Inhlangano engenzi nzuzo ne-Google nabanye abaxhasi ngomhla ka-5 Novemba 2019 iphrojekthi , ebiza "iphrojekthi yokuqala yomthombo ovulekile yokudala i-chip evulekile, ikhwalithi ephezulu ye-chip enomsuka wokuthembana (i-RoT) ezingeni le-hardware."
I-OpenTitan esekelwe ekwakhiweni kwe-RISC-V iyi-chip enenhloso ekhethekile yokufakwa kumaseva ezikhungweni zedatha nakunoma yimuphi omunye umshini lapho kudingekile khona ukuqinisekisa ubuqiniso be-boot, ukuvikela i-firmware ekushintsheni futhi kuqede amathuba okuba nama-rootkits: lawa ngamabhodi omama, amakhadi enethiwekhi, amarutha, amadivayisi e-IoT , amagajethi eselula, njll.
Yiqiniso, amamojula afanayo akhona kumaprosesa anamuhla. Isibonelo, imojuli ye-Intel Hardware Boot Guard iyimpande yokuthembela kuma-Intel processors. Iqinisekisa ubuqiniso be-UEFI BIOS ngoxhaxha lokuthembana ngaphambi kokulayisha i-OS. Kodwa umbuzo uwukuthi, singathembela kangakanani izimpande zokwethembeka, njengoba singenaso isiqiniseko sokuthi ngeke kube nezimbungulu ekwakhiweni, futhi ayikho indlela yokuyihlola? Bheka isihloko ngencazelo yokuthi βindlela isiphazamisi esiye sahlanganiswa ngayo iminyaka ekukhiqizweni kwabathengisi abambalwa sivumela umhlaseli ongase abe khona ukuthi asebenzise lobu buchwepheshe ukuze enze i-rootkit efihliwe kusistimu engakwazi ukususwa (ngisho nangomhleli).
Usongo lokuyekethisa kwemishini ochungechungeni lokunikezela ngempahla lungokoqobo ngokumangazayo: ngokusobala, noma yimuphi unjiniyela we-electronics oyimfundamakhwela. usebenzisa imishini engabizi ngaphezu kwama-$200. Abanye ochwepheshe basola ukuthi "izinhlangano ezinesabelomali samakhulu ezigidi zamaRandi zingase zenza lokhu iminyaka eminingi." Nakuba bungekho ubufakazi, ngokwethiyori kungenzeka.
"Uma ungakwazi ukwethemba i-bootloader yehadiwe, umdlalo uphelile," Gavin Ferris, ilungu lebhodi labaqondisi be-lowRISC. "Akunandaba ukuthi uhlelo olusebenzayo lwenzani-uma ngesikhathi uhlelo lokusebenza luqala ukuthi usengozini, konke okunye kuyindaba yesu." Usuvele uqedile."
Le nkinga kufanele ixazululwe eyokuqala yohlobo lwayo lwe-hardware evulekile yesikhulumi i-OpenTitan (, , ). Ukuqhela ezixazululweni zobunikazi kuzosiza ekuguquleni "imboni ye-RoT evilaphayo nenamaphutha," kusho i-Google.
I-Google ngokwayo iqale ukuthuthukisa i-Titan ngemuva kokuthola isistimu yokusebenza ye-Minix eyakhelwe kuma-Intel Management Engine (ME) chips. Le OS eyinkimbinkimbi yandisa indawo yokuhlasela ngezindlela ezingalindelekile nezingalawuleki. Google , kodwa akuphumelelanga.
Uyini umsuka wokwethembana?
Isigaba ngasinye senqubo yokuqalisa isistimu sihlola ubuqiniso besigaba esilandelayo, ngaleyo ndlela sikhiqize iketango lokuthembela.
I-Root of Trust (i-RoT) iwukuqinisekisa okusekelwe ku-hardware okuqinisekisa ukuthi umthombo womyalelo wokuqala osebenzisekayo ochungechungeni lokuthembela awukwazi ukushintshwa. I-RoT iyisivikelo esiyisisekelo kuma-rootkits. Lesi yisigaba esibalulekile senqubo yokuqalisa, ehilelekile ekuqalisweni okulandelayo kwesistimu - ukusuka ku-BIOS kuya ku-OS kanye nezinhlelo zokusebenza. Kufanele iqinisekise ubuqiniso besinyathelo ngasinye sokulanda esilandelayo. Ukwenza lokhu, isethi yokhiye abasayinwe ngedijithali isetshenziswa esigabeni ngasinye. Enye yezindinganiso ezidume kakhulu zokuvikela ukhiye wehadiwe yi-TPM (I-Trusted Platform Module).
