Trusted Secure IP Driver
Overview
This product enables secure updating of flash ROM embedded in MCUs and in preventing illicit firmware being booted up (secure booting). This driver controls AES, Triple-DES, RSA, ECC, SHA and MD5 algorithms and the generation of random numbers through high-speed hardware calculation by the Trusted Secure IP modules. As a result, this driver can help you to protect "Internet-of-Things" (IoT) embedded devices from viral infections and eavesdropping. Trusted Secure IP includes a full-function version "TSIP" and limited function version "TSIP-Lite".
Topics
The Trusted Secure IP Driver for RX Familly V.1.09 has been released. The support for the RX66N group and RX72N group started. Support for ECDH Key Agreement function and AES Key Wrap function started.
Release Information
| Target Device Note1 | Product Name | Version/Release |
|---|---|---|
| RX23W RX231 RX65N, RX651 RX66N RX66T RX72M RX72N RX72T |
Trusted Secure IP Driver for RX Family | Latest Ver.: V1.09 Release 00 Released: Apr 7, 2020 |
| RE01 | Trusted Secure IP Driver for RE Family | Latest Ver.: V1.00 Release 00 Released: Oct 31, 2019 |
| RZ/A2M | Trusted Secure IP Driver for RZ Family RZ/A2M Group | Latest Ver.: V2.00 Released: Dec 25, 2019 |
Note
- Some MCUs in the listed groups do not include a TSIP module. Refer to the User's Manual: Hardware for the given group to check the type names of the MCUs that have a TSIP module.
Features
- Cryptographic functions which provide advanced security can be embedded in mass-produced products at low cost
- High-speed execution of the AES, a world standard cryptographic algorithm
- Support for AES-GCM, which is frequently included in the required specifications of smart meters
- Functions for safely updating firmware
- Easily combined with other device drivers for RX, RE MCUs or RZ MPUs
Components
- Trusted Secure IP Driver main body
- Trusted Secure IP Driver manual
- Sample code demonstrating application of the Trusted Secure IP Driver
- Sample code for confirming the way user keys are written
- Sample code for confirming the secure updating of firmware from USB memory or UART.
Functions
| Function | Algorithm (mode/method) | TSIP-Lite | TSIP | ||
|---|---|---|---|---|---|
| RX23W, RX231, RX66T, RX72T, RE01 |
RX65N, RX651, RX66N, RX72M, RX72N |
RZ/A2M | |||
| Public-Key Cryptography | Signature generation and verification | RSA (RSASSA-PKCS1-v1_5) | — | ||
| ECC (ECDSA) | — | — | |||
| Encrypt/Decrypt | RSA (RSAES-PKCS1-v1_5) | — | |||
| Key pair generation | RSA 1024/2048 bit | — | (2048 bit only) |
||
| ECC P-192/224/256 | — | — | |||
| Symmetric-Key Cryptography | AES-128/256 bit (ECB/CBC/GCM) | ||||
| Triple-DES 56/56x2/56x3 bit (ECB/CBC) | — | — | |||
| Message authentication | AES-128/256 bit (CMAC) | ||||
| Hash function | SHA-1, SHA-224, SHA-256 | — | (SHA-1, SHA-225) |
(SHA-224, SHA-225) |
|
| MD5 | — | — | |||
| Random number generation | - | ||||
| Key management function | AES 128/256 bit | ||||
| RSA 1024/2048 bit | — | (2048 bit only) |
|||
| ECC P192/224/256 | — | — | |||
| Triple-DES 56/56x2/56x3 bit | — | — | |||
| Key update function | AES 128/256 bit | In Development | |||
| RSA 1024/2048 bit | — | In Development | |||
| ECC P192/224/256 | — | — | |||
| Triple-DES 56/56x2/56x3 bit | — | — | |||
| SSL/TLS cooperation function | TLS1.2 compliant Supporting cipher suites: TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 |
— | In Development | ||
| Key agreement | ECDH | — | (RX65N only) |
— | |
| Key Wrap | AES 128 bit/256 bit | — | (RX65N only) |
— | |
| Secure booting | - | ||||
| Secure updating of firmware | - | In Development | |||
Available | — Unavailable
Operating Environment
Note: This board is required to check the operation of sample code for checking the secure updating of firmware via wireless LAN.
Purpose
- Cryptographic communications among CPUs in equipment at sites or within equipment
- Secure updating of firmware for embedded devices in general
Obtaining the product
We will provide the product to customers who will be adopting or plan to adopt a Renesas microcontroller. Please contact your local Renesas Electronics sales office or distributor.
Development Tools Support
| Title | Description |
|---|---|
| My Renesas | Create a My Renesas account to use our tool download services, receive e-newsletter/update notifications, and take advantage of our other services. |
| e-learning | Information for studying and learning about microcontrollers and microprocessors. |
| FAQ | Frequently asked questions and useful hints for development. |
| Forum | A forum and community site to share technical information, questions and opinions with others who use Renesas MCU's. |
| Tool News | Tool release information and other important information. |
| Operating Environment | Information on system requirements and operating environment for the latest version of tools. |
| Info on Discontinued Products | A list of Renesas software and tools that have been discontinued and are no longer being offered for new projects. |