Summary of GOOGLE OPENTITAN AND MICROSOFT PLUTON CREATE THE FUTURE OF SECURITY CHIPS
OpenTitan and Microsoft Pluton overview: concise summary OpenTitan is an open-source reference design and integration guideline for silicon Root of Trust (RoT) chips such as TPMs. RoT chips protect firmware integrity, provide unique device identity, protect secrets, and produce tamper-evident audit records. OpenTitan aims to improve transparency, trust, and security by enabling designers to embed RoT implementations with fewer legal barriers and allowing community review and contribution; partners include Western Digital, Seagate, and Nuvoton.
Parts used in the OpenTitan Project:
- OpenTitan open-source reference design
- Silicon Root of Trust (RoT) chip / TPM
- Firmware for boot integrity
- Cryptographic key storage mechanisms
- Tamper-evident audit record facilities
- Integration guidelines for chip manufacturers and platform providers
- Contributions from partner companies (Western Digital, Seagate, Nuvoton)
Before talking about OpenTitan and Microsoft Pluton – two security chips by two tech giants, let’s have an overview of what security chips actually are.
Today, the hardware-level security of an operating system is an extremely important matter and is taken very seriously by manufacturers. The core security of an operating system depends on a chip separate from the CPU. This chip is called TPM or Trusted Platform Module. TPM stores various keys and other sensitive information that saves the integrity of the entire system. Security chips are also used in embedded platforms where security is the utmost priority. A good example is IoT based smart home control system. If an attacker gets access to the secure keys of various APIs used for controlling “things” remotely, they can do anything. So, these types of keys are stored in TPM.
Silicon Root of Trust (RoT) chips can provide many security benefits by helping to:
- Ensure that a server or a device boots up with the correct firmware and hasn’t been infected by low-level malware.
- Provide a cryptographically unique machine identity, so an operator can verify that a server or a device is legitimate.
- Protect secrets like encryption keys in a tamper-resistant way even for people with physical access (e.g., while a server or a device is being shipped).
- Provide authoritative, tamper-evident audit records and other runtime security services.
Google OpenTitan
OpenTitan is the first open-source project building a transparent, high-quality reference design and integration guidelines for silicon root of trust (RoT) chips (such as TPMs). The main goal of OpenTitan is to make the silicon RoT design and implementation more transparent, trustworthy, and secure for enterprises, platform providers, and chip manufacturers. Big companies like Western Digital, Seagate, Nuvoton, etc. are partnering with Google in this project.
OpenTitan being open-source, Root of Trust chip designers can embed this in their design with little or no legal complexities. Also, numerous talented developers can contribute to this project and raise the security standard. Open-source silicon can enhance trust and security by design and implementation transparency. problems can be detected early, and bugs can be fixed. This will also provide implementation choices and preserve a set of common interfaces.
Read more: GOOGLE OPENTITAN AND MICROSOFT PLUTON CREATE THE FUTURE OF SECURITY CHIPS
- What is OpenTitan?
OpenTitan is an open-source project providing a transparent, high-quality reference design and integration guidelines for silicon Root of Trust chips. - How does a Silicon Root of Trust help device security?
Silicon RoT ensures correct firmware at boot, provides a cryptographically unique device identity, protects secrets in a tamper-resistant way, and provides tamper-evident audit records. - Why is OpenTitan open-source important?
Being open-source allows designers to embed the RoT design with fewer legal complexities and enables community review to detect and fix bugs early. - Who are some partners in the OpenTitan project?
Partners mentioned include Western Digital, Seagate, and Nuvoton. - Can OpenTitan be embedded into chip designs?
Yes, Root of Trust chip designers can embed OpenTitan in their designs with little or no legal complexities. - Does OpenTitan improve trust and security?
Yes, OpenTitan aims to enhance trust and security through design and implementation transparency and community contributions. - What problems does open-source silicon help address?
Open-source silicon helps detect problems early, fix bugs, provide implementation choices, and preserve common interfaces.
