Root of Trust IP

Protecting data at rest

Secure Programmable and Firmware-Controlled Root of Trust IP

Providing a hardware-based foundation for security, Rambus offers a family of robust Root of Trust solutions, ranging from feature-rich military-grade security co-processors to highly compact, firmware-controlled designs. With a breadth of solutions applicable from the data center to Internet of Things (IoT) devices, Rambus has a Root of Trust IP solution for almost every application.

Secure Programmable Root of Trust IP

Solution Product Brief Applications
RT-630 Download the Root of Trust RT-630 Product Brief Cloud and AI/ML applications
RT-631 Download the Root of Trust RT-630 Product Brief Cloud and AI/ML applications for the Chinese market
RT-640 Download the Root of Trust RT-640 Product Brief Automotive ISO-26262 ASIL-B embedded Hardware Security Module
RT-641 Download the Root of Trust RT-641 Product Brief Automotive ISO-26262 ASIL-B embedded Hardware Security Module for the Chinese market
RT-645 Download the Root of Trust RT-645 Product Brief Automotive ISO-26262 ASIL-D embedded Hardware Security Module
RT-650 Download the Root of Trust RT-650 Product Brief Highly-secure government applications requiring DPA resistance
RT-660 Download the Root of Trust RT-660 Product Brief Highly-secure data center applications requiring DPA & FIA resistance
RT-1660 Download the Root of Trust RT-1660 Product Brief Highly-secure defense applications requiring DPA & FIA resistance
RT-630-FPGA Download the Root of Trust for FPGAs Product Brief FPGA-specific implementation of the RT-630
RT-660-FPGA Download the Root of Trust for FPGAs Product Brief FPGA-specific implementation of the RT-660
RT-600 SDK Download the Root of Trust CSDK Product Brief SDK for RT-6xx secure application development

CryptoCell™ and CryptoIsland™ Root of Trust IP

SolutionProduct BriefApplications
CC-312Download the Root of Trust CC-312 Product BriefArm Cortex®-M TrustZone®-based IoT edge devices and sensors
CC-712Download the Root of Trust CC-712 Product BriefArm Cortex-A TrustZone-based IoT servers and gateways
CC-713Download the Root of Trust CC-713 Product BriefArm Cortex-A TrustZone-based IoT servers and gateways for the Chinese market
CI-300P-CContact Rambus for product informationSecure Element devices such as iSIM, 5G modems, mobile app processors

Firmware-Controlled Root of Trust IP

SolutionBriefApplications
RT-120Download the Root of Trust RT-100 Product BriefIoT clients and sensors
RT-121Download the Root of Trust RT-121 Product BriefIoT clients and sensors for the Chinese market
RT-130Download the Root of Trust RT-130 Product BriefIoT servers, gateways, edge devices and sensors
RT-131Download the Root of Trust RT-131 Product BriefIoT servers, gateways, edge devices and sensors for the Chinese market
RT-260Download the Root of Trust RT-260 Product BriefSecure MCU-based devices and sensors

Secure Programmable Root of Trust IP

The Rambus Root of Trust RT-600 family of fully programmable FIPS 140-2 certified and FIPS 140-3 compliant hardware security cores offers security by design for data center, AI/ML, automotive, government, defense, as well as general purpose semiconductor applications. The RT-600 family protects against a wide range of hardware and software attacks through state-of-the-art anti-tamper and security techniques. 

