To prevent applications running on the network and computers from being infected by malware, firmware and chip-level security solutions are used primarily in the industry. But Google, the search giant, wants everyone to build a foundation of trusted computing with their OpenTitan security chip design project. Foreign media pointed out that the project aims to establish an open source common reference design, so that more people participate in the process of improving the initial design, and achieve enhanced security.
(Instagram via TechSpot)
Google has announced partnerships with a number of companies and nonprofits and launched a new program called OpenTitan. It is designed to develop open source security chip designs for data centers and infrastructure that can be independently validated and further enhanced.
The project, named after the self-developed Titan chip used in Google’s data centerand and Pixel smartphones, can be started from a known trusted state and verified that the firmware has been tampered with. The encryption element used for authentication is called the trust root (RoT) and is at the heart of the OpenTitan project.
Google says OpenTitan will run by the non-profit LowRisc and is supported by other partners.
These include ETH Zurich, Nuvoton Technology, G-D Mobile Security, and Western Digital.
In other words, the open source nature of the OpenTitan project ensures that it is platform-independent and adaptable to any device. As for the basic idea of RoT, it is to ensure that the software can run on security components based on “authorized and verifiable code.”
As for RoT’s advantages, Google wrote in a blog post:
Make sure the device is booted with the correct firmware and protected from malware.
Provides the unique machine identity of the password so that the operator can verify that the server or device is legitimate.
It is also possible to tamper with persons with physical access, such as those responsible for transporting the device (e.g. through encryption keys).
Provide authoritative tampered audit records, as well as other Runtime Security Services.
The company hopes to increase transparency through open source RoT chip designs that encourage innovation while increasing trust and security, addressing related issues this morning, and enabling a common interface based on open reference designs.
Previously, Apple has used proprietary RoT chips (T2) in many of its devices, Samsung has deployed secure boot in the Knox platform, and many Windows PCs have supported this feature.
While some may be skeptical of Google’s motives, the Open Titan project seems sublime enough to inspire chipmakers and platform designers to integrate RoT into their designs more easily.