SAN JOSE, Calif. — Rambus announced a security block based on the RISC-V core aimed, in part, to plug the Meltdown/Spectre flaws revealed earlier this year. The CryptoManager Root of Trust targets use in a wide spectrum of ASICs, microcontrollers, and SoCs in embedded systems.
Rambus claims that the new block sports several advantages over root-of-trust functions already integrated in most existing embedded processors. It suggested that OEMs should move this fundamental hardware-security function out of mainstream x86 and ARM embedded processors that Spectre/Meltdown showed are vulnerable to side-channel attacks.
However, an NXP security expert said that the root-of-trust function ideally should be implemented in a standalone chip, a practice that high-security systems use. The trend of integrating the function into larger chips helped save costs, but it was a step backward in security, said Sami Nassar, vice president of cybersecurity solutions at NXP Semiconductors.
“The security execution environment and the root of trust should be outside the main processor … you don’t want to mix security and general processing,” he said. “It’s not complicated to [isolate the two], and it doesn’t add much cost, but people cut corners, and it’s proven to be a weak model.”
Rambus argues that its block lets designers at least move the key security functions off of embedded processors that often use speculative execution. Spectre/Meltdown showed that the popular performance-boosting function can leave secure data exposed in caches.
Nassar countered that highly secure systems generally use standalone root-of-trust chips separately from host processors. Integrated chips are more vulnerable because they share I/O and cache blocks, he said.