Security
Root of Trust Solutions
Providing a hardware-based foundation for security, Rambus offers a catalog of robust Root of Trust solutions, ranging from richly featured military-grade co-processors to highly compact state machines-based designs. With a breadth of solutions applicable from the data center to Internet of Things (IoT) devices, Rambus has a Root of Trust solution for almost every application.
Contact
Product Brief| Solution | Brief | Applications |
|---|---|---|
| RT-120 |  |
IoT and IIoT devices, sensors, gateways |
| RT-121 | |
IoT and IIoT devices, sensors, gateways for China market |
| RT-130 | |
IoT devices, IoT servers, gateways, edge devices |
| RT-131 | |
IoT devices, IoT servers, gateways, edge devices for China market |
| RT-140 | |
IoT, IIoT and cloud-connected devices, sensors, gateways |
| RT-260 | |
Secure MCUs and connected devices that require DPA protection |
| RT-630 | |
Semiconductor, Cloud, AI/ML |
| RT-640 | |
Automotive ISO26262 ASIL-B |
| RT-641 | |
Automotive ISO26262 ASIL-B for China market |
| RT-645 | |
Automotive ISO26262 ASIL-D |
| RT-650 | |
Government/DPA |
| RT-660 | |
Government/DPA & FIA |
| RT-1660 | |
US Defense/DPA & FIA |
| RT-630-FPGA | |
FPGA implementations |
| CSDK | |
Software development toolkit for secure applications |
Superior Security
Provide a robust hardware foundation for security
Protect valuable secret keys, credentials and other sensitive data
Adapt to an evolving threat environment
Design Flexibility
Select a solution tailored to specific application needs
Programmable and fixed function architectures
Varying crypto and DPA protection capabilities
Improve Profitability
Reduce NRE and operating costs
Eliminate costs of compromised devices
Offer new services through programmability
State-Machine Root of Trust Solutions: RT-100 and RT-200 Series
Designed to be integrated in power and space-constrained microcontrollers or SoCs, the RT-100 and RT-200 Root of Trust cores are a family of FIPS 140-2 compliant hardware solutions that guard the most sensitive assets on chips and establish the foundation for platform security.
Featuring a state-machine architecture with dedicated secure memories, this Root of Trust family provides a variety of cryptographic accelerators, including AES, SHA-2 and ECC. Ideal for power and space-sensitive applications like IoT, edge, and industrial use, these Root of Trust cores offer the best balance of size and performance available on the market.
Configuration Options
| Feature | Description | RT-100 | RT-121 | RT-130 | RT-131 | RT-140 | RT-260 |
|---|---|---|---|---|---|---|---|
| Application Focus | Example Applications | IoT | IoT (CN) | IoT/Edge | IoT/Edge (CN) | IoT/Cloud | IoT/Cloud |
| FIPS 140 CAVP | FIPS 140-2 CAVP & FIPS 140-3 CAVP (2020) |  |
|
|
|
|
|
| FIPS 140 CMVP | FIPS 140-2 CMVP & FIPS 140-3 CMVP (2020) | |
|
|
|
|
|
| OTP Management | Interface | |
|
|
|
|
|
| AES HW | ECB, CBC, CTR Modes – Max Key Size: 256 bits | |
|
|
|
|
|
| AES Modes | AES-CCM, AES-CMAC, AES-GCM/GMAC (standard) AES-XTS (optional) | — | |
|
|
|
|
| Regional Crypto | SM2/SM3/SM4 | — | |
— | |
— | — |
| HMAC-SHA2 HW | SHA-2 and HMAC-SHA2 – Max SHA-2 Mode (bits) | 256 | 256 | 512 | 512 | 512 | 512 |
| Public Key Engine | RSA, ECC Acceleration Core | 16×16 | 16×16 | 32×32 | 32×32 | 32×32 | 32×32 |
| ECC HW | Max Curve Size: 521 bits | |
|
|
|
|
|
| RSA HW | Max Exponent Size: 3096 bits | |
|
|
|
|
|
| Random Number Generator HW | NIST SP800 compliant TRNG | |
