Home etc Blogs Hardware Root of Trust Adds Quantum-Ready Security

Hardware Root of Trust Adds Quantum-Ready Security

0
5

The latest hardware security platform introduces memory protection, post-quantum cryptography, and faster peripheral connectivity to strengthen embedded system security.

A new version of the OpenTitan Earl Grey 2 Root of Trust (RoT) hardware architecture is available that offers improvements to the existing features in order to secure embedded systems against emerging threats such as AI and quantum computing attacks. These enhancements include better memory safety, post-quantum cryptography (PQC), faster peripheral interfaces, and reduced power usage.

The first key feature is the support of Capability Hardware Enhanced RISC Instructions (CHERI). This technology allows hardware-based memory isolation and protection through the use of hardware-protected capabilities rather than memory pointers. Each capability contains information about its memory bounds and permitted operations in order to minimise the risks of memory corruption and invalid memory access.

Another important innovation offered by the platform is the PQC accelerator that supports CNSA 2.0 recommendations. The enhanced cryptographic accelerators now allow the execution of quantum-safe algorithms, for example, ML-KEM and ML-DSA, while securing against side-channel and fault-injection attacks.

To improve connectivity, the architecture includes an I3C Controller/Target integration block. This interface can replace separate I2C and SPI interfaces, eliminating communication delays while allowing compatibility with modern sensors, memory devices, and high-speed peripherals, especially for use in data centers and embedded systems.

The improved hardware Root of Trust includes advancements in process node, compression instructions, IP blocks optimisation, and power domain partitioning that helps reduce silicon area usage and power consumption while preserving performance.

Design work on the new architecture has already started and will continue through 2027. The project is available for public review, modification, and community contributions for future secure silicon platforms.

LEAVE A REPLY

Please enter your comment!
Please enter your name here