Rambus launches CryptoManager RISC-V Root of Trust programmable core

1 min read

Rambus is making available the CryptoManager Root of Trust, a fully programmable hardware security core built with a custom RISC-V CPU.

The secure processing core has been designed to create a siloed architecture that isolates and secures the execution of sensitive code, processes and algorithms from the primary processor, mitigating the risk of critical vulnerabilities like the recent Meltdown and Spectre security flaws and allows designers to optimise the primary processor for high performance, low power, or other characteristics while optimizing security in the siloed core.

The CryptoManager Root of Trust is an embedded security core designed for applications from networking to automotive to IoT.

“The fundamental pillars of architectural design freedom, secure processing siloed away from general processing, and layered security with a root of trust designed for multiple security layers, are unique to the CryptoManager Root of Trust design and enable easy implementation with the highest levels of protection,” said Bret Sewell, SVP and general manager of the Rambus Security Division. “The CryptoManager Root of Trust also embeds features that enable semiconductor manufacturers and device OEMs to insert hardware keys, and enables IoT service providers to manage IoT endpoints throughout their lifecycle in the field.”

RISC-V Foundation’s executive director, Rick O’Connor, commented, “The Meltdown and Spectre flaws revealed a new class of vulnerabilities as common processors employ acceleration techniques like speculative execution to improve processing performance.”

By establishing the trust chain early in the silicon manufacturing process, a security core can enable trusted provisioning and robust auditing of security-related activity throughout all phases of the chip lifecycle.

The CryptoManager Root of Trust offers the primary processor a full array of security services, such as secure boot and runtime integrity checking, remote authentication and attestation, and hardware acceleration for symmetric and asymmetric cryptographic algorithms.