Root-of-Trust Engine protects valuable assets, such as secret keys for embedded security sensitive applications in a Trusted Execution Environment (TEE). Using a dedicated hardware module increases security level and performance compared to a cryptographic software library. OTP, ROM and other memories inside Root-of-Trust Engine allow secure storage of key material and other security sensitive data (assets). With functions as key derivation, non-volatile counter management, secure storage, management of assets and a variety of cipher and hash operations, Root-of-Trust Engine is acting as a vault within the embedded system. The assets are used by reference of the authorized user, this increases security and prevents unauthorized use and abuse.
Root-of-Trust Engine embeds hardware implementations of cryptographic algorithms supporting a variety of operations and modes as required by applications in a TEE.
- Crypto offloading
- Secure Asset Store
- Root-of-Trust supports all security features required for FIPS 140-2 level 2 certification.
- Hardware Reference and Programmer Manual
- Integration Manual
- Verification Specification
- Firmware Reference Manual
- Synthesizable Verilog RTL source code
- Self-checking RTL test bench, including test vectors and expected result vectors
- Simulation scripts
- Many different configurations available:
- FIPS support
- Downloadable RAM
- Dual Channel DMA
- Optional support for ChaCha20 and Poly1305 Engines
- Optional support for AES-GCM
- Gate count ranging from: 138 to 236k gates
- up to 600 Mhz
- For more information about this product or the all the different configurations, please contact Inside Secure: https://www.insidesecure.com/Contact
Block Diagram of the Root-of-Trust Engine, RoT Engine IP Core