Feature Description RT-630 RT-631 RT-640 RT-641 RT-645 RT-650 RT-660 RT-1660
Application Focus Example Applications AI/ML/Cloud AI/ML/Cloud Automotive Automotive Automotive Government Data Center Defense
FIPS 140 CAVP FIPS 140-2 & FIPS 140-3 CAVP Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon
FIPS 140 CMVP FIPS 140-2 & FIPS 140-3 CMVP Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon
DPA DPA Resistance RSA/ECC RSA/ECC RSA/ECC RSA/ECC RSA/ECC Check Icon Check Icon Check Icon
FIA FIA Resistance Check Icon Check Icon
Automotive ISO26262 ASIL Level ASIL-B ASIL-B ASIL-D
Key Derive Secure Key Derivation Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon
Key Agreement ECDH, DH Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon
Key Transport Key Wrap Mechanisms Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon
Roots Multiple Roots/Key Splits 4/8 4/8 4/8 4/8 4/8 8/8 8/8 8/8
Secure Boot Secure Boot Assist P-512 Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon
Secure Debug Secure Debug P-512 Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon
Secure Lifecycle Lifecycle Stage Management Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon
Secure Feature Feature and SKU Management Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon
Anti Tamper Power and Clock Glitch Monitor Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon
Memory ECC Memory Error Correction Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon
Crypto Accelerators TRNG-RSA-ECC-AES-SHA2-SHA3 Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon
Crypto Accelerators SM2-3-4 Optional Optional
Performance Crypto & Hash Performance Gbps 6 6 6 6 6 3 6 6
I/O bus AXI or AHB AMBA Interface Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon
OTP APB OTP Management Interface Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon
PUF PUF Interface Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon
DPA RSA & ECC DPA Resistances Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon
DPA AES DPA Resistance Check Icon Check Icon Check Icon
DPA HMAC-SHA-2 DPA Resistance Check Icon Check Icon
FIA RSA & ECC & AES FIA Resistance Check Icon Check Icon
TRNG True Random Number Generator SP800-90 Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon
RSA HW Accelerators 4K (up to 8K) Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon
ECC HW Accelerators 521 Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon
ECC Curves NIST – Brainpool – 25519 – 448 Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon
AES HW Accelerators Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon
AES CBC-CTR-CCM-CMAC-CFB-OFB Mode Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon
AES GCM-GMAC Mode Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon
AES XTS Mode Check Icon Check Icon Check Icon Check Icon Check Icon
SM2-3-4 HW Accelerators Check Icon Check Icon
SHA-2 (HMAC-)SHA-2 Accelerators Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon Check Icon
SHA-2 (HMAC-)SHA-2 Max Mode 512 512 512 512 512 512 512 512
SHA-3 (HMAC-)SHA-3 Accelerators Check Icon Check Icon Check Icon Check Icon Check Icon
SHA-3 (HMAC-)SHA-3 Max Mode 512 512 512 512 512 512 512 512
CPP ChaCha Poly Accelerators Optional Optional Optional Optional
Whirlpool HW Accelerators Optional Optional Optional Optional
3DES HW Accelerators Optional

CryptoCell and CryptoIsland Root of Trust IP

Designed to be integrated in Arm TrustZone-based power and space-constrained SoCs or FPGAs, the CC-312, CC-712, and CC-713 Root of Trust solutions (formerly Arm CryptoCell) are FIPS 140-3 certifiable hardware security modules that establish the foundation for the Arm Platform Security Architecture (PSA). The CC-312 targets integration on Cortex-M platforms running embedTLS, and the CC-71x targets integration on Cortex-A platforms running Linux or OP-TEE. 

The CryptoIsland CI-300P-C (formerly Arm CryptoIsland) is a secure programmable Root of Trust targeting Secure Element designs for iSIM, payment, DRM, and 5G modems. It is comprised of an embedded Cortex-M0+ processor and a tailored CryptoCell engine. The CryptoIsland is suitable for designs that target evaluation against Common Criteria PP-0084 or PP-0117. 

Feature Description CC-312 CC-712 CC-713 CI-300P-C
Application Focus Example Applications IoT Sensor IoT Gateway IoT Gateway (CN) Secure MCU
FIPS 140 CAVP FIPS 140-2 & FIPS 140-3 CAVP Check Icon Check Icon Check Icon Check Icon
FIPS 140 CMVP FIPS 140-2 & FIPS 140-3 CMVP Check Icon Check Icon Check Icon Check Icon
Common Criteria CC EAL4+ PP-0084 / PP0117 Check Icon
DPA RSA & ECC & AES DPA Resistance Check Icon
Key Derive Secure Key Derivation Check Icon Check Icon Check Icon Check Icon
Key Agreement ECDH, DH Check Icon Check Icon Check Icon Check Icon
Roots Multiple Roots/Key Splits 2 2 2 1
Secure Boot Secure Boot Verify RSA3K P256 Check Icon Check Icon Check Icon Check Icon
Secure Boot Secure Boot Verify ECDSA P-384/P-512 Check Icon Check Icon
Secure Debug Secure Debug Check Icon Check Icon Check Icon Check Icon
TRNG True Random Number Generator SP800-90 Check Icon Check Icon Check Icon Check Icon
RSA-ECC HW Accelerators Check Icon Check Icon Check Icon Check Icon
AES HW Accelerators Check Icon Check Icon Check Icon Check Icon
AES CBC-CTR-CCM-CMAC Mode Check Icon Check Icon Check Icon Check Icon
AES GCM-GMAC Mode Optional Check Icon Check Icon
AES XTS Mode Check Icon Check Icon
SM2-3-4 HW Accelerators Check Icon
SHA-2 (HMAC-)SHA-2 Accelerators Check Icon Check Icon Check Icon Check Icon
SHA-2 (HMAC-)SHA-2 Max Mode 512 512 512 512
SHA-3 (HMAC-)SHA-3 Accelerators
SHA-3 (HMAC-)SHA-3 Max Mode
CPP ChaCha Poly Accelerators Optional
ARIA HW Accelerators
3DES HW Accelerators Optional Optional
Performance Crypto & Hash Performance Gbps 1 2 2 1
I/O Bus AXI or AHB AMBA Interface Check Icon Check Icon Check Icon Check Icon
OTP TCM OTP Management Interface Check Icon Check Icon Check Icon Check Icon

