The group Google has developed a family of security chips Titan that can be found in some of its data center equipment to add layers of security, especially up to the hardware level.
These components found their way into the new smartphones Google Pixel 3 and Pixel 3 XL in the form of a dedicated chip Titan M whose fime describes the features in several blog posts.
Titan M takes some of the attributes of Titan server chips by acting on many levels. It verifies for example that the startup of the mobile device is done with a validated firmware and not corrupted by malicious programs. However, this may also have negative consequences for custom ROM enthusiasts and advanced customization.
Left, Titan server chip, right Titan M
The Titan M chip is also responsible for limiting the number of possible attempts to guess the password of a locked smartphone or to better secure the flash memory containing the encrypted data.
The security of transactions and trusted links within Android is also overseen by the new Google chip, especially with the new security enhancement APIs introduced with Android 9.0 Pie.
Google says that this is not just a new microcontroller monitoring the high layers of the system but a device designed to protect mobile devices to their electrical circuits, for the sake of security extending to supply chains and production (also history of removing doubts about the presence of spy chips added in the production lines).
The Titan M component consists of a microprocessor ARM Cortex-M3 associated to 64 Kb of RAM constantly powered, with protections designed to detect anomalies likely to signal attempts to attack. It supports AES and SHA and embeds a coprocessor processing algorithms with public key.
It also operates a random number generator TRNG (True Random Number Generator) supposed to not allow to predict the values produced for its internal keys, which do not leave the component.