RT-631 Root of Trust

The Rambus RT-631 Root of Trust is a fully-programmable FIPS 140-2 compliant hardware security core offering security by design for cloud, AI/ML as well as general purpose semiconductor applications. The RT-631 complements the RT-630 with Chinese cipher algorithms SM2, SM3 and SM4, offering security by design for applications that require Chinese crypto-based security support. The RT-631 protects against a wide range of hardware and software attacks through state-of-the-art anti-tamper and security techniques. As cloud and AI/ML applications evolve, device and system architects face a growing array of security threats. Across applications, one constant is the need for a hardware root of trust-based security implementation.

The Rambus RT-631 is the ideal security co- processor for these markets. It features a custom 32-bit RISC-V siloed and layered secure core, along with dedicated secure memories. The RT-631 also features high-capability cryptographic accelerators like AES and SM4 (all modes), HMAC, SHA-2 and SM3 (all modes), RSA up to 8192 bits, ECC and SM2DSA up to 521 bits, and a NIST-compliant Random Bit Generator. For use cases such as identity management, attestation, and secure boot, the RT-631 is ideally suited for cloud and AI/ ML where security is a priority. 

How the Root of Trust RT-631 Works

The Root of Trust RT-631 is a siloed hardware security block for integration into semiconductors, offering secure execution of authenticated user applications, tamper detection and protection, secure storage and handling of keys and security assets, and resistance to side-channel attacks. The Root of Trust is easily integrated with industry-standard interfaces and system architectures and includes standard hardware cryptographic cores. Access to crypto modules, keys, memory ranges, I/O, and other resources is enforced in hardware. Critical operations, including key derivation and storage, are performed in hardware with no access by software.
Root of Trust diagram

The Root of Trust is based on a custom 32-bit CPU designed specifically to provide a trusted foundation for secure processing in the core and system. It supports all common main processor architectures including ARM, RISC-V, x86 and others. The secure CPU runs signed code modules called containers, which include permissions and security-related metadata. These containers can implement standard security functionality provided by Rambus, or complete customer-specific security applications, including key and data provisioning, security protocols, biometric applications, secure boot, secure firmware update, and many more.

The Road to Post Quantum Cryptography cover

The Road to Post Quantum Cryptography

Quantum computing offers the promise of tremendous leaps in processing power over current digital computers. But for the public-key cryptography algorithms used today for e-commerce, mobile payments, media streaming, digital signatures and more, quantum computing represents an existential event. Quantum computers may be able to break the widely used RSA and ECC (Elliptic-Curve Cryptography) algorithms in as little as days. Learn about our solutions and recommendations to ready customers for a post-quantum world.

Solution Offerings

Full Disk Encryption of Solid State Drives and Root of Trust Cover

Full Disk Encryption of Solid State Drives and Root of Trust

File encryption, file system encryption and full disk encryption (FDE) are methods offered by the industry to allow users to protect their data stored on non-volatile storage devices, such as Solid State Disks (SSD). The main feature of FDE is to protect stored system and user date from unauthorized reading, writing, alteration, moving or rolling back. However, extended security features are key to securing FDE implementation.

Rambus logo