Firmware-Controlled Root of Trust IP

Designed to be integrated in power and space-constrained SoCs or FPGAs, the RT-100 and RT-200 Root of Trust families (formerly VaultIP) are FIPS 140-2 certified and FIPS 140-3 compliant hardware security modules that guard the most sensitive assets on chips and establish the foundation for platform security.

Featuring a firmware-controlled architecture with dedicated secure memories, the RT-100/200 families provide a variety of cryptographic accelerators including AES, SHA-2, RSA and ECC. Ideal for power and space-sensitive applications like Secure MCUs, IoT servers, gateways and edge devices, the RT-100/200 families offer the best balance of size and performance available on the market.

Feature Description RT-120 RT-130 RT-131 RT-260
Application Focus Example Applications IoT Sensor IoT Gateway IoT Gateway (CN) Secure MCU
FIPS 140 CAVP FIPS 140-2 & FIPS 140-3 CAVP Check Icon Check Icon Check Icon Check Icon
FIPS 140 CMVP FIPS 140-2 & FIPS 140-3 CMVP Check Icon Check Icon Check Icon Check Icon
DPA RSA & ECC & AES DPA Resistance Check Icon
Key Derive Secure Key Derivation Check Icon Check Icon Check Icon Check Icon
Key Agreement ECDH, DH Check Icon Check Icon Check Icon Check Icon
Key Transport Key Wrap Mechanisms Check Icon Check Icon Check Icon Check Icon
Roots Multiple Roots/Key Splits 1 1 1 1
Secure Boot Secure Boot Assist P-256 Check Icon Check Icon Check Icon Check Icon
Secure Debug Secure Debug P-256 Check Icon Check Icon Check Icon Check Icon
TRNG True Random Number Generator SP800-90 Check Icon Check Icon Check Icon Check Icon
RSA-ECC HW Accelerators Check Icon Check Icon Check Icon Check Icon
AES HW Accelerators Check Icon Check Icon Check Icon Check Icon
AES CBC-CTR-CCM-CMAC Mode Check Icon Check Icon Check Icon Check Icon
AES GCM-GMAC-XTS Mode Check Icon Check Icon Check Icon
SM2-3-4 HW Accelerators Check Icon Check Icon
SHA-2 (HMAC-)SHA-2 Accelerators Check Icon Check Icon Check Icon Check Icon
SHA-2 (HMAC-)SHA-2 Max Mode 256 512 512 512
SHA-3 (HMAC-)SHA-3 Accelerators Optional Optional Optional
SHA-3 (HMAC-)SHA-3 Max Mode 512 512 512
CPP ChaCha Poly Accelerators Optional Optional
ARIA HW Accelerators Optional Optional
3DES HW Accelerators Optional Optional
Performance Crypto & Hash Performance Gbps 1 2 2 2
I/O Bus AXI or AHB AMBA Interface Check Icon Check Icon Check Icon Check Icon
OTP TCM OTP Management Interface Check Icon Check Icon Check Icon Check Icon

Going Beyond the Requirements of a Root of Trust for Measurement with the Silicon-Proven RT-660 Root of Trust

Download Going Beyond the Requirements of a Root of Trust for Measurement with the Silicon-Proven RT-660 Root of Trust

The continuously evolving technology landscape and security requirements for systems present many challenges for device and silicon manufacturers. Nowhere is this truer than in data centers. Rambus has long recognized the need for security designs in data centers, and the Caliptra initiative discussed in this white paper is a welcome step towards a widespread adoption of Root of Trust designs in SoCs. Read this white paper to learn key features of the Rambus RT-660 Root of Trust and how it can be used for Caliptra use case scenarios

Rambus logo