Teleport Launches Beams — Trusted Agent Runtimes For Infrastructure
Learn More
Support
LOG IN
Teleport logoGet a Demo
Try for FreeContact Sales
Support
LOG IN
<< Back to Teleport Academy Index

What is a Root of Trust (RoT)?

A root of trust (RoT) is a source within a computing system that is inherently and implicitly trusted. RoTs are designed to be the "first link" in a security chain, providing functions such as cryptographic key storage, identity verification, and integrity measurement that the rest of the system can rely upon.

Sam Nawab

AUTHOR:

Sam Nawab

Content Marketing Manager, Teleport

Article Contents

Where does trust begin in a computing system? 

Before an operating system loads, an application runs, or a user authenticates, the underlying hardware must prove that it is genuine and unmodified. This certainty is determined by the root of trust (RoT), the starting point for system trust and verification. The National Institute of Standards and Technology (NIST) defines a root of trust as a highly reliable hardware, firmware, and software component that performs specific, critical security functions in order to build a firm security and trust foundation.

When implemented into information and technology systems, a root of trust is typically a standalone hardware component, such as a dedicated chip or a protected region within a processor. This dedicated component remains isolated from the primary operating system. This isolation is critical, as it keeps the root of trust protected even if the device’s main software is compromised by sophisticated malware or administrative-level breaches. These are known as a hardware root of trust (HRoT).

What does a root of trust do?

Traditional security measures, such as antivirus software or firewalls, operate at the software level and can only protect what they can observe. If an attacker compromises the firmware or the boot process, they can effectively hide from the operating system, gaining a level of persistence that survives reboots and disk wipes.

A root of trust addresses these vulnerabilities by providing several key security protections:

  • Immutable identity: RoTs assign a unique, non-forgeable cryptographic identity to a device, preventing unauthorized spoofing or impersonation.
  • Protection against low-level attacks: RoTs detect and block "bootkits" or "rootkits" that attempt to modify the system before the security software even initializes.
  • Secure key management: RoTs act as a digital vault for the most sensitive cryptographic keys, keeping keys confined to protected hardware rather than system memory where they could be exfiltrated.
  • Foundation for attestation: RoTs allow a device to provide verifiable "proof" of its health and integrity to external systems in a process known as remote attestation.

What is a hardware root of trust?

NIST defines a hardware root of trust (HRoT) as "an inherently trusted combination of hardware and firmware that maintains the integrity of information."

A hardware root of trust is the secure foundation of a computing system and its operations. When implemented, an HRoT contains the keys used for cryptographic functions and enables secure boot processes. An HRoT can be implemented as a stand-alone security module, within a processor, or within a system on chip (SoC).

Hardware root of trust architectures rely on specialized components such as:

  • Trusted Platform Module (TPM): A Trusted Platform Module is a microcontroller on a motherboard that provides hardware-based key storage and platform integrity measurement, forming a foundational hardware Root of Trust.
  • Trusted Execution Environments (TEEs): A Trusted Execution Environment is a hardware-enforced isolated execution environments within modern processors that protect sensitive workloads and cryptographic operations from the host operating system. Examples include Arm TrustZone, AMD SEV-SNP, Intel TDX, and Apple’s Secure Enclave (M-series).

Hardware vs. software root of trust

While it is possible to implement a root of trust in software, it is generally considered insufficient for high-security environments. This is because a software-based RoT resides in the same memory space as the potential threats it is designed to detect, making it vulnerable to the same exploits that compromise the operating system. If the underlying operating system is compromised, the foundation of trust is broken.

How a root of trust works: The chain of trust

A root of trust operates through a “chain of trust,” a hierarchical system in cybersecurity where trust is established and passed down from a trusted "root" to intermediate entities, ensuring authenticity. A chain of trust consists of a sequential cryptographic verification process where each component in the boot sequence is authenticated by the preceding, already trusted component before execution. When completed, this chain establishes an unbroken chain of verified integrity from hardware power-on to operating system load.

What is the chain of trust?

A chain of trust consists of multi-step, sequential verification process:

  1. Hardware activation (trust anchor): Upon power-on, the hardware RoT (e.g., boot ROM) is the first executable code and is inherently trusted and immutable. It serves as the system's  trust anchor.
  2. Firmware verification: The boot ROM verifies the cryptographic signature of the firmware using public keys hardcoded into the hardware. Valid signatures allow firmware execution.
  3. Bootloader verification: The verified firmware then measures and cryptographically verifies the bootloader. Any discrepancy halts the boot process, preventing compromised bootloader execution.
  4. Operating system integrity: The authenticated bootloader verifies the operating system kernel, which in turn validates drivers and libraries. This extends the trust boundary up the software stack.
  5. Trusted state and attestation: Successful verification across all stages results in a "trusted state." The RoT can then sign cryptographic measurements, providing a verifiable record of system integrity for local policy enforcement or remote attestation. 

Failure at any point in this chain indicates a potential compromise, leading to a controlled system response to prevent untrusted code execution. This layered verification is critical for system security from the first instruction. 

Root of trust and zero trust

Zero trust operates on a key principle: "never trust, always verify." 

