustworthy state with verified code; it is our system root of trust,” they said.
Hansen and Rizzo also mentioned in their blog post that organisations that will adopt OpenTitan will be able to reduce costs and reach more customers by using a vendor and platform-agnostic silicon RoT design that can be integrated into data centre servers, storage, peripherals and other devices. They will also be able to inspect, evaluate, and contribute to OpenTitan’s design and documentation to help build more transparent, trustworthy silicon RoT for all.
“OpenTitan will be helpful for chip manufacturers, platform providers, and security-conscious enterprise organisations that want to enhance their infrastructure with silicon-based security,” they said.
Google, along with many industry partners, is building the logical design of a silicon RoT, including an open-source microprocessor (the lowRISC Ibex, a RISC-V-based design), cryptographic coprocessors, a hardware random number generator, a sophisticated key hierarchy, memory hierarchies for volatile and non-volatile storage, defensive mechanisms, IO peripherals, and secure boot.
The organisation managing the OpenTitan project is lowRISC CIC, an independent not-for-profit company with a full-stack engineering team based in Cambridge, UK which is supported by the likes of ETH Zurich, G+D Mobile Security, Google, Nuvoton Technology, and Western Digital.
Google also introduced Titan security keys to boost secure access to users’ Google accounts
In August this year, Google also introduced its Titan security keys in the UK, Japan, Canada, and France after making the device available for purchase to US Internet users in August last year, stating that the keys were capable of preventing malicious actors from hijacking users’ accounts through phishing or other social engineering attacks.
According to Google, Titan security keys, which are based on FIDO standards, are “the strongest, most phishing-resistant method of 2-step verification (2SV)” and secure users’ Google accounts from hijacking attempts. Not only can they authenticate Google accounts, but also users’ accounts with other popular platforms such as Dropbox, Facebook, GitHub, Salesforce, Stripe, Twitter, and other services that support FIDO standards.
“The firmware performing the cryptographic operations has been engineered by Google with security in mind. This firmware is sealed permanently into a secure element hardware chip at production time in the chip production factory. The secure element hardware chip that we use is designed to resist physical attacks aimed at extracting firmware and secret key material.
“These permanently-sealed secure element hardware chips are then delivered to the manufacturing line which makes the physical security key device. Thus, the trust in Titan Security Key is anchored in the sealed chip as opposed to any other later step which takes place during device manufacturing,” said Christiaan Brand, product manager at Google Cloud.