Google Does Its Bit on Cyberattacks with OpenTitan Project

The company is partnering with several other tech majors to build a new collaborative open-source chip design that could be resistant to the most sophisticated attacks

 

In recent times, hackers are using more sophisticated forms of attacks on operating systems and processors. Given the magnitude of the problems, Google has now joined hands with a set of partners to develop what is described as a “secure enclave” which in other words is a tamper-resistant processor developed as an open-source project.

The project aims to build trustworthy chip designs for use in mission critical data-centre applications, storage as well as in computer peripherals. A crucial factor is that OpenTitan would allow more open collaboration between tech majors in a transparent fashion, thus ensuring that it is open to anyone to inspect the hardware for security challenges.

The secure enclave (chip design) becomes the most trustworthy component that would continuously run cryptographic checks each time a system starts up to ensure that nothing has been maliciously altered. And in case it senses something, the secure enclave simply stops the system from booting up. Till date the challenge was how could one trust the system enclave itself?

Which is where now Google has stepped in by bringing together a consortium of companies including not-for-profits and academic bodies into their initiative that aims to remove the proprietary machine code and clandestine manufacturing that was the sole reason why it became tough to trust the secure enclave itself.

A report published in the Wired.com quotes Gavin Ferris, co-founder and director of lowRISC, a non-profit enterprise that is part of OpenTitan to suggest that transparency and security needs to go hand-in-hand and everything aligns with doing an open source root of trust. “Chips from existing vendors are opaque, there’s a lot of mystery meat inside them in terms of what’s going on. You can talk to them on your operating system, but what’s below there? What are the components underneath it and the architecture? None of that’s visible.”

And this is where Google is stepping in. OpenTitan is reportedly based loosely on a proprietary chip that Google uses in its Pixel phones though it uses its own chip architecture developed by engineers at lowRISC along with other partners. The move comes at a time when tech majors and governments are becoming aware of hostile nation states trying to infiltrate and compromise supply chains in order to facilitate long-term surveillance or espionage.

Writing in TechCrunch.com, Jack Whittaker says OpenTitan uses the multi-factor security keys from its own smartphones and the factor that is critical to the chip’s success is its root-of-trust technology which “cryptographically ensures that the chip hasn’t been tampered with. Root-of-trust provides a solid foundation for the operating system and applications running on the chip.”

Of course, this isn’t the only project out there seeking to build secure chip designs. Facebook and Intel too had done so earlier and Apple has its own secure and proprietary custom chip which is known as the Apple T2 and comes with the latest MacBook.


TAGS: Cyberattacks, Hacking, Chip Design, OpenTitan, Google, lowRISC