Rambus announced a security block based on the RISC-V core aimed, in part, to plug the Meltdown/Spectre flaws revealed earlier this year. The CryptoManager Root of Trust targets use in a wide spectrum of ASICs, microcontrollers, and SoCs in embedded systems.
Rambus says that the secure processing core creates a siloed architecture that isolates and secures the execution of sensitive code, processes and algorithms from the primary processor. This mitigates the risk of critical vulnerabilities like the recent Meltdown and Spectre security flaws and allows designers to optimize the primary processor for high performance, low power, or other characteristics while optimizing security in the siloed core. The CryptoManager Root of Trust is an embedded security core designed for applications from networking to automotive to IoT.
Rambus' security first method develops secure compute processors. The CryptoManager Root of Trust secure processor is siloed from the main processor, supporting isolated cryptographic security processes.
By establishing the trust chain early in the silicon manufacturing process, a security core can enable trusted provisioning and auditing of security-related activity throughout all phases of the chip lifecycle. The CryptoManager Root of Trust offers the primary processor an array of security services, such as secure boot and runtime integrity checking, remote authentication and attestation, and hardware acceleration for symmetric and asymmetric cryptographic algorithms.
However, some security experts claim that the root-of-trust function ideally should be implemented in a standalone chip, a practice that high-security systems use. The trend of integrating the function into larger chips helped save costs, but it was a step backward in security.
The first mainstream implementations of hardware root-of-trust security defined by the Trusted Computing Group nearly 15 years ago were standalone chips called secure modules. However, over time, major processor and IP vendors such as Intel and ARM subsumed those functions in their chips.
Processor and IP vendors argued that their implementations kept secure and open paths separate inside a chip. However, the Spectre/Meltdown attacks showed that the complexity of today's devices leave room for vulnerabilities that are sometimes not found for years.
Additional features of the CryptoManager Root of Trust include:
- Design Freedom: The open RISC-V instruction set architecture (ISA) allowed Rambus to design a custom processor without microarchitecture constraints, enabling a security first design. The CryptoManager Root of Trust is purpose-built to be safe and independent from general processing, offering a smaller and simpler approach without sacrificing security.
- Siloed: The CryptoManager Root of Trust is a fully user-programmable processor designed for security use and physically separated from the primary processor with dedicated secure memory. Siloing allows the hardware Root of Trust to function in a known secure state, without allowing unintended access to secure functions through software backdoors.
- Layered Security: The root of trust is designed with multiple security layers. A small, ultra-secure nucleus builds outwards to less secure sections. The less secure sections can only access higher levels of security with hardware-based permissions. The Rambus CryptoManager Root of Trust supports multiple roots of trust and gives the ability for various parties to use the core without exposing keys.