Building security in an SoC aiming to meet the goals set by the ARM Platform Security Architecture (PSA) is a complex matter. This is compounded by the complexity of modern-day SoCs comprising multiple processors, security domains and security levels. The Rambus root of trust provides a solid foundation for the SoC security architecture ticking ‘all the boxes’ for reaching the security goals, while offering extensive support for effective integration into a complex TrustZone-based SoC infrastructure.
The confidentiality and integrity of cryptographic key material is critical to maintaining system security. A hardware root of trust, such as the Rambus CryptoManager Root of Trust, is designed to securely generate, store, and employ cryptographic keys. Tortuga Logic has independently verified the policies surrounding access to keys stored within registers in the CryptoManager Root of Trust using its Radix™ pre-silicon security verification platform.
Chiplets are gaining significant traction as they deliver numerous benefits beyond what can be accomplished with a monolithic SoC in a time of slowing transistor scaling. However, disaggregating SoCs into multiple chiplets increases the attack surface which adversaries can exploit to penetrate safeguards to data and hardware. With chiplets, the risks of hardware-based trojans and exploits such as man-in-the-middle attacks all rise. To realize the many benefits of chiplets, designers should use a design for security approach, and implement security safeguards anchored in hardware.
Quantum computing offers the promise of tremendous leaps in processing power over current digital computers. But for the public-key cryptography algorithms used today for e-commerce, mobile payments, media streaming, digital signatures and more, quantum computing represents an existential event. Quantum computers may be able to break the widely used RSA and ECC (Elliptic-Curve Cryptography) algorithms in as little as days. Work on Post Quantum Cryptography (PQC) is well under way, but implementation will come with its own set of challenges. Rambus has solutions and recommendations to ready customers for a post-quantum world.
A torrent of data traffic is growing at an exponential rate driven by applications including 5G, AI/ML, video streaming, online gaming, ADAS and more. Handling this data traffic are hyperscale data centers that have grown to over 500 in number worldwide with a third as many in the pipeline. To scale computing resources to the growing data demands, hyperscale data centers deploy fiber optics throughout to provide the needed bandwidth and manage the power. Pluggable small form-factor optical modules have scaled the optical connections from 50G to 400G over the past two decades. With the evolution to 800G Ethernet and beyond, new architectures including co-packaged optics can enable the desired performance while keeping power consumption within the desired envelope.
The MACsec, IPsec and SSL/TLS/DTLS protocols are the primary means of securing data in motion (communicated between connected devices). These protocols can be anchored in hardware or implemented in software as part of an end-to-end security architecture. This white paper provides fundamental information on each of these protocols including their interrelationships and use cases.