Today at the Open Compute Project Global Summit, we introduced Caliptra 2.1, an open-source silicon Root of Trust (RoT) security subsystem designed for seamless integration into secure devices. Building upon Caliptra 1.0, which included capabilities for identity and measurement, Caliptra 2.1 represents a significant leap forward. It provides a complete RoT security subsystem, quantum resilient cryptography, and extensions to hardware-based key management, delivering new defense in depth security capabilities. The Caliptra 2.1 subsystem represents a foundational element for securing devices, anchoring through hardware a trusted chain for protection, detection, and recovery.
In August, we shared Azure’s hardware security architecture and silicon technologies to ensure data remains protected throughout its lifecycle:
- Data in-transit is encrypted as it is transferred across networks and interconnects.
- Data in-use: isolation and encryption of data using Confidential Computing and hardware-based Trusted Execution Environments with memory encryption.
- Data at-rest: encryption of data when written to storage media.
To strengthen data-at-rest protection across the industry, Microsoft, in collaboration with Google, Samsung, Kioxia, and Solidigm, developed OCP L.O.C.K. (Layered Open-source Cryptographic Key-management). Implemented in Caliptra 2.1, L.O.C.K provides secure and transparent key management in self-encrypting storage devices. It supports hardware-enforced key isolation, layered key hierarchies, and attested secure erase.
Caliptra 2.1 integrates Adams Bridge 2.0, offering both ML-DSA and ML-KEM with side channel countermeasures. These new capabilities offer resilience now against “harvest-now, decrypt-later” attacks and against future quantum capabilities. Caliptra’s new security subsystem architecture offers a broader set of Root-of-Trust capabilities including ownership transfer for owner-endorsed code integrity, and streaming boot for resilient recovery.
The Journey So Far
In 2022, Microsoft along with AMD, Google and Nvidia established Caliptra. The founding principles for Caliptra were centered on; the RoT is a foundational element in secure devices; transparency builds trust; and consistency enables defense in-depth for stronger security assurances.
Since the first release of Caliptra 1.0, there has been broad adoption and steady momentum of Caliptra into secure devices. As more SoC manufacturers join the Caliptra community, they commonly seek answers to four key questions:
1) What is the silicon area of Caliptra?
Several factors influence area size, but a common estimation method is based on logic gate count. The complete Caliptra subsystem, including accelerators for secure-boot attestation, identity, and recovery, totals 1,640,145 gates.
Approximately 62% of this logic is dedicated to cryptographic hardware accelerators, the key vault, and key mover logic. The remaining area comprises RISC-V cores, SoC interface logic, and recovery interfaces.
Figure 1 Caliptra by logic gate count
2) How is the Caliptra quality bar upheld?
Security and quality are top priorities for Caliptra, and every release undergoes rigorous validation. While some open-source projects may be perceived as lacking high quality standards, this is a generalization that does not reflect the broader open-source ecosystem. Many open-source projects are exceptionally well-maintained and held to a high-quality bar.
In Caliptra, quality is a core commitment. Each release follows a comprehensive, peer-reviewed validation plan that includes clean checks for CDC (Clock Domain Crossing), RDC (Reset Domain Crossing), linting, and synthesis. Formal verification is conducted by independent third-party FPV (Formal Property Verification) firms. Additionally, design and verification teams from Caliptra’s founding companies thoroughly validate the architecture and implementation.
Every release is tagged with a version label, and all associated code, documentation, and validation results are published. Test benches, test cases, and coverage reports are also made available as open source for community review and verification.
3) Why open-source, when the silicon ecosystem is mostly closed source?
The software ecosystem broadly embraces open source and thrives on the benefits, but this approach is still relatively uncommon in silicon design. From the outset, Caliptra was founded on two core principles: driving security transparency and security consistency into the silicon root of trust.
Through open-source, transparency provides high security assurance and visibility into the implementation of this critical security component. This is reinforced by the combined security expertise of contributing companies, independent reviews through OCP-SAFE providers, formal verification by third-party firms, and engagement from the research community. Together, these efforts enable independent verification of the security claims made by the hardware, reinforcing trust in the platform.
Consistency is key to establishing a secure baseline on which to build layers of defense. Rather than relying on fragmented or inconsistent implementations, consistency enables focused hardening and fortification. This allows targeted investments in robust security measures that deliver predictable and verifiable security posture. In Caliptra, this includes a highly resilient feature set with renewable security, hardware-based key management and multiple layers of side channel countermeasures.
4) How can I get involved?
The website https://Caliptra.io has instructions on how to get involved. Explore the documentation on Caliptra’s website and review the implementation on GitHub. Sign up to join the CHIPS Alliance Caliptra weekly community call and the Open Compute Project weekly Security call.
Microsoft