The CryptoManager Root of Trust is an independent hardware security block for integration into semiconductor devices, offering secure execution of user applications, tamper detection and protection, secure storage and handling of keys and security assets, and resistance to side-channel attacks. The Root of Trust offers chipmakers a siloed approach to security; while located on the same silicon as the main processor, the secure processing core is physically separated. A layered security approach enforces access to crypto modules, memory ranges, I/O pins, and other resources, and assures critical keys are available through hardware only with no access by software. Readily deployable, the Root of Trust is easily integrated with industry-standard interfaces and system architectures. It includes hardware cryptographic accelerators for standard algorithms such as AES, SHA, RSA, ECDSA and ECDH, and can be customized for an OEMs unique requirements.
Offering true multiple root of trust capabilities, each individual application can be assigned its own unique keys, meaning permissions and access levels are set completely independent of others. OEMs can determine access levels and permissions for each and all processes operating within the secure processor. Applications are siloed from each other, ensuring the best approach to security.
Part of the comprehensive CryptoManager Security Platform that includes embedded cores, key provisioning infrastructure and infield services, the Root of Trust provides the highest level of end-to-end security at all stages of the chip lifecycle for applications like IoT, automotive, sensors, and connectivity.
Tools and Scripts
Large OEM customers requesting personalization, customer specific data preparation and feature customization of standard parts challenge the chipmakers ability to minimize inventory overhead and improve operating efficiencies.
The CryptoManager solution provides a method for chip and device companies to authenticate the device and authorize the provisioning of the debug enable/disable operation for each device.