Rambus announces Root of Trust IP offering with support for NIST PQC standards
Rambus, a provider of memory interface chips and silicon IP, unveiled Rambus Root of Trust IP, what the company described as the first in a family of quantum-safe security IP products for data center and communications security.
The new offering is a complete Post Quantum Cryptography (PQC) hardware security solution that protects valuable data center and AI/ML assets and systems by employing cryptographic algorithms selected by the National Institute of Standards and Technology (NIST): CRYSTALS-Kyber for key-encapsulation and CRYSTALS-Dilithium for digital signatures. In addition, Rambus Root of Trust IP supports the Commercial National Security Algorithm Suite (CNSA) algorithms for software and firmware updates, including XMSS/LMS stateful hash firmware signatures, CNSA symmetric-key algorithms, and CNSA quantum-resistant public-key algorithms.
The unveiling comes as more security vendors are packaging and marketing PQC solutions based on the pending NIST standards, and more enterprises and government agencies are preparing to adopt PQC protection.
“Since 2016, NIST has done pioneering efforts to identify post-quantum cryptographic algorithms which will be better suited for protecting critical government and public infrastructure from entities looking to steal data now to decrypt later using quantum computing,” said Heather West, PhD, research manager of Quantum Computing Research at IDC. “Now that NIST has announced its first four post-quantum computing recommendations, it is important that system designers begin implementing quantum-resistant cryptography to ensure that data and hardware remain secure in the quantum computing era.”
Scott Best, senior director of security products at Rambus, told IQT News via email that Root of Trust IP is well-positioned even if the NIST standards end up changing in subtle ways before they are finalized sometime next year.
“While it is likely that NIST will require updates to the quantum-safe algorithms that we support, the industry is anticipating those updates will be relatively minor updates to the parameter sets associated with the protocols,” he said. “In fact, this is a specific advantage of our initial Root of Trust-based approach, in that we have software control over the parameter sets while accelerating the mathematical operations with tamper-resistant hardware components. In our opinion, this achieves an ideal balance for rapid adoption of new protocols with anticipated updates, while at the same time achieving peak security performance via hardware.”
“To ensure today’s data remains protected into the future, we must implement now security solutions that safeguard against quantum attacks,” added Neeraj Paliwal, general manager of Security IP at Rambus. “This new generation of the Rambus Root of Trust is a flagship product in our Quantum Safe IP portfolio that offers customers complete security solutions for the data center and advanced workloads like generative AI.”
Rambus said Root of Trust IP is now available for licensing.
Rambus Quantum-Safe Root of Trust Features:
Programmable 32-bit secure processor
Quantum Safe Encryption engine
Open Compute Project (OCP) Caliptra Root of Trust for Measurement with DICE and
X.509 support
True Random Number Generator (TRNG) and Physical Unclonable Function (PUF)
entropy source
Secure data store
FIPS 140-3 CAVP and CMVP compliant
SDK for user development of secure and trusted applications
Dan O’Shea has covered telecommunications and related topics including semiconductors, sensors, retail systems, digital payments and quantum computing/technology for over 25 years.