A root of trust provides the technical mechanisms required to implement this principle in real world systems. In a zero trust architecture (ZTA), access to resources is not implicitly granted based on network location. Instead, every access request is rigorously evaluated based on the identity and integrity of the requesting entity and device. RoT-backed signals are crucial for establishing this verifiable trust, and support key zero trust principles: identity verification, device integrity, and policy enforcement.

Zero trust principle

How root of trust aligns

Identity verification: Authenticating users and devices before granting access.

Provides unique, hardware-bound cryptographic identities (such as attestation keys) that allow devices to prove their identity and resist spoofing during authentication.

Device integrity: Verifying if devices are healthy, compliant, and free from compromise.

Utilizes secure measurement capabilities via root of trust for measurement (RTM) to cryptographically hash boot components, verifying the entire boot chain's integrity and reporting any deviations.

Policy enforcement: Granting least-privilege access based on context and risk.

Offers secure, tamper-resistant storage (TRS) for critical policy enforcement keys and configuration data. Access decisions are based on trusted and unaltered parameters.

What does an implemented root of trust look like?

The principles of root of trust are fundamental to securing an array of computing systems, from consumer devices to enterprise infrastructure.

  • Mobile device security: Smartphones use hardware roots of trust, such as a Secure Enclave or ARM TrustZone, to isolate and protect biometric data and cryptographic keys. Authentication and payment operations occur within these protected environments, keeping sensitive information secure even if the main operating system is compromised.
  • Secure boot in PCs and servers: Secure Boot, implemented in UEFI firmware, enforces a chain of trust during startup. Only digitally signed software is allowed to load, preventing malicious bootloaders or operating system components from executing and protecting against low-level malware.
  • IoT device authentication: Hardware roots of trust provide devices with unique cryptographic identities and protect firmware integrity. This enables secure authentication to cloud services and verification of over-the-air updates, preventing unauthorized code execution or device impersonation.
  • Secure web browsing: The HTTPS “lock” icon indicates that a website’s certificate chains back to a trusted root certificate authority. These root public keys are stored in the operating system or browser, where integrity is often protected by hardware-based security mechanisms, which help prevent man-in-the-middle attacks and protect encrypted communication.
  • Cloud computing instance integrity: Cloud platforms use hardware roots of trust to verify the integrity of hypervisors and virtual machine images before they run. Workloads execute on trusted, untampered infrastructure.

How root of trust secures modern infrastructure

A root of trust can be implemented at scale, from protecting individual devices to securing entire data centers and cloud networks. Modern infrastructure environments rely on RoTs to establish identity and protect sensitive resources across distributed environments. 

Common use cases for roots of trust in modern infrastructure environments include:

  • Machine identity and attestation: When a server joins an environment (e.g., a Kubernetes cluster, access management platform, or cloud control plane), it can use its hardware root of trust to perform remote attestation, proving to the control plane that it is running an approved configuration before being issued credentials.
  • TPM-backed SSH keys: Rather than storing SSH keys as vulnerable files on a disk, they may be be generated and stored inside a TPM, which ensures the private key never leaves the hardware and prevents theft and unauthorized migration.
  • Certificate Authority (CA) protection: Certificate Authorities use hardware security modules (HSMs) to safeguard the root signing keys that issue all other certificates, which preserves the integrity of the organization’s trust hierarchy.
  • AI and agentic systems: RoT validates platform integrity before execution, reducing the risk of sensitive workloads running on compromised systems.

Root of trust in AI and agentic systems

A root of trust provides cryptographic measurement and verification of the hardware and software environment in which AI workloads run, including agentic AI systems. A hardware root of trust may be embedded directly into AI silicon (CPUs, GPUs, NPUs) to provide a physical anchor for system integrity, and to ensure that AI models, firmware, and data remain untampered with. 

Using hardware-backed isolation (e.g., TEEs) and remote attestation, a root of trust also enables systems to validate platform integrity before decrypting model artifacts or accessing protected credentials, such as API tokens, signing keys, or service identity certificates used by agents to authenticate and communicate. This can prevent malicious AI workloads and agents from running and prevent data from compromise or manipulation. However, a root of trust does not assess model behavior or determine model safety.

Common use cases for root of trust in agentic AI systems includes:

  • Runtime attestation: Validating platform state prior to loading or decrypting model components.
  • Credential protection: Storing signing keys and API tokens in TPM-backed or TEE-backed secure storage.

Frequently Asked Questions

What is the Chain of Trust?

The Chain of Trust is a sequential verification process in which each system component is authenticated by a previously trusted component before it runs. This creates an unbroken path of verified integrity from hardware power-on to operating system load and beyond.

A software root of trust (RoT) runs within the operating system environment and depends on that environment’s security. A hardware root of trust is physically isolated from the main CPU and memory, providing stronger protection against tampering.

Zero trust requires continuous verification of identity and device integrity. A root of trust provides hardware-bound cryptographic identities and verifiable integrity measurements that systems can use to evaluate trust before granting access.

A root of trust verifies the integrity of the platform and runtime environment before AI models execute. It can also bind cryptographic identity to autonomous agents and provide evidence that models and data were processed in verified environments.

In distributed systems, a root of trust (RoT) enables hardware-backed identity, remote attestation, protected key storage, and verification of servers or workloads before they are admitted into trusted environments.