Mitigating security vulnerabilities like Meltdown and Spectre
Rambus has announced the availability of the CryptoManager Root of Trust, a fully programmable hardware security core built with a custom RISC-V CPU. The secure processing core creates a siloed architecture that isolates and secures the execution of sensitive code, processes and algorithms from the primary processor.
This mitigates the risk of critical vulnerabilities like the recent Meltdown and Spectre security flaws and allows designers to optimise the primary processor for high performance, low power, or other characteristics while optimising security in the siloed core. The CryptoManager Root of Trust is an embedded security core designed for applications from networking to automotive to IoT.
Bret Sewell, SVP and general manager of the Rambus Security Division, spoke to the key attributes of the division’s new secure coprocessor: “The fundamental pillars of architectural design freedom, secure processing siloed away from general processing, and layered security with a root of trust designed for multiple security layers, are unique to the CryptoManager Root of Trust design and enable easy implementation with the highest levels of protection. The CryptoManager Root of Trust also embeds features that enable semiconductor manufacturers and device OEMs to insert hardware keys, and enables IoT service providers to manage IoT endpoints throughout their lifecycle in the field.”
IDC research director for IoT Security, Abhi Dugar, noted: “The semiconductor industry faced some of its biggest security issues this year with recent vulnerabilities, and the potential to encounter additional security flaws will not go away any time soon as more IoT devices enter the market. To address existing and new threats, establishing trust at the hardware level will be critical, and a secure siloed core can help ensure that this new generation of devices can be protected from security flaws.”
Putting security first with an embedded secure core
Rambus’ security first method develops the most advanced secure compute processors. The CryptoManager Root of Trust secure processor is siloed from the main processor, supporting isolated cryptographic security processes.
The RISC-V Foundation’s executive director, Rick O’Connor, commented: “The Meltdown and Spectre flaws revealed a new class of vulnerabilities as common processors employ acceleration techniques like speculative execution to improve processing performance. With solutions like the Rambus CryptoManager Root of Trust, the extensible RISC-V ISA enables developers to build connected products with a fundamentally more robust approach to security.”
Programmable hardware-based root of trust core enables end-to-end security: chip-to-cloud-crowd
By establishing the trust chain early in the silicon manufacturing process, a security core can enable trusted provisioning and robust auditing of security-related activity throughout all phases of the chip lifecycle. The CryptoManager Root of Trust offers the primary processor a full array of security services, such as secure boot and runtime integrity checking, remote authentication and attestation, and hardware acceleration for symmetric and asymmetric cryptographic algorithms. The CryptoManager Root of Trust creates a secure foundation for Rambus’ comprehensive CryptoManager suite of solutions, which also includes the CryptoManager Provisioning Infrastructure and CryptoManager IoT Security Service.