Root of Trust - kunisuzaki/misc GitHub Wiki
Summary
| RoT Tech | Hardware | Included device (CPU) | OS |
|---|---|---|---|
| SE: Secure Element | Android smartphones | ||
| Intel ME/CSME | Intel Quark x86-based (32bit) | Intel CPU (chipset) | MINIX |
| AMD PSP | Arm Cortex-A5 (32bit) | AMD CPU (main die) | |
| Open Titan | Ibex (RV32IMC/EMC) M/U Mode | Tock OS | |
| Rambus RISC-V CryptoManager | Custom (RV32IMC) M/S/U Mode | Zephyr | |
| Silex Insight eSecure | Andes N22 (RV32IMAC/EMAC) M or M/U mode | ||
| Microsoft Pluton | Mediatek MT3620 (Arm Cortex-A7) | ||
| Apple Secure Enclave | ARMv7a “Kingfisher” core | iPhone, iPad, Mac, Apple TV, Apple Watch | SEPOS (L4 Micro Kernel) |
Technology
SE: Secure Element, defined by GlobalPlatform
Specification
Paper
- Performance Analysis of Secure Elements for IoT 2021
- Security on IoT Devices with Secure Elements [Embedded World'19]
- Securing the IoT:introducing an evaluation platform for secure elements [2019]
- Implementing Secure Applications thanks to an Integrated Secure Element[7th International Conference on Information Systems Security and Privacy, ICISSP'21]
| Vendor | Name | Board | Misc |
|---|---|---|---|
| Infineon | Optiga Trust X | ||
| Infineon | Optiga Trust M | Trust M Evaluation Kit | |
| NXP | EdgeLock SE050 | AtmarkTechno Armadillo CPU: NXP i.MX 8M Plus Arm Cortex-A53(1.6GHz) | |
| NXP | A71CH (old) | ||
| Microchip | ATECC608A | M5Stack Core2 for AWS CPU: Xtensa Dual Core | |
| STMicro | STSAFE-A110 | ||
| STMicro | ST33K1M5C | Ledger Nano S-Plus | |
| STMicro | ST54K | Google Pixel 7 |
TPM Trusted Platform Module, defined by TCG: Trusted Computing Group
| Vendor | Name | Board | Misc |
|---|---|---|---|
| Atmel | |||
| Broadcom | |||
| Infineon | SLB 9670VQ2.0 | ||
| Microchip | |||
| NationZ | Z32H330TC-SQN-725 | ||
| Nuvoton | NPCT750AADYX | ||
| STmicro |
Intel ME(Management Engine)/CSME(Converged Security and Management Engine)
Hardware
- Intel Quark x86-based (32bit)
Paper
On-Die Certificate Authority (ODCA)
AMD PSP(Platform Security Processor)
Hardware
- Arm Cortex-A5 (32bit)
Paper
Apple Secure Enclave
Hardware
- ARMv7a “Kingfisher” core
Paper
Google Titan / Open Titan
Hardware
- Titan for Google server Article: Google reveals details about Titan, its server security chip
- Ibex RISC-V32 Core for Open Titan
- RISC-V Core for Titan M2 used by Pixel 6
Paper
- A Side Journey To Titan[USENIX Sec'21]
- Reversing and Fuzzing the Google Titan M Chip [ROOT'21]
- A Vendor-Agnostic Root of Trust for Measurement [2017, Google] This paper shows the Titan is set between boot-firmware flash chip and Intel PCH(Platform Controller Hub).
Microsoft Pluton
Hardware
- Mediatek MT3620 (Arm Cortex-A7)