Ukusungula umsuka wokwethembana. Ngenhla inqubo yokuqalisa enezinyathelo ezinhlanu eyakha iketango lokuthembela, iqala nge-bootloader kumemori engaguquleki. Isinyathelo ngasinye sisebenzisa ukhiye osesidlangalaleni ukuze kuqinisekiswe ubunikazi bengxenye elandelayo ezolayishwa. Umfanekiso ovela encwadini kaPerry Lee
I-RoT ingasungulwa ngezindlela ezahlukene:
- ukulayisha isithombe kanye nokhiye wezimpande kusuka ku-firmware noma inkumbulo engaguquleki;
- ukugcina ukhiye wempande kumemori yesikhathi esisodwa ehlelekayo usebenzisa ama-fuse bits;
- Ilayisha ikhodi kusuka endaweni yememori evikelekile iye endaweni evikelekile.
Amaphrosesa ahlukene asebenzisa impande yokuthemba ngendlela ehlukile. I-Intel ne-ARM
sekela lobu buchwepheshe obulandelayo:
- I-ARM TrustZone. I-ARM ithengisa ibhulokhi ye-silicon yokuphathelene kubakhi bama-chip ehlinzeka ngomsuka wokwethembana nezinye izindlela zokuphepha. Lokhu kuhlukanisa i-microprocessor kusuka kumongo ongavikelekile; isebenzisa i-Trusted OS, isistimu yokusebenza evikelekile ene-interface echazwe kahle yokusebenzelana nezingxenye ezingavikelekile. Izinsiza ezivikelwe zihlala kumongo owethembekile futhi kufanele zibe lula ngangokunokwenzeka. Ukushintsha phakathi kwezingxenye zezinhlobo ezahlukene kwenziwa kusetshenziswa ukushintshwa kokuqukethwe kwehadiwe, okuqeda isidingo sesofthiwe yokuqapha evikelekile.
- I-Intel Boot Guard iwumshini wezingxenyekazi zekhompuyutha wokuqinisekisa ubuqiniso bebhulokhi yokuqala yokuqalisa ngokusebenzisa izindlela ezifihlwayo noma ngenqubo yokulinganisa. Ukuze uqinisekise ibhulokhi yokuqala, umenzi kufanele akhiqize ukhiye we-2048-bit, ohlanganisa izingxenye ezimbili: zomphakathi neziyimfihlo. Ukhiye osesidlangalaleni uphrintwa ebhodini βngokuqhunyiswaβ kwama-fuse bits ngesikhathi sokukhiqiza. Lezi zingcezu zisetshenziswa kanye futhi azikwazi ukushintshwa. Ingxenye eyimfihlo yokhiye ikhiqiza isiginesha yedijithali yokuqinisekisa okulandelayo kwesiteji sokulanda.
Inkundla ye-OpenTitan iveza izingxenye ezibalulekile zehadiwe/isistimu yesofthiwe, njengoba kukhonjisiwe kumdwebo ongezansi.
I-OpenTitan Platform
Ukuthuthukiswa kwenkundla ye-OpenTitan kulawulwa inhlangano engenzi nzuzo i-lowRISC. Ithimba lonjiniyela lizinze e-Cambridge (UK), futhi umxhasi oyinhloko yi-Google. Ozakwethu abasungula bahlanganisa i-ETH Zurich, i-G+D Mobile Security, i-Nuvoton Technology ne-Western Digital.
-Google iphrojekthi kubhulogi yebhizinisi ye-Google Open Source. Le nkampani ithe i-OpenTitan izibophezele "ekunikezeni isiqondiso sekhwalithi ephezulu ekwakhiweni kwe-RoT nokuhlanganiswa ukuze kusetshenziswe kumaseva esikhungo sedatha, isitoreji, amadivayisi asemaphethelweni nokunye."
