Hardware Security Module

Overview

GRHSM is an isolated system-on-chip (SoC) that can be used as a subsystem in a larger SoC design to implement a hardware security module or otherwise provide security functions to the larger system. Use cases include

Root of Trust - Secure boot
Crypto key storage and management
Unique device authentication
Offloading of cryptographic functions (NIST FIPS 180-4, 197, 198-1, 202)
Secure random number generation (SRNG)

GRHSM depends on platform-specific capabilities to implement its features, utilizing non-volatile on-chip memory in ASSPs and unique bitstreams in FPGAs

‍

Architecture

Fault tolerance

Key Tech Spec

Target technology support

Evaluation boards

Development Kit

Licensing

Software

Tools

Block diagram

Related project

Supported Hardware

Configuration

Reference Design

Other resources

Detailed features

Main elements:

LEON3FT SPARC V8 32-bit processor
A cryptographic core with hash and crypto controllers
Secure Random Number Generator (SRNG) core, composed of TRNG and hash-based DRBG
- Interface towards a One-Time Programmable (OTP) or NVM memory as secure storage
Contains immutable device ID, and secret master symmetric key.
Bootcontroller for secure boot
A mailbox interface between the main SoC and GRHSM, for sending commands and responses
A DMAinterface towards the main SoC for bulk crypto/hashing

‍

‍Key Management

Predefined or static keys may be stored in on-chip memory or in an external flash only accessible by GRHSM
Generated keys are stored in an external flash memory only accessible by GRHSM

Secure Random Number Generation, consisting of the following two blocks:

Deterministic Random Bit Generator (DRBG): Uses SHA256 hashing to update its internal state and to generate the random numbers supplied to the consumer.
True Random Number Generator (TRNG): Uses an internal ring oscillator as its entropy source, with optional support for an external entropy signal. Supplies entropy to seed the DRBG.

Hardware accelerated cryptographic functions (NIST FIPS 180-4, 197, 198-1, 202)

SHA-256, SHA-3, AES 128, AES 256, HMAC, HKDF
No specific hardware blocks to support PQC algorithms in GRHSM. The firmware running on the LEON3FT can handle those and provide algorithm agility

Self-Protection and Isolation

Hardware-based isolation ensures separation from external SoC and system resources
Minimal external communication, based on mailbox interface, limits attack vectors

Operations

Users can customize the platform and manage secret keys using their proprietary software libraries
The software running on the Hardware Security Module determines how to manage keys, facilitates secure key operations, boot authentication, and communication setup
The integrator does not need to trust our GRHSM as a secure black box. They can inspect the architecture and use it to run their trusted software solution.

Debug

The Hardware Security Module has a dedicated interface for debugging and customization
The debug interface can be permanently disabled after deployment
Debug and customization activities are facilitated via the GRMON debug tool.

‍