Rambus launches programmable RISC-V-based hardware security core
Built around a custom RISC-V CPU, the CryptoManager Root of Trust is an independent hardware security block for integration into semiconductor devices that creates a siloed architecture that isolates and secures the execution of sensitive code, processes, and algorithms from the primary processor. It offers secure execution of user applications, tamper detection and protection, secure storage and handling of keys and security assets, and resistance to side-channel attacks.
“The fundamental pillars of architectural design freedom – secure processing siloed away from general processing, and layered security with a root of trust designed for multiple security layers – are unique to the CryptoManager Root of Trust design and enable easy implementation with the highest levels of protection,” says Bret Sewell, SVP and general manager of the Rambus Security Division. “The CryptoManager Root of Trust also embeds features that enable semiconductor manufacturers and device OEMs to insert hardware keys, and enables IoT service providers to manage IoT endpoints throughout their lifecycle in the field.”
The CryptoManager Root of Trust is designed for applications ranging from networking to automotive to IoT, and is claimed to mitigate the risk of critical vulnerabilities like the recent Meltdown and Spectre security flaws. In addition, it allows designers to optimize the primary processor for high performance, low power, or other characteristics while optimizing security in the siloed core.
“The Meltdown and Spectre flaws revealed a new class of vulnerabilities as common processors employ acceleration techniques like speculative execution to improve processing performance, says Rick O’Connor, executive director of the RISC-V Foundation. “With solutions like the Rambus CryptoManager Root of Trust, the extensible RISC-V ISA enables developers to build connected products with a fundamentally more robust approach to security.”
The Root of Trust is easily integrated with industry-standard interfaces and system architectures and includes hardware cryptographic accelerators for standard algorithms such as AES, SHA, RSA, ECDSA, and ECDH. The layered security approach ensures that access and critical operations – including crypto modules, keys, memory ranges, I/O pins, and other resources – are available through hardware only, with no access by software.
If you enjoyed this article, you will like the following ones: don't miss them by subscribing to :
