Google Is Helping Design an Open Source, Ultra-Secure Chip
Credit to Author: Lily Hay Newman| Date: Tue, 05 Nov 2019 14:00:00 +0000
Open Titan is a so-called secure enclave based on open source that could shake up hardware security.
With hackers deploying sophisticated attacks against operating systems, processors, and even firmware, manufacturers have increasingly turned to a tamper-resistant processor—or part of one—often called a "secure enclave" to stymie all sorts of attacks. They place in that immutable chip the "root of trust" on a device, relying on it to run cryptographic checks every time the system starts to make sure nothing has been subtly, maliciously altered. If something is wrong, the secure enclave stops the machine from booting up. Which leads to a nagging question: How can you always be sure that you can trust the secure enclave itself?
It's not a hypothetical. While secure root of trust schemes offer real security improvements in many ways, researchers have repeatedly shown that it can be possible to undermine those chips. Which is why Google and a consortium of companies, nonprofits, and academic institutions have all signed on to an initiative meant to improve the transparency—and ultimately the security—of secure enclaves. Known as “Open Titan,” the project aims to lift the fog of proprietary machine code and clandestine manufacturing that makes any processor difficult to fully trust. It's managed and directed by the open source hardware nonprofit lowRISC CIC.
“This is not just bits of intellectual property floating around, but actually a real design and a real engineering organization that’s not for profit,” says Gavin Ferris, cofounder and director of lowRISC. “We believe that transparency and security go hand in hand, everything aligns with doing an open source root of trust. Chips from existing vendors are opaque, there’s a lot of mystery meat inside them in terms of what's going on. You can talk to them from your operating system, but what’s below there? What are the components underneath it and the architecture? None of that's visible.”
Open Titan is loosely based on a proprietary root of trust chip that Google already uses in its Pixel 3 and 4 phones. But Open Titan is its own chip architecture and extensive set of schematics developed by engineers at lowRISC along with partners at ETH Zurich, G+D Mobile Security, Nuvoton Technology, Western Digital, and, of course, Google.
Open Titan is structured to run much like a high-quality, high-reliability open source software project. Think Linux, but for chips. The consortium will use community feedback and contributions to develop and improve the industry-grade chip design, while lowRISC will manage the project and keep suggestions and proposed changes from going live haphazardly.
You can check out the Open Titan Github repository right now, but the schematics aren't finished yet. The consortium wanted to debut the project midway through its development so that it can benefit from early public scrutiny and input. Currently you can test out parts of the Open Titan architecture on a special type of reprogrammable processor called a Field Programmable Gate Array, but complete Open Titan chips won't be manufacturable right away. The exact timing of the release will depend on a few factors, like how much community feedback the project receives and how difficult those issues are to resolve.
It also remains to be seen whether anyone will actually manufacture them. But manufacturers in search of a secure root of trust could find both security and economic benefits in Open Titan. The publicly available option will potentially allow companies to get around the licensing fees imposed by silicon designers like ARM. And the Open Titan design will pull back the curtain on historically buggy—and therefore potentially vulnerable—parts of chip design, like firmware and data processing flows.
At the same time, any company hoping to use Open Titan will need to adapt and implement it correctly, and without introducing new vulnerabilities, to interoperate with existing software. And Open Titan faces competition from heavy hitters like Microsoft, which recently announced its own proprietary hardware to bypass firmware in establishing a secure root of trust.
"Success means it gets much bigger—our goal is everyone can standardize on this," says Urs Hölzle, Google's senior vice president for technical infrastructure. "We think of Open Titan as the basis of an ecosystem. You don't have to use it exactly one way. ARM and AMD and Intel offer these types of chips, but they’re all opaque. We don’t want to start there, because we can’t verify it."
There are some parts of the Open Titan design that won't be public, at least for the foreseeable future. These are all related to the actual physical fabrication of chips in a factory, categories like "foundry intellectual property," "chip fabrication," and "Physical Design Kit," among others. They hint at the immense challenges that exist in creating open source hardware—fabrication of which requires massive, specialized factories and proprietary silicon manufacturing processes, not just a laptop and an internet connection. If you don't own a silicon plant or have the leverage to convince existing fabricators to make Open Titan chips for you, you won't be able to get them. And though device-makers have an incentive to save money on licensing fees with something like Open Titan, silicon manufacturers who impose these fees may resist dropping them.
When asked about a hypothetical open source secure enclave, Jatin Kataria, principle scientist at the embedded device security firm Red Balloon and a former engineer at Nvidia, noted the probability that some fundamental manufacturing components would remain closed. "It likely wouldn't open source the proprietary manufacturer architecture, so that's where everyone will go to look for new attacks," he says. "But by open sourcing so many other layers, the community could tell you what you’re implementing wrong. It would be a great step forward."
Regardless of whether Project Titan fully succeeds as a widely used blueprint for root of trust hardware, it represents an important evolution of mainstream open source hardware projects—still a largely uncharted field, because of the intricacies and slower pace of physical manufacturing. As the proverbial X-Files guest star who sees too much and slowly descends into paranoia must learn, though, it’s harder than it sounds to "trust no one."