OpenTitan: Root of Trust (RoT) Project
Google along with a number of other trusted manufacturers announced OpenTitan which is an open-source silicon root of trust (RoT) project. If this is the first time you have heard of ‘root of trust’ – well, join the club. It seems we have lots to learn together.
Google and others are taking steps to provide more security at the silicon level. We’ve seen similar ideas in the industry, but Google is making their design opensource which will make it more transparent, trustworthy, and ultimately, secure. The idea is to deliver a high-quality RoT design and integration guidelines for use in data center servers, storage, peripherals, and more.
Root of Trust (RoT)
Since this is the first time I’ve heard the term Root of Trust (RoT) I thought I would try to explain it (this is part of my learning in public exercise). RoT schemes generally include a hardened hardware module. From what I understand, Root of Trust is an idea that starts as a chain of trust to ensure computers and systems boot with authentic code and not anything compromised.
As the first piece of code is verified and the system will continue to the next level of code. I know I have oversimplified it. Dell has a good write-up on What Is Hardware Root of Trust?.
The silicon RoT technology can be used in server motherboards, network cards, client devices (e.g., laptops, phones), consumer routers and other devices. I suspect we will begin to see more custom silicon from a wide range of manufacturers.
The OpenTitan project is rooted in three key principles
- Transparency – anyone can inspect, evaluate, and contribute to OpenTitan’s design and documentation to help build more transparent, trustworthy silicon RoT for all.
- High quality – building a high-quality logically-secure silicon design, including reference firmware, verification collateral, and technical documentation.
- Flexibility – adopters can reduce costs and reach more customers by using a vendor- and platform-agnostic silicon RoT design that can be integrated into data center servers, storage, peripheral and other devices.
Google has a custom-made RoT chip, Titan, to help ensure that machines in Google’s data centers boot from a known trustworthy state with verified code; that is their system root of trust. First introduced at Google Cloud Next ’17, Titan is a secure, low-power microcontroller designed with Google hardware security requirements and scenarios in mind.
How to get involved
The OpenTitan project is managed by lowRISC C.I.C. which is a not-for-profit company, based in Cambridge, UK, using collaborative engineering to develop and maintain open-source silicon designs and tools.
The OpenTitan repository is now available on GitHub. Interested implementation partners will undergo a certification process, and the OpenTitan team will provide integration guidelines for vendor and platform partners.
One of the wonderful things about the open-source community is they are constantly looking for contributors. You can check out the work to date at their GitHub repository, or join the community for discussions and exchanging ideas.
What do you think of the silicon root of trust (RoT) project? Is this something that is top of mind for you when moving to the cloud? Please let me know on Twitter, and thanks for reading!