Security Enclave IP based on RISC-V
Single module for multiple security challenges
The eSecure IP is a complete standalone module that enables security applications by shielding the secret information from the non-secure application running on the main processor. The firewall prevents any unauthorized access to the secret data. The secure controller embedded in the eSecure module keeps full control of the execution of the security functions. In some designs, the secure controller can be optionally virtualized in the host processor.
Software/firmware authentication
One of the key elements of a secure device is to execute authenticated and trusted software in order to prevent malicious code execution. The eSecure IP provides a strong authentication of the software/firmware at boot-time (secure boot) and during run-time. It will also optionally decrypt the code before execution by the host processor.
Device unique identity
In order to protect applications and products against counterfeiting and cloning, it is important to be able to uniquely identify each manufactured part. This identification also enables device authentication and per device right management.
Secure storage of secret information
A secure application always requires some data to be kept secret. The eSecure IP can store secret keys and other information inside a secure or non-secure storage area. For non-secure area such as external flash memories, the eSecure IP will guarantee the confidentiality and authenticity of the data with strong cryptographic algorithms.
Secure communication
In today’s connected world, most applications involve secure communication protocols. The eSecure cryptographic engine supports all the latest algorithms for TLS/DTLS 1.3, Thread Networking, Apple HomeKit, Bluetooth, Zigbee and more.
Efficient secure hardware solution for any application
The eSecure IP is a very efficient solution to enable any secure application on chip. The hardware module shielded from the main processor brings a high level of security. Also the hardware offloading of the cryptographic operations from the main processor to the eSecure module guarantees a low power operation. The eSecure module is tuned to the target application in terms of feature and performance.
Anti-tampering management
Most secure chips involve one or multiple tamper detection mechanisms. The advanced anti-tampering management unit of the eSecure IP enables fine control of the tamper detection source, and actions to be taken when an event occurs, such as instantaneous zeroisation of the secret data. The configurability of the unit makes it suitable for basic up to advanced security requirements.
Scalable cryptographic engine
The scalable cryptographic engine supports symmetric encryption (AES, DES, …), asymmetric operations (ECDSA, ECDH, RSA, …), hashing (SHA-1, SHA-256, …) and random number generation. The cryptographic engine can be configured to reach the performance level required by your application, enabling efficient offloading of the main CPU.
View Security Enclave IP based on RISC-V full description to...
- see the entire Security Enclave IP based on RISC-V datasheet
- get in contact with Security Enclave IP based on RISC-V Supplier
Block Diagram of the Security Enclave IP based on RISC-V
security subsystem IP
- Quad core IP platform with integrated Arm security subsystem
- Post-Quantum Security Subsystem (PQ-HW-SUB)
- Root of Trust eSecure module for SoC security
- Securyzr iSE 100/300/700/900 series by Secure-IC: integrated Secure Element (iSE) for multiple applications
- Securyzr™ neo Core Platform - One core, multiple products
- Secure AHB Performance Subsystem - ARM M3