Watch this webinar to learn about the components that move, accelerate, and store the data that enable the applications of the future including artificial intelligence (AI), Internet of Things (IoT) and 5G.
Secure Silicon IP Series: When One is Not Enough: Multiple Roots of Trust (Part Three)
With a hardware root of trust, security protocols and applications can be run within a secure perimeter of an SoC, keeping keys and security assets protected from unauthorized access. This session will discuss how a secure co-processor with multiple roots of trust allow different entities or applications to have their own “virtual” security core in the SoC, but each with a private security domain.
Protecting Computing Systems in a Post-Meltdown/Spectre World
When Jann Horn of Google’s Project Zero posted a detailed blog titled “Reading privileged memory with a side-channel,” it set off a firestorm of activity as the post confirmed that secret information inside a computer could be accessed via two different attacks, Meltdown and Spectre. Essentially, both attacks utilize CPU data cache timing to efficiently exploit and leak information from the system. This could lead to – at worst – arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts.
Secure Silicon IP Series: Will the Real Root of Trust Please Stand Up? (Part Two)
In simple terms, a root of trust is the security foundation for a system-on-a-chip (SoC) or electronic system. Any functionality that needs to be secure relies in whole or in part on that root of trust. However, the term “root of trust” means different things to different people. In some cases, a root of trust is thought to be a single key that was either provisioned to a device or generated by the device itself. In other cases, a root of trust is seen as code, usually boot code, that is immutable and considered always trusted. A newer definition of a root of trust is a hardware module embedded in a chip or system that provides security functionality that keeps the entire chip or system secure.
Rambus Expands Family of CryptoManager Root of Trust Secure Silicon IP Cores
Highlights:
- Offers tailored configurations addressing the security needs of Internet of things (IoT), artificial intelligence (AI), machine learning (ML), cloud, government, military and automotive applications
- Employs fully programmable hardware-level security co-processor with the ability to adapt to a dynamic threat environment
- Purpose-built, complete security solution offers ease of integration into SoC designs
- Features FIPS 140-2 ready crypto module and accelerators and DPA resistant crypto cores; designed for automotive-specific configuration ISO-26262-2018 ASIL-D
SUNNYVALE, Calif. – June 26, 2019 – Rambus Inc. (NASDAQ: RMBS) today announced the expansion of the CryptoManager Root of Trust family of products, a series of fully programmable, hardware-level secure silicon IP cores to address the security needs of applications including IoT, AI, ML, cloud, government, military and automotive. CryptoManager cores employ a siloed architecture. They isolate and secure sensitive code, processes, and algorithms from the main processor cores. This mitigates the risk of critical vulnerabilities like the Meltdown and Spectre security flaws. The CryptoManager Root of Trust is purpose-built for security — it features tailored configurations that allow chip designers to optimize main processors for high performance, while relying on the root of trust to perform security processes.
“Security is a mission critical imperative for SoC designs serving virtually every application space,” said Neeraj Paliwal, vice president of products, cryptography at Rambus. “The Rambus CryptoManager Root of Trust family offers tailored secure silicon IP solutions which chip architects can incorporate to meet the specific security needs of their designs.”
Offering a full array of security services, the CryptoManager Root of Trust enables secure boot and runtime integrity checking, remote authentication and attestation, and hardware acceleration for symmetric and asymmetric cryptographic algorithms. Featuring a layered security model, Federal Information Processing Standards (FIPS) 140-2 certified crypto accelerators, and multiple roots of trust to support independent privilege levels, the CryptoManager Root of Trust serves a wide range of applications.
The CryptoManager Root of Trust creates a foundation for Rambus’ comprehensive CryptoManager suite of solutions, including the CryptoManager Infrastructure for secure provisioning. For more information on the Rambus CryptoManager Root of Trust family of cores, visit rambus.com/security/cryptomanager-platform/root-of-trust/.
CryptoManager Root of Trust Technical Details
Within the product family, seven standard configurations address the specific security requirements and certification standards of different end markets. The RT-730 automotive design offers an ISO-26262-2018 ASIL-D-ready implementation, targeting vehicle-to-vehicle and vehicle-to-infrastructure (V2X), advanced driver-assistance systems (ADAS), and infotainment uses. For cloud, AI and ML accelerator chips, the RT-630 helps secure valuable training models, and training and inference data. For government-focused chip designs, the RT-650 offers a design that targets FIPS 140-2 Cryptographic Module Validation Program (CMVP) certification with Suite B accelerators. The RT-660 extends the functionality of RT-650 with the addition of Differential Power Analysis resistant cryptographic cores.
The CryptoManager Root of Trust family of products offers an end-to-end security implementation, comprised of a fully synthesizable IP core that anchors trust in silicon. It includes state-of-the-art crypto accelerators, security firewalls, an entropy source, secure key generation and derivation, secure one-time programmable (OTP) memory management, and a complete secure embedded firmware stack. The secure firmware stack offers secure boot for the root of trust as well as the SoC CPU(s), communicating securely with the SoC stack and running signed secure applications on the root of trust’s CPU. A reference SDK allows integrators to build secure boot, secure firmware updates and secure applications, with provided examples and references. Available evaluation boards and QEMU allow chip designers to easily evaluate the CryptoManager Root of Trust and secure applications.
Secure Silicon IP Series: Complexity vs. Security (Part One)
This webinar will explore some of the threats facing SoC and processor designers and how can SoCs be architected for both performance and security.
