Be sure to attend IoT Security Foundation Conference 2024 this October as John Sirianni from Tropic Square dives deep into how open hardware supports the decentralized future of security
The volume of cyberattacks continues to rise at an alarming rate. As the threat landscape grows more complex, a critical question persists: How secure is secure enough? Many companies claim high level security through security evaluation certificates, yet the secure designs remain hidden.
This approach to hardware security design has proven to be a liability, as demonstrated by the experience of our first use case customer, Trezor, creators of the first hardware wallet.
The Problem with Closed Designs
For almost a decade, Trezor investigated implementing a secure chip for their hardware wallet. As a company responsible for protecting customer financial assets, the engineers run all the known attack scenarios against their device during testing. They soon discovered a vulnerability when prototyping with a vendor’s security chip. When reported, the vendor dismissed the concern as “out of scope”. Due to the non-disclosure agreements with the vendor, Trezor couldn’t seek external resources to address the issue either. This scenario highlights some fundamental flaws with closed-design security chips:
● Addresses only vendor-specific security threats
● Creates a dangerous illusion of complete security coverage
● Risks systems integrating closed chips to remain vulnerable to unconsidered threats
● Falls quickly behind the market in addressing future threats once discovered by the development
community
Attempting to hide a chip’s inner security functions within a “Black Box” is essentially “security by obscurity” – an approach that doesn’t inherently improve security. When independent assessments and external security experts are hindered from reporting and resolving issues, the process of repairing flaws is significantly slowed.
Transparency: The Key to Enhanced Security
A chip designed with open architecture enables a broader range of experts to test and evaluate it, mimicking real-world usage and threats. The ability for anyone to access the secure chip designs invites a collective effort to help identify weak points early and accelerates the development of patches. As this process repeats itself, it creates a dynamic, community-driven defense mechanism as you can see today in open source software communities like Linux or OpenSSL.
This open approach underscores a crucial point: true security comes from constantly uncovering and addressing vulnerabilities, not hiding them. This ensures that chips can evolve alongside the threat landscape, remaining secure long after deployment.
Conclusion: A New Era in Security
Recognizing these challenges, Tropic Square was founded to prioritize transparency in security chips and developed TROPIC01. As cybersecurity stakes continue to rise, the need for transparent, adaptable, and resilient systems becomes increasingly critical.
By inviting global scrutiny of hardware security designs, we’re not only advocating for a paradigm shift in the security chip manufacturing industry. We’re pushing for the next generation of hardware security across all industries to be built on a foundation of openness, innovation, and verifiable trust.