Google launches OpenTitan project to enable more secure silicon chips
Google LLC today launched OpenTitan, an open-source initiative designed to encourage the development of so-called root-of-trust technology for data center and consumer devices.
When a system is described as having a root of trust, it means there’s a specialized chip or module responsible for blocking hacking attempts. In Google’s latest Pixel 4 phones, for instance, that role is played by the Titan M microcontroller. It’s a tiny processor (pictured) that verifies the integrity of the firmware on the users’ handsets every time they turn them on.
In data centers, meanwhile, the root of trust is often what’s known as a hardware security module, a dedicated appliance that “safekeeps” the encryption keys with which servers scramble sensitive data. Hardware security modules are isolated from the rest of the network and frequently come in a tamper-resistant case.
Through OpenTitan, Google hopes to supply the industry with common technology building blocks for creating root-of-trust products. The search giant is currently developing a purpose-built chip design for the project that uses the popular RISC-V architecture. There are many other components in the works too, including firmware, coprocessors optimized to handle cryptographic tasks and a physical random-number generator for creating encryption keys.
“Open-source silicon can enhance trust and security through design and implementation transparency,” Royal Hansen, Google’s head of information security, and OpenTitan lead Dominic Rizzo wrote in a blog post. “Issues can be discovered early, and the need for blind trust is reduced.” They added that freely sharing core technologies can “enable and encourage innovation through contributions to the open-source design.”
Google is actively working to attract an ecosystem of contributors. The company has transferred stewardship of OpenTitan to LowRisc, an industry body affiliated with Cambridge University, and is recruiting outside partners to support development. Initial backers include Western Digital Inc., chipmaker Nuvoton Technology Corp., G+D Mobile Security GmbH and the ETH Zurich research university in Switzerland.
Hansen and Rizzo wrote that the technology produced through OpenTitan will be “helpful for chip manufacturers, platform providers and security-conscious enterprise organizations that want to enhance their infrastructure.”
Any technology that those organizations contribute back to OpenTitan could in turn prove useful for Google. The company uses root-of-trust chips in its Pixel phones, Pixel Slate tablet and, most important, in its data centers to protect servers from attack.
The promise of more effective security chips may even tempt some of Google’s rivals to join OpenTitan. Apple Inc. ships a homegrown root-of-trust processor called the T2 with certain Mac models, while Amazon Web Services Inc. provides hardware security module features through its cloud platform.
Since you’re here …
Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!
Support our mission: >>>>>> SUBSCRIBE NOW >>>>>> to our YouTube channel.
… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.