OpenTitan, the Open Source Hardware Root-of-Trust, is Shipping Now in Commercial Chromebooks

Google has announced that the OpenTitan hardware root-of-trust, a project seven years in the making, is now shipping commercially — with Nuvoton's implementation finding its way into Chromebook portables on-shelf now.

"Last year, we shared the exciting news that fabrication of production OpenTitan silicon had begun. Today, we're proud to announce that OpenTitan is now shipping in commercially available Chromebooks," OpenTitan team members Cyrus Stoller and Miguel Osorio write in a joint statement on the project's milestone. "The first OpenTitan part is being produced by Nuvoton, a leader in silicon security. OpenTitan shipping in production is a defining milestone for us and all contributors to the project."

OpenTitan was publicly unveiled back in November 2019 as a joint venture between Google, Western Digital, ETH Zürich, lowRISC, and other partners — an effort to take a key piece of the security puzzle, a hardware root-of-trust, and take it from black-box to open and auditable. "We believe collaboratively developed open source silicon designs provide the flexible, cost effective base needed for future generations of secure hardware products," lowRISC's Alex Bradbury said at the time.

Now, the project has reached the biggest milestone of all: shipping silicon. The open design, maintained by non-profit lowRISC, has been put into production by Nuvuton and is shipping as an actively-used component in Chromebooks in stores now. If all goes to plan, though, end-users will never even know it's there — but can still enjoy the security it brings.

"With OpenTitan, we are pushing the boundaries of what can be expected from a silicon RoT [Root of Trust]," Stoller and Osorio claim. "For example, OpenTitan is the first commercially available open source RoT to support post-quantum cryptography (PQC) secure boot based on SLH-DSA. This helps future proof the security posture of these devices against potential adversaries with the capability to break classical public-key cryptography (e.g., RSA) via quantum computing.

"In addition, by applying commercial-grade design verification (DV) and top-level testing to an open source design, we have pushed for the highest quality while still allowing these chips to be transparent and independently verifiable. An added advantage of this approach is that we expect the high quality IP developed for OpenTitan to be re-usable in other projects going forward."

More information is available in Stoller and Osorio's blog post.