Decoding the Google Titan, Titan, and Titan M – that last one is the Pixel 3's security chip
Chocolate Factory opens lid, just a little, on secure boot and crypto phone coprocessor
People in the Googleplex need to talk to each other more: the Chocolate Factory has launched a third product with “Titan” in its name, and it's only related to one of the other two bits of kit.
The latest Titan to be welcomed by a waiting world is Titan M; a custom chip that adds extra security features to Mountain View's Pixel 3 smartphones. This should not be confused with the Titan Security Key, Google's two-factor authentication dongle, but it's related to Titan, a custom security chip used in Google's data centers. Hope that's clear.
When Google revealed the data centre Titan chip last year, the Chocolate Factory said its purpose was to provide a “hardware-verified boot and end-to-end authenticated root of trust” for its servers.
For the Titan M in the latest Pixel smartphones, Google explained on Wednesday, there's that same root of trust, ensuring the device starts up an operating system that hasn't been tampered with by malware or hackers, and is cryptographically signed off by Google. Thus the mobile version of Titan powers the Pixel 3's Verified Boot mechanism, helping the bootloader “make sure that you're running the right version of Android.”
The chip, which uses an Arm Cortex-M3 microprocessor core, also records the last known “safe Android version,” and blocks attackers from trying to downgrade a device to an older and less secure version.
If you do cop a malware infection, Titan M stops the code from trying to unlock the bootloader and alter low-level system stuff, according to Google.
Titan M also handles lock-screen passcode verification on Pixel 3 handsets, enforces login attempt limits, and only lets content be decrypted once the user's passcode is verified. It seems very similar to Apple's secure coprocessor in its iPhones. Arm also provides blueprints for installing roots of trust in system-on-chips.
The Titan M's “secure flash and fully independent computation” harden the phone against attackers seeking to forcibly decrypt data stored on the handheld, we're told. The chip is physically removed from the main processor cores, reducing the risk of data being siphoned off from side channels.
Third-party apps get better security for sensitive transactions by using the customized hardware, Google said: thanks to Android 9's StrongBox KeyStore APIs, Titan M can store users' private keys, and the Protected Confirmation API can “help to ensure that the user (not malware)” has confirmed a transaction.
Finally, the chip's own firmware is protected with the user's passcode – without a valid code, the firmware cannot be updated. That way, even if someone discovers a lock screen bypass (something even iPhones sometimes fall prey to), they can't then install malicious firmware on the Titan M, in theory. The firmware source code will also be made available publicly soon for people to inspect.
"While Google holds the root keys necessary to sign Titan M firmware, it will be possible to reproduce binary builds based on the public source for the purpose of binary transparency," Google insisted. ®