Umsuka wokwethenjwa isixhumanisi sokuqala ochungechungeni lokwethembana ezingeni eliphansi kakhulu kumojula yekhompyutha ethembekile, ehlala ithenjwa ngokugcwele uhlelo.
I-RoT ibalulekile ezinhlelweni zokusebenza ezifaka izingqalasizinda zokhiye womphakathi (ama-PKIs). Kuyisisekelo sesistimu yezokuphepha lapho isistimu eyinkimbinkimbi efana nesicelo se-IoT noma isikhungo sedatha sisekelwe khona. Ngakho-ke kuyacaca ukuthi kungani i-Google isekela le phrojekthi. Manje inezikhungo zedatha ze-19 emazwenikazi amahlanu. Izikhungo zedatha, isitoreji, kanye nezinhlelo zokusebenza ezibaluleke kakhulu kumgomo wethula indawo enkulu yokuhlasela, futhi ukuze kuvikelwe le ngqalasizinda, i-Google yaqale yasungula eyayo impande yokwethemba i-Titan chip.
yezikhungo zedatha ye-Google yethulwa okokuqala kunkomfa ye-Google Cloud Next. βAmakhompyutha ethu enza amasheke e-cryptographic kuphakheji ngayinye yesofthiwe bese enquma ukuthi ayinikeze yini ukufinyelela kuzinsiza zenethiwekhi. I-Titan ihlanganisa le nqubo futhi inikeza izendlalelo ezengeziwe zokuvikela,β kusho abamele i-Google kuleyo phrezentheshini.
I-Titan chip kuseva ye-Google
I-Titan Architecture ngaphambilini ibiphethwe yi-Google, kodwa manje yenziwa isizinda somphakathi njengephrojekthi yomthombo ovulekile.
Isigaba sokuqala sephrojekthi wukwakhiwa komklamo we-RoT onengqondo ezingeni le-chip, okuhlanganisa ne-microprocessor yomthombo ovulekile. , amaphrosesa e-cryptographic, i-hardware ekhiqiza izinombolo ezingahleliwe, ukuhlelwa kokhiye kanye nenkumbulo yokugcina okungaguquguquki nokungaguquguquki, izindlela zokuphepha, ama-peripheral e-I/O kanye nezinqubo zokuqalisa ezivikelekile.
I-Google ithi i-OpenTitan isuselwe ezimisweni ezintathu ezibalulekile:
- wonke umuntu unethuba lokuhlola ipulatifomu futhi anikele;
- ukwanda kokuvumelana nezimo ngokuvula idizayini evikelekile enengqondo engavinjwa imikhawulo yobunikazi bokuthengisa;
- ikhwalithi ayiqinisekiswanga yi-design ngokwayo kuphela, kodwa futhi ngereferensi ye-firmware kanye nemibhalo.
βAma-chips amanje anezimpande zokwethembana anobunikazi obukhulu. Bathi bavikelekile, kodwa iqiniso liwukuthi ukuthatha kalula futhi awukwazi ukukuqinisekisa ngokwakho,β kusho u-Dominic Rizzo, usosayensi oholayo wezokuphepha wephrojekthi ye-Google Titan. βManje, ngokokuqala ngqΓ‘, kungenzeka ukunikeza ukuvikeleka ngaphandle kokukholelwa ngokumpumputhe kubathuthukisi bempande yobunikazi yokuklama ukwethembana. Ngakho isisekelo asiqinile nje kuphela, singaqinisekiswa.β
U-Rizzo wengeze ngokuthi i-OpenTitan ingabhekwa "njengomklamo osobala ngokuqhathaniswa nesimo samanje sezinto."
Ngokusho kwabathuthukisi, i-OpenTitan akufanele neze ithathwe njengomkhiqizo oqediwe, ngoba ukuthuthukiswa akukakaqedi. Bavule ngamabomu ukucaciswa nokuklama intuthuko emaphakathi ukuze wonke umuntu akwazi ukuyibuyekeza, anikeze okokufaka, futhi athuthukise uhlelo ngaphambi kokuba ukukhiqizwa kuqale.
Ukuze uqale ukukhiqiza ama-chips e-OpenTitan, udinga ukufaka isicelo futhi uthole isitifiketi. Ngokusobala, akukho mali edingekayo.
Source: www.habr.com