Google's OpenTitan aims to Create an Open Source Secure Enclave

· Andrew Orr · Link

Google wants Android phones to have a Secure Enclave chip like iPhones. Its OpenTitan project aims to help design an open source one.

OpenTitan is loosely based on a proprietary root-of-trust chip that Google uses in its Pixel 3 and 4 phones. But OpenTitan is its own chip architecture and extensive set of schematics developed by engineers at lowRISC, along with partners at ETH Zurich, G+D Mobile Security, Nuvoton Technology, Western Digital, and, of course, Google.

The consortium will use community feedback and contributions to develop and improve the industry-grade chip design, while lowRISC will manage the project and keep suggestions and proposed changes from going live haphazardly.

You can view the OpenTitan Github repo here, but it’s not fully fleshed out yet.

Inside Apple’s Secure Enclave Stress Testing Efforts

· Andrew Orr · Link

The Independent recently published an interview with Craig Federighi, talking about privacy and Apple chips.

Those chips are here to see whether they can withstand whatever assault anyone might try on them when they make their way out into the world. If they succeed here, then they should succeed anywhere; that’s important, because if they fail out in the world then so would Apple. These chips are the great line of defence in a battle that Apple never stops fighting as it tries to keep users’ data private.

I don’t think the article was written well, but to me the most interesting part was Secure Enclave stress testing, which involves temperature. I assume Apple is trying to prevent hacks like this.

Everything You Need to Know about the Apple Secure Enclave Hack

· Andrew Orr · Analysis

The Secure Enclave is isolated from the rest of the system. It’s like having a house where the windows are blacked out. The decryption means that now we can look through the windows, but we still can’t get in.