You are here : design-reuse-china.com  > Security Solutions  > Cryptography
Download Datasheet        Request More Info
All Silicon IP


The CryptoManager Root of Trust is a fully-programmable hardware security core that protects against a wide range of attacks with state-of-the-art anti-tamper and security techniques to offer vendors security by design.

How the Root of Trust Works

The CryptoManager Root of Trust is an independent hardware security block for integration into semiconductor devices, offering secure execution of user applications, tamper detection and protection, secure storage and handling of keys and security assets, and resistance to side-channel attacks. The core mitigates against attacks like Meltdown and Spectre by allowing secure processing to be separated from general processing in a siloed architecture. Readily deployable, the Root of Trust is easily integrated with industry-standard interfaces and system architectures and includes hardware cryptographic accelerators for standard algorithms such as AES, SHA, RSA, ECDSA and ECDH. The layered security approach enforces that access and critical operations, including crypto modules, keys, memory ranges, I/O pins, and other resources, are available thru hardware only with no access by software.

The CryptoManager Root of Trust is based on a custom 32-bit RISC-V CPU designed specifically to provide a trusted foundation for secure processing in the core and system. The RISC-V CPU runs signed code modules called containers, which include permissions and security-related metadata. These containers can implement standard security functionality, or complete customer-specific security applications, including key and data provisioning, security protocols, biometric applications, secure boot, secure firmware update, and many more. Part of the comprehensive CryptoManager Security Platform that includes embedded cores, key provisioning infrastructure and infield services, the Root of Trust provides the highest level of end-to-end security at all stages of the chip lifecycle for applications like IoT, automotive, sensors, and connectivity.

Block Diagram


Superior Security

  • Hardware root of trust featuring a custom 32-bit RISC-V processor
  • Secure in-core processing and industry-leading anti-tamper
  • Built-in tamper detection and resistance to side-channel attacks
  • Multi-layered security model provides protection of all components in the core

Enhanced Flexibility

  • 3rd-party applications run securely within trusted boundary
  • Complete development environment allows users to easily develop secure applications leveraging all capabilities of the core
  • Support for secure provisioning of keys and firmware at manufacturing or in the field
  • Support multiple roots of trust within a single core

Security Models

  • Hierarchical privilege
  • Secure key management policy
  • Hardware-enforced isolation/access control/protection
  • Error management policy

Cryptographic Accelerators

  • Standard AES, SHA, Public Key Engine (implementing RSA & ECC)
  • Optional 3DES, ChaCha20, Whirlpool, DPA-resistant crypto engines and proprietary entropic array logic

Security Modules

  • True Random Number Generator
  • Canary logic for protection against glitching and overclocking
  • Secure key derivation and key transport
  • Life cycle management
  • Secure test and debug
  • Feature management


Complete Documentation

  • Hardware integration guide
  • Hardware and software reference manuals
  • Programming guides

Tools and Scripts

  • Verilog for synthesis and simulation
  • All scripts and support files needed for standard EDA tool flows Integration Deliverables

Integration Deliverables

  • Complete verification test bench and comprehensive set of test vectors
  • Boot loader and firmware, including secure RTOS and security monitor
  • HLOS APIs for accessing capabilities
  • Complete development environment, including compiler, assembler, debugger, simulator, reference code
  • Available FGPA-based development board








© 2018 Design And Reuse


不得复制,重发, 转载或以其他方式使用。