U.S. flag   An unofficial archive of your favorite United States government website
This is an archive
(replace .gov by .rip)

Roots of Trust RoT

Project Overview

Modern computing devices consist of various hardware, firmware, and software components at multiple layers of abstraction. Many security and protection mechanisms are currently rooted in software that, along with all underlying components, must be trustworthy. A vulnerability in any of those components could compromise the trustworthiness of the security mechanisms that rely upon those components. Stronger security assurances may be possible by grounding security mechanisms in roots of trust. Roots of trust are highly reliable hardware, firmware, and software components that perform specific, critical security functions. Because roots of trust are inherently trusted, they must be secure by design. As such, many roots of trust are implemented in hardware so that malware cannot tamper with the functions they provide. Roots of trust provide a firm foundation from which to build security and trust.


Contacts

Andrew Regenscheid
andrew.regenscheid@nist.gov

Topics

Security and Privacy: assurance, cryptography

Technologies: BIOS, hardware, mobile

Related Projects

DevSecOps
Entropy as a Service

Created August 31, 2016, Updated June 22, 2020