Google has just announced the release of a new open-source silicon root of trust (RoT) project, OpenTitan. According to Google, open sourcing the silicon chip design will help make it more transparent, trustworthy, and secure.
The project is being managed by lowRISC CIC, a collaborative open silicon engineering organization, and supported by Google, ETH Zurich, G+D Mobile Security, Nuvoton Technology, and Western Digital.
“Security begins with secure infrastructure. To have higher confidence in the security and integrity of the infrastructure, we need to anchor our trust at the foundation—in a special-purpose chip,” Google wrote in a post.
According to Google, the project is rooted in three key principles:
- Transparency: Anyone should be able to inspect, evaluate, and contribute to OpenTitan
- High quality: The silicon design is high quality and logically secure
- Flexibility: Adopters can integrate OpenTitan into data center servers, storage, peripheral, and other devices.
The security benefits of silicon RoT are that it ensures that a server boots with the correct firmware, provides a cryptographically unique machine identity, protects secrets like encryption keys in a tamper-resistant way, and provides authoritative and tamper-evident audit records.
In addition, OpenTitan can enhance trust and security through design and implementation transparency, enable and encourage innovation through open-source contributions, and provide implementation choice.