{"id":3280,"date":"2024-04-25T04:30:00","date_gmt":"2024-04-25T09:30:00","guid":{"rendered":"https:\/\/www.darkreading.com\/endpoint-security\/chip-giants-finalize-spec-to-bake-security-into-silicon"},"modified":"2024-04-25T04:30:00","modified_gmt":"2024-04-25T09:30:00","slug":"chip-giants-finalize-specs-baking-security-into-silicon","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/04\/25\/chip-giants-finalize-specs-baking-security-into-silicon\/","title":{"rendered":"Chip Giants Finalize Specs Baking Security into Silicon"},"content":{"rendered":"
<\/a><\/div>\n
<\/div>\n

A consortium of top chip makers finalized the first version of Caliptra, a specification to add zero-trust security features directly inside silicon.<\/span><\/p>\n

The Caliptra 1.0 specification has hardware and software blocks providing multiple protection layers for encrypted data on chips.<\/span><\/p>\n

“The Caliptra IP block is currently being integrated by companies across the ecosystem into chips that will start to appear in the market in 2026,” wrote Google engineers Andr\u00e9s Lagar-Cavilla and Amber Huffman in a <\/span>blog entry<\/a><\/span>.<\/span><\/p>\n

Security-focused hardware exist, usually as separate components on the hardware. At the moment, chips typically access security features which are available as separate hardware components on the motherboard. The Caliptra specification provides a blueprint to embed the security features into the chip instead of accessing those hardware cores.<\/span><\/p>\n

For example, the trust platform module (TPM), which are <\/span>required on all machines running Windows 11<\/a><\/span>, is a secure processor carying out cryptographic functions such as Windows Hello authentication and BitLocker drive encryption. Caliptra could make possible an on-silicon version of TPM.<\/span><\/p>\n

The specification was built around the concept of <\/span>confidential computing<\/a><\/span>, an emerging technology focused on building walls to protect data and programs during storage, transport, and execution. Users and code are verified before being allowed to enter the secure area, after which they can run programs.<\/span><\/p>\n

Caliptra-Spec Chips on the Way?<\/h2>\n

The Caliptra specification aims to fend off cyberattacks and protect from vulnerabilities such as Meltdown and Spectre, which exposed confidential user data to hackers.<\/span><\/p>\n

Caliptra’s protection layers on silicon include a <\/span>root-of-trust block<\/a><\/span>, in which code, users, and firmware are isolated, verified, and authenticated. The spec extends to protecting firmware and ROMs. The root-of-trust layer also detects and recovers data that may be corrupted.<\/span><\/p>\n

The specification is now available for tape-in, which means it is also ready for testing for chips that may be going into production. Nvidia and Google did not respond to requests for comments about when chips with Caliptra will come out.<\/span><\/p>\n

Caliptra is an open source technology, which means chip makers can adopt and modify it for free.<\/span><\/p>\n

A company called Antmicro is developing a Caliptra-based security core for an emerging chip architecture called <\/span>RISC-V<\/a><\/span>. The technology is an alternative to the dominant x86 and ARM instruction set architectures. RISC-V has a modular design that makes it easier to include technologies like Caliptra in production-level silicon.<\/span><\/p>\n

Google is a lead developer of <\/span>Caliptra<\/a><\/span>, working alongside Advanced Micro Devices, Microsoft, Marvell, and NVIDIA. The Linux Foundation’s CHIPS Alliance is managing the development of the specification.<\/span><\/p>\n

Intel is one of the big names in chips missing from the group of companies developing Caliptra. Intel is pushing its own <\/span>on-chip security<\/a><\/span> technology to protect user data and chips from hackers.<\/span><\/p>\n

Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

A consortium of top chip makers finalized the first version<\/p>\n","protected":false},"author":12,"featured_media":3281,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[809],"class_list":["post-3280","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","tag-dark-reading"],"featured_image_urls":{"full":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/chip-giants-finalize-specs-baking-security-into-silicon.png?fit=6215%2C3496&ssl=1",6215,3496,false],"thumbnail":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/chip-giants-finalize-specs-baking-security-into-silicon.png?resize=150%2C150&ssl=1",150,150,true],"medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/chip-giants-finalize-specs-baking-security-into-silicon.png?fit=300%2C169&ssl=1",300,169,true],"medium_large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/chip-giants-finalize-specs-baking-security-into-silicon.png?fit=640%2C360&ssl=1",640,360,true],"large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/chip-giants-finalize-specs-baking-security-into-silicon.png?fit=640%2C360&ssl=1",640,360,true],"1536x1536":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/chip-giants-finalize-specs-baking-security-into-silicon.png?fit=1536%2C864&ssl=1",1536,864,true],"2048x2048":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/chip-giants-finalize-specs-baking-security-into-silicon.png?fit=2048%2C1152&ssl=1",2048,1152,true],"chromenews-featured":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/chip-giants-finalize-specs-baking-security-into-silicon.png?fit=1024%2C576&ssl=1",1024,576,true],"chromenews-large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/chip-giants-finalize-specs-baking-security-into-silicon.png?resize=825%2C575&ssl=1",825,575,true],"chromenews-medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/chip-giants-finalize-specs-baking-security-into-silicon.png?resize=590%2C410&ssl=1",590,410,true]},"author_info":{"display_name":"Dark Reading","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/darkreading\/"},"category_info":"Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","jetpack_featured_media_url":"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/chip-giants-finalize-specs-baking-security-into-silicon.png?fit=6215%2C3496&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/3280","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=3280"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/3280\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media\/3281"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=3280"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=3280"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=3280"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}