|
|
|
|
|
| Optional Cryptography | ARIA, 3DES*, SHA-3, HMAC-SHA-3 *3DES is standard on RT-130, 131, 140 |
— | |
|
|
|
— |
| I/O Performance | Throughput (Gbps) | 1 | 1 | 2 | 2 | 2 | 2 |
| Crypto Performance | Crypto/Hash Performance (Gbps) @500MHz | 1 | 1 | 2 | 2 | 2 | 2 |
| DMA | Standard (STD) or Multi-channel (MC) | |
|
|
|
|
|
| I/O Bus | AMBA Bus Master/Slave: AXI/AHB | |
|
|
|
|
|
| OTP Interface | Interface to 3rd-Party OTP: TCM | |
|
|
|
|
|
| Multiple Roots of Trust | Roots/Key Splits | 1 | 1 | 1 | 1 | 1 | 1 |
Going Beyond the Requirements of a Root of Trust for Measurement with the Silicon-Proven RT-660 Root of Trust
The continuously evolving technology landscape and security requirements for systems present many challenges for device and silicon manufacturers. Nowhere is this truer than in data centers. Rambus has long recognized the need for security designs in data centers, and the Caliptra initiative discussed in this white paper is a welcome step towards a widespread adoption of Root of Trust designs in SoCs. Read this white paper to learn key features of the Rambus RT-660 Root of Trust and how it can be used for Caliptra use case scenariosSecure Co-Processor Root of Trust Solutions: RT-600 Series
The RT-600 series Root of Trust solutions are integrated as independent hardware security blocks in semiconductor devices to provide a hardware-based foundation for security. Once integrated into a semiconductor device, an RT-600 series core provides a secure environment for performing a wide range of security functions in a simple and cost-effective manner, providing enhanced security functionality while providing faster time-to-market and significant differentiation.
Configuration Options
| Feature | Description | RT-630 | RT-640 | RT-645 | RT-660 |
|---|---|---|---|---|---|
| Application Focus | Example Applications | AI/ML/Cloud | Automotive | Automotive | FIPS/Gov |
| Programmable | Secure Applications on embedded RISC-V CPU | | | | |
| FIPS 140 CAVP | FIPS 140-2 CAVP & FIPS 140-3 CAVP (2020) | | | | |
| FIPS 140 CMVP | FIPS 140-2 CMVP & FIPS 140-3 CMVP (2020) | | | | |
| DPA Resistance | RSA & ECC PKI operations | | | | |
| DPA Resistance | AES – 3DES – HMAC crypto and hash operations | — | — | — | |
| Automotive Standard | ISO 26262 ASIL | — | ASIL-B | ASIL-D | – |
| OTP Management | OTP management core | | | | |
| Key Derivation | Secure Key Derive | | | | |
| Anti-Tamper (Clock & Power) | Canary Core Monitor – Glitch Detection Logic | | | | |
| Secure Boot Management | ECDSA P256 with HMAC-SHA-2-256 | | | | |
| Secure Debug | ECDSA P256 with HMAC-SHA-2-256 | | | | |
| Secure Lifecycle Management | Secure lifecycle stages support | | | | |
| Secure Feature Management | Just-in-time-SKU Management | | | | |
| Memory ECC | Support for ECC or SECDED SRAM | | | | |
| Crypto Accelerator cores | AES-HMAC-RSA-ECC-TRNG HW cores | | | | |
| I/0 Performance | Throughput (Gbps) | >8 | >8 | >8 | >8 |
| Crypto & Hash Performance | Crypto/Hash Performance (Gbps) @500MHz | 3 | 3 | 3 | 1.5 |
| Public Key Engine | RSA, ECC Acceleration Core multiplier width | 32×32/64×64 | 64×64 | 64×64 | 64×64 |
| DMA | Standard (STD) or Multi-channel (MC) | MC | MC | MC | MC |
| I/O Bus | AMBA Bus Master/Slave | AXI/AHB | AXI/AHB | AXI/AHB | AXI/AHB |
| OTP Interface | Interface to 3rd Party OTP | APB | APB | APB | APB |
| Multiple Roots of Trust | Roots/Key Splits | 4/8 | 4/8 | 4/8 | 4/8 |
The RT-600 Series Root of Trust cores offer various cryptographic accelerator options:
