Building security in an SoC aiming to meet the goals set by the ARM Platform Security Architecture (PSA) is a complex matter. This is compounded by the complexity of modern-day SoCs comprising multiple processors, security domains and security levels. The Rambus root of trust provides a solid foundation for the SoC security architecture ticking ‘all the boxes’ for reaching the security goals, while offering extensive support for effective integration into a complex TrustZone-based SoC infrastructure.
The confidentiality and integrity of cryptographic key material is critical to maintaining system security. A hardware root of trust, such as the Rambus CryptoManager Root of Trust, is designed to securely generate, store, and employ cryptographic keys. Tortuga Logic has independently verified the policies surrounding access to keys stored within registers in the CryptoManager Root of Trust using its Radix™ pre-silicon security verification platform.
Chiplets are gaining significant traction as they deliver numerous benefits beyond what can be accomplished with a monolithic SoC in a time of slowing transistor scaling. However, disaggregating SoCs into multiple chiplets increases the attack surface which adversaries can exploit to penetrate safeguards to data and hardware. With chiplets, the risks of hardware-based trojans and exploits such as man-in-the-middle attacks all rise. To realize the many benefits of chiplets, designers should use a design for security approach, and implement security safeguards anchored in hardware.
Quantum computing offers the promise of tremendous leaps in processing power over current digital computers. But for the public-key cryptography algorithms used today for e-commerce, mobile payments, media streaming, digital signatures and more, quantum computing represents an existential event. Quantum computers may be able to break the widely used RSA and ECC (Elliptic-Curve Cryptography) algorithms in as little as days. Work on Post Quantum Cryptography (PQC) is well under way, but implementation will come with its own set of challenges. Rambus has solutions and recommendations to ready customers for a post-quantum world.
The MACsec, IPsec and SSL/TLS/DTLS protocols are the primary means of securing data in motion (communicated between connected devices). These protocols can be anchored in hardware or implemented in software as part of an end-to-end security architecture. This white paper provides fundamental information on each of these protocols including their interrelationships and use cases.
Dedicated accelerator hardware for artificial intelligence and machine learning (AI/ML) algorithms are increasingly prevalent in data centers and endpoint devices. These accelerators handle valuable data and models, and face a growing threat landscape putting AI/ML assets at risk. Using fundamental cryptographic security techniques performed by a hardware root of trust can safeguard these assets from attack.