Security icon


CryptoManager IoT Device Management

The CryptoManager IoT Device Management is a turnkey security service that provides IoT OEMs and service providers an easy to use security solution from device-to-cloud.


Product Brief

CryptoManager Security Engine block diagram

With an ever-increasing number of IoT devices coming online every day, there is a critical need to have an easy to implement security between the physical devices and the cloud. The Rambus CryptoManager IoT Device Management is a turnkey device-to-cloud security solution for IoT devices and services that covers all aspects of IoT device secure connectivity. Our solution is pre-integrated with leading cloud Platform as a Service (PaaS) providers and chipset manufacturers, creating a one-stop shop solution for OEMs and Service Providers.

Protecting Service High-Availability

The IoT Device Management significantly reduces the risk of application layer Distributed Denial of Service (DDoS) attacks and related service outages, utilizing the robust and easy to integrate turnkey security solution.

Offered as a Software as a Service (SaaS), the IoT Device Management offers a transparent way to include high quality, robust security so that service providers and OEMs can build innovative IoT solutions.

How it works

The CryptoManager IoT Device Management is comprised of software modules that are pre-integrated with the chipset provider’s SDK and the PaaS providers cloud platform to provide an easy to deploy and robust security solution. Once a supported device is first powered up and connected to the internet, it is automatically identified and authenticated by our solution. The device is then securely provisioned over the air (OTA) by IoT Device Management, creating a secure communication channel. Data encryption and decryption, mutual authentication and key(s) management is handled automatically and seamlessly.

  • Turnkey Security: Security layer is transparent to the service provider and does not require changes to their service1. IoT Device Management is built, tested and provided as one integrated solution from chipset to service.
  • Rapid Time to Market: IoT Device Management is pre-integrated with the chipset hardware and SDK, and with the service provider’s selected cloud PaaS. It does not require the OEM to develop additional security software and it does not require the service provider to spend resources and time on cloud integration. It provides quick, easy and secure new device onboarding to quickly scale services.
  • In selected chipsets products, IoT Device Management utilizes Rambus CryptoManager™ hardware and pre-provisioned unique key, included in the IoT chipset. CryptoManager hardware have already shipped on over a billion chipsets.
CryptoManager Security Engine block diagram

IoT Device Management Components

The IoT Device Management client comes pre-integrated in three device architectures, allowing for it to be easily deployed on any type of device. Rambus provides all the required components to enable seamless integration for the OEM and service provider.

Device architecture 1 – CryptoManager Hardware
IoT device includes a silicon chip that integrates CryptoManager hardware Security Engine, and provisioned with Rambus unique device key.

Device architecture 2 – 3rd Party security hardware
IoT device utilizes a third pary hardware security engine, where Rambus can either use pre-provisioned key delivered to Rambus or offer factory key provisioning solution utilizing CryptoManager Infrastructure.

Device Architecture 3 – No security hardware
For cases where hardware security engine is not available, IoT device can utilize Rambus software base security engine, included in the IoT Device Management Software packages (SDKs). Keys can be provisioned by CryptoManager Infrastructure platform, Rambus factory key provisioning solution.

1When working with supported PaaS platform

CryptoManager IoT Device Management

Rambus CryptoManager IoT Device Management provides device-to-cloud secure connection to protect high availability of service and reduce risk of application layer DDoS attacks. Our out-of-the-box IoT security solution also features disaster recovery and key management, device verification, and key decommissioning and re-assignment. Rambus CryptoManager IoT Device Management client can be pre-integrated in three primary device architectures for IoT devices: a CryptoManager Security Engine with pre-provisioned keys, a third-party secure hardware and a ‘no security’ hardware scenario. For the first option, IoT Device Management utilizes Rambus CryptoManager hardware and pre-provisioned keys, which are already integrated in billions of chipsets.

Download eBook

Solution Offering


DPA Countermeasures

DPA Countermeasures are fundamental techniques for protecting against Differential Power Analysis (DPA) and related side-channel attacks. Consisting of a broad range of software, hardware, and protocol techniques, DPA Countermeasures include reducing leakage, introducing amplitude and temporal noise, balancing hardware and software, incorporating randomness, and implementing protocol level countermeasures.

Related Markets & Applications

Mobile Edge
Data Center