Google Titan - New Chip Details Revealed
In March of this year, a Google Cloud Next Conference was held in San Francisco. The company paid a lot of attention to the security of the Google cloud platform.
“We are innovating in security and we want this to be a reason for migrating to the clouds,” said Jennifer Lin, director of product management for the Google Cloud Platform (GCP).
Also, Urs Hölzle, senior vice president of technical infrastructure for Google Cloud, presented the new Titan chip - he pulled it out of the earring to show how small it is. In the GCP infrastructure, the chip is responsible for reliable user authentication at the hardware level. Google often hides information about its developments, but at the end of August, the company revealed some details about the chip.
')
/ Flickr / web summit / CC
To create a new chip, the company was prompted by an increase in the number of software hacks and new research in this area. Google calls Titan the “hardware root of trust.” It was created by company engineers in order to block hardware backdoors and prevent attackers from using firmware vulnerabilities to bypass the protection of the operating system. So, attackers will not be able to install rootkits, which persist even after reinstalling the OS.
Titan has a secure application processor, a cryptographic coprocessor, a hardware random number generator, as well as a hierarchical key system, built-in static RAM (SRAM), flash memory, and ROM.
The Titan loader seems to be “wedged in” between the firmware of the loader and the component responsible for starting the system — for example, BMC — which enables it to examine each byte of the firmware that starts the system loader with the OS. In doing so, he uses public key cryptography to check his own firmware before downloading.
In addition, the chip allows you to restore the firmware if errors appear. It also keeps an audit trail of any changes made to the system. Titan, using cryptography, associates log messages with sequentially generated counter indicators. Therefore, it is impossible to fake audit logs and carry out other undesirable actions, even those performed with root access.
“Our computers conduct a cryptographic check of each software package, and then decide whether to give it access to network resources. Titan integrates into this process and offers additional layers of protection, ”sums up the Google team.
However, several residents of Hacker News expressed concern about how the company can trust the chip, because it is unknown at what point its individual components would be compromised. However, in the same thread, one of the project developers noted that the chip itself and the software that runs on it are created entirely by Google (without bringing in third-party solutions), which gives engineers complete control over the stack.
As for the physical interference with the chip, then, according to the same developer, the team introduced protective mechanisms that prevent such operations and complicate reverse engineering in general.
Unlike the classic secure boot tools, Titan offers additional controls, for example, the chip performs testing of the internal memory (including the ROM) when it is loaded, ensuring that it is “clean” from malicious inclusions.
"A new barrier to cyber attack is particularly important, as the firmware vulnerability opens up access to the entire system," said Black Hat at a recent computer security conference.
Google says Titan can be used where traditional secure boot approaches are unavailable or ineffective. It is expected that the new chip is useful for work in the data centers of cloud providers. Titan initiates constant checks at the hardware level, which provide additional security along with software protection systems.
PS Another three safety related materials from our blog:
“We are innovating in security and we want this to be a reason for migrating to the clouds,” said Jennifer Lin, director of product management for the Google Cloud Platform (GCP).
Also, Urs Hölzle, senior vice president of technical infrastructure for Google Cloud, presented the new Titan chip - he pulled it out of the earring to show how small it is. In the GCP infrastructure, the chip is responsible for reliable user authentication at the hardware level. Google often hides information about its developments, but at the end of August, the company revealed some details about the chip.
')
/ Flickr / web summit / CC
To create a new chip, the company was prompted by an increase in the number of software hacks and new research in this area. Google calls Titan the “hardware root of trust.” It was created by company engineers in order to block hardware backdoors and prevent attackers from using firmware vulnerabilities to bypass the protection of the operating system. So, attackers will not be able to install rootkits, which persist even after reinstalling the OS.
Titan has a secure application processor, a cryptographic coprocessor, a hardware random number generator, as well as a hierarchical key system, built-in static RAM (SRAM), flash memory, and ROM.
The Titan loader seems to be “wedged in” between the firmware of the loader and the component responsible for starting the system — for example, BMC — which enables it to examine each byte of the firmware that starts the system loader with the OS. In doing so, he uses public key cryptography to check his own firmware before downloading.
In addition, the chip allows you to restore the firmware if errors appear. It also keeps an audit trail of any changes made to the system. Titan, using cryptography, associates log messages with sequentially generated counter indicators. Therefore, it is impossible to fake audit logs and carry out other undesirable actions, even those performed with root access.
“Our computers conduct a cryptographic check of each software package, and then decide whether to give it access to network resources. Titan integrates into this process and offers additional layers of protection, ”sums up the Google team.
However, several residents of Hacker News expressed concern about how the company can trust the chip, because it is unknown at what point its individual components would be compromised. However, in the same thread, one of the project developers noted that the chip itself and the software that runs on it are created entirely by Google (without bringing in third-party solutions), which gives engineers complete control over the stack.
As for the physical interference with the chip, then, according to the same developer, the team introduced protective mechanisms that prevent such operations and complicate reverse engineering in general.
New level of cloud protection
Unlike the classic secure boot tools, Titan offers additional controls, for example, the chip performs testing of the internal memory (including the ROM) when it is loaded, ensuring that it is “clean” from malicious inclusions.
"A new barrier to cyber attack is particularly important, as the firmware vulnerability opens up access to the entire system," said Black Hat at a recent computer security conference.
Google says Titan can be used where traditional secure boot approaches are unavailable or ineffective. It is expected that the new chip is useful for work in the data centers of cloud providers. Titan initiates constant checks at the hardware level, which provide additional security along with software protection systems.
PS Another three safety related materials from our blog:
Source: https://habr.com/ru/post/336730/
All Articles