Security Icon

Security

CryptoManager Root of Trust RT-670

The CryptoManager Root of Trust RT-670 is a fully-programmable, FIPS 140-2 compliant hardware security core offering security by design for military applications. It protects against a wide range of attacks with state-of-the-art anti-tamper and DPA-resistant security techniques.

Military applications require perhaps the most stringent security implementations of any market. Military semiconductors are targets for adversaries and must be secured with the highest resistance possible. To address present and future military threat requirements, Rambus has created the RT-670. FIPS 140-2 compliant, the RT-670 is centered on a custom 32-bit RISC-V siloed and layered secure co-processor, along with dedicated secure memories. Within the co-processor are DPA-protected cryptographic cores like AES-AE-16, HMAC 512 and SHA-2, 3DES, RSA 4K, ECC 521, and a NIST-compliant Random Bit Generator. For Type 1 designs, wrappers with placeholders for Suite A crypto cores are provided. Designed for deployment in a variety of military devices, the RT-670 Root of Trust offers the highest security Rambus provides.

How the Root of Trust Works

The CryptoManager Root of Trust is an independent hardware security co-processor for integration into semiconductor devices, offering secure execution of user applications, tamper detection and protection, and secure storage and handling of keys and security assets. The Root of Trust offers chipmakers a siloed approach to security. While located on the same silicon as the main processor, the secure processing core is physically separated. A layered security approach enforces access to crypto modules, memory ranges, I/O pins, and other resources, and assures critical keys are available through hardware only with no access by software.

CryptoManager Root of Trust diagram

Offering true multiple root of trust capabilities, each individual application can be assigned its own unique keys, meaning permissions and access levels are set completely independent of others. OEMs can determine access levels and permissions for each and all processes operating within the secure processor. Applications are siloed from each other, ensuring the best approach to security.

Included with the RT-670 Hardware Root of Trust are a series of standard secure applications (“containers”) to speed development, including secure boot, identity management, HSM reference, and others. A container development kit is also included to allow the development of custom containers for specific use cases.

Part of the comprehensive CryptoManager Security Platform that includes embedded cores, key provisioning infrastructure and infield services, the Root of Trust provides the highest level of end-to-end security at all stages of the chip lifecycle.

Full Disk Encryption of Solid State Drives and Root of Trust Cover

Full Disk Encryption of Solid State Drives and Root of Trust

File encryption, file system encryption and full disk encryption (FDE) are methods offered by the industry to allow users to protect their data stored on non-volatile storage devices, such as Solid State Disks (SSD). The main feature of FDE is to protect stored system and user date from unauthorized reading, writing, alteration, moving or rolling back. However, extended security features are key to securing FDE implementation.

Download White Paper

Related Markets & Applications

FREE Webinar: Understanding Fault Injection Attacks and Their Mitigation