LibreRoT: A Minimal Root of Trust for Sustainable Devices

Trusted computing is becoming increasingly important as devices take over more sensitive and security-critical functions. The Root of Trust (RoT) in such devices must be implicitly trusted and must resist attacks for the entire lifetime. Unfortunately, existing designs limit device sustainability since they are often complex, proprietary, monolithic, and dependent on the vendor to support continued operation for the whole lifetime of a device. The LibreRoT architecture provides a blueprint for a more sustainable RoT that is minimal, fully documented, modular, and can be updated independently of the vendor without sacrificing security functionality. To show the feasibility of the approach, the M³RoT design integrates the LibreRoT architecture into the M³ hardware/operating system co-design platform and provides the cryptographic foundation for attestation and data protection in M³ applications. M³RoT can load and measure an M³ configuration within milliseconds using a simple 100 MHz CPU core, 128 KiB on-chip memory, and a hash accelerator.

(Diploma Thesis defense)