Lightweight and configurable root-of-trust IP for resource-constrained IoT devices

Crypto Quantique has announced a new lightweight root-of-trust (RoT) IP block to allow security feature implementation in resource-constrained MCU and IoT devices. Called QRoot Lite, the implementation complies with the Measurement and Attestation RootS of Trust (MARS) specification developed by the Trusted Computing Group (TCG) as a lightweight hardware security IP block for measurement, storage and reporting to attest to the health and trustworthiness of embedded IoT devices and sensors. The IP block is implemented in hardware as a state machine to enable easy integration into small systems as an attachment to a host MCU, providing essential functions for device identity, measurement and attestation where on-chip resources are limited.

The MARS implementation on the solution provides the functionality of hashing, key derivation and digital signature generation, using NIST's lightweight cryptography standard, the Ascon family of cryptographic algorithms, to implement these functions. The IP block's identity may be supplied with seed injection, but optionally, for maximum security, Crypto Quantique's Physical Unclonable Function (PUF) can generate the seed needed to provision a unique identity to the device. The IP block securely stores derived keys and performs cryptographic operations within the secure hardware, protecting against known side-channel and fault injection attacks. An ASIC's side-channel protected hardware footprint is less than 25 Kgates and less than 14 Kgates for an unprotected implementation.

Applications that can benefit from QRoot Lite include verified boot implementation to ensure that only trusted code is executed through the boot process, key generation and key storage to load and store encrypted data, and remote verification of the integrity and authenticity of sensor data.