| Feature | Description | RT-630 | RT-640 | RT-645 | RT-660 |
|---|---|---|---|---|---|
| Application Focus | Example Applications | AI/ML/Cloud | Automotive | Automotive | FIPS/Gov |
| Random Number Generator | NIST SP800 compliant True Random Number Generator | |
|
|
|
| Public Key Engine | RSA, ECC Acceleration Core | 32×32/64×64 | 32×32 | 32×32 | 64×64 |
| Public Key RSA HW | Max Exponent Size (bits) | 4096 | 4096 | 4096 | 4096 |
| Public Key RSA | RSAAES-OAEP & RSASSA-PSS PKCS#1 support | 2.2 | 2.2 | 2.2 | 2.2 |
| Public Key ECC | Max Curve Size (bits) | 521 | 521 | 521 | 521 |
| Public Key ECC | ECDSA & ECDH | |
|
|
|
| Public Key ECC | EdDSA Ed25519 & EdDH X25519 | |
|
|
|
| Public Key ECC | Brainpool curves | Optional | Optional | Optional | Optional |
| Public Key DPA resistant | SPA and DPA resistant asymmetric RSA/ECC core | |
|
|
|
| AES HW | ECB, CBC, CFB, CTR Modes – max 256-bit key size | |
|
|
|
| AES-CMAC | AES-CMAC mode | – | |
|
– |
| AES-GCM | AES-GCM/GMAC modes | |
|
|
|
| AES DPA Resistant | SPA and DPA resistant symmetric AES core | Optional | – | – | |
| 3DES HW | 3DES Core | – | – | – | Optional |
| 3DES DPA Resistant | SPA and DPA resistant symmetric 3DES core | – | – | – | Optional |
| HMAC-SHA2 HW | SHA-2 and HMAC-SHA2- Max 512-bit-mode | |
|
|
|
| HMAC-SHA3 HW | SHA-3 and HMAC-SHA3- Max 512-bit-mode | Optional | Optional | Optional | Optional |
| HMAC-SHA2 DPA Resistant | SPA and DPA resistant HMAC-SHA-2 | – | – | – | Optional |
| Chinese algorithms | Chinese SM2-3-4 algorithms OSCCA compliant | Optional | Optional | Optional | – |
| Whirlpool HW | Whirlpool Hash Core (SHE Algorithm) | – | Optional | Optional | – |
| Poly1305/ChaCha 20 | Poly/ChaCha Hash and Cipher Core | Optional | – | – | – |
Dedicated FPGA configurations
The RT-630 and RT-660 are available in specific FPGA configurations, targeting to be synthesized in programmable logic. These are designed to map optimally (for max utilization and max frequency) into FPGA fabric, and connect either to on-board or external CPUs. In addition, the design is expanded with an additional OTP emulation model to overcome the lack of (or limitation of) true nonvolatile one time programmable memory in certain FPGA families. This module allows storing secure assets in external flash in a secure way.
The main use cases for the RT-600 Series Root of Trust include:
- Secure Boot
- Secure Firmware Update
- Authentication
- Attestation
- Secure Data Storage
- Secure Key Storage
- Device Personalization
- Key and Data Provisioning
- User Data Privacy
- Secure Communication & Secure Protocol Implementation
- Runtime Integrity Checking
- Cryptographic Acceleration
- Secure Debug
- Feature/Configuration/SKU management
Rambus Root of Trust solutions are part of a broad portfolio of security IP solutions which provides end-to-end security of chips and devices over their entire lifecycle.
The Road to Post Quantum Cryptography
Quantum computing offers the promise of tremendous leaps in processing power over current digital computers. But for the public-key cryptography algorithms used today for e-commerce, mobile payments, media streaming, digital signatures and more, quantum computing represents an existential event. Quantum computers may be able to break the widely used RSA and ECC (Elliptic-Curve Cryptography) algorithms in as little as days. Learn about our solutions and recommendations to ready customers for a post-quantum world.
