Modern computing architectures must address increasing concerns regarding off-chip data confidentiality. Key drivers for these concerns are data privacy for attacks with physical access to memory, confidential computing using zero trust computing architectures, regulatory frameworks, and secure encrypted resource virtualization e.g., multi-tenancy support among others.
Inline memory encryption (IME) is a key enabler for protecting data that is stored in off-chip memory (typically, DDR memory). This is also referred to as protection of “data-in-use.” The low latency encryption and decryption is handled by an IME engine with the required cryptographic primitives in the data path connected to off-chip memory via the on-chip memory controller.
The Rambus ICE-IP-339 IME Engine can be seamlessly integrated into a customer’s system-on-chip (SOC) to address security and privacy concerns of data-in-use in DDR memory.
The ICE-IP-339 provides an AXI-4 compliant wrapper around the industry-proven Rambus ICE-IP-338 (inline cipher engine). This allows the ICE-IP-339 to act as a transparent data processing pipeline on the read and write AXI data channels. At its heart, it is an encryption/decryption engine deploying AES/SM4-XTS cryptographic primitives. Address information is snooped from the read and write address channels as input for AES-XTS tweak generation. Cryptographic processing is done on the incoming data using the precomputed tweak and the respective key for the required operation based on the data direction.
The ICE-IP-339 supports compliance with the FIPS-197, IEEE-P1619/D16, and NIST-SP800-38E standards, supporting AES-XTS (and optionally SM4-XTS) with 128 and 256-bit keys. The ICE-IP-339 is delivered with fully verified parameterized RTL, directed testbenches and UVM verification environment.
At startup, the ICE-IP-339 engine receives ephemeral key from the SoC, which it autonomously converts into appropriate keys for encryption and decryption.
The ICE-IP-339 engine snoops information from the AXI4 address channels and transparently converts them into tweak computation inputs for the cryptography engine. It does this by arbitrating over the read and write address channels.
When data is input, appropriate cryptographic operation is employed by the cryptography-engine. This is done by arbitrating over the read and write 128-bit data channels. SoC read-data from the DDR controller implies decryption, write-data from the AXI-master implies encryption. The ICE-IP-339 assumes XTS sector sizes of 64 Byte (= cache line width) and 16 Byte data access granularity.
The ICE-IP-339 engine acts as an AXI-to-AXI wedge in between the SoC AXI bus fabric, and the DDR memory controller operating as an AXI slave. It supports standard AMBA interfaces (AXI4 for datapath and AMBA (APB) interface for key management), thereby, enabling seamless integration with standard SoC components. The internals of the IP (such as command and data buffering) can be configured as required by the SoC. Furthermore, the debug support signals facilitate transparency into internal data flow, thereby, simplifying the overall integration and verification of overall system.
1Reference Technology: TSMC 16nm, LVT