Trusted Secure IP Driver

Overview

This product enables secure updating of flash ROM embedded in MCUs and in preventing illicit firmware being booted up (secure booting). This driver controls AES, Triple-DES, RSA, ECC, SHA and MD5 algorithms and the generation of random numbers through high-speed hardware calculation by the Trusted Secure IP modules. As a result, this driver can help you to protect "Internet-of-Things" (IoT) embedded devices from viral infections and eavesdropping. Trusted Secure IP includes a full-function version "TSIP" and limited function version "TSIP-Lite".

Topics

The Trusted Secure IP Driver for RE Family V.1.01 has been released. Support for RE01_256KB Group started.

The Trusted Secure IP Driver for RX Family V.1.10 has been released. Support for ECDSA P-384 ans ARC4 function started.

Release Information

Target Device ^Note1	Product Name	Version/Release	Providing Method
RX23W RX231 RX65N, RX651 RX66N RX66T RX72M RX72N RX72T	Trusted Secure IP Driver for RX Family (Source code version) ^Note2	Latest Ver.: V1.10 Release 00 Released: July 6, 2020	Contact us
RX23W RX231 RX65N, RX651 RX66N RX66T RX72M RX72N RX72T	Trusted Secure IP Driver for RX Family (Binary version) ^Note2	Latest Ver.: V1.09 Release 00 Released: July 10, 2020	Download
RE01	Trusted Secure IP Driver for RE Family	Latest Ver.: V.1.01 Release 00 Released: Jul 20, 2020	Contact us
RZ/A2M	Trusted Secure IP Driver for RZ Family RZ/A2M Group	Latest Ver.: V2.00 Released: Dec 25, 2019	Contact us

Note

Some MCUs in the listed groups do not include a TSIP module. Refer to the User's Manual: Hardware for the given group to check the type names of the MCUs that have a TSIP module.
Please use the binary version when considering the prototype. In this case, please download.
Please use the source code version when considering the mass production. In this case, please contact us. Users cannot change cryptographic functions.

Operating Environment

Features

Cryptographic functions which provide advanced security can be embedded in mass-produced products at low cost
High-speed execution of the AES, a world standard cryptographic algorithm
Support for AES-GCM, which is frequently included in the required specifications of smart meters
Functions for safely updating firmware
Easily combined with other device drivers for RX, RE MCUs or RZ MPUs

Components

Trusted Secure IP Driver main body
Trusted Secure IP Driver manual
Sample code demonstrating application of the Trusted Secure IP Driver
1. Sample code for confirming the way user keys are written
2. Sample code for confirming the secure updating of firmware from USB memory or UART.

Functions

Function		Algorithm (mode/method)	TSIP-Lite	TSIP
Function		Algorithm (mode/method)	RX23W, RX231, RX66T, RX72T, RE01	RX65N, RX651, RX66N, RX72M, RX72N	RZ/A2M
Public-Key Cryptography	Signature generation and verification	RSA (RSASSA-PKCS1-v1_5)	—
		RSA (DSA)	—	—	—
		ECC (ECDSA)	—		—
	Encrypt/Decrypt	RSA (RSAES-PKCS1-v1_5)	—
	Key pair generation	RSA 1024/2048 bit	—		^{(2048 bit only)}
	Key pair generation	ECC P-192/224/256/384	—		—
Symmetric-Key Cryptography		AES-128/256 bit (ECB/CBC/GCM)
		Triple-DES 56/56x2/56x3 bit (ECB/CBC)	—		—
		ARC4 2048 bit	—		—
Message authentication		AES-128/256 bit (CMAC)
Hash function		SHA-1, SHA-224, SHA-256	—	^{(SHA-1, SHA-256)}	^{(SHA-224, SHA-256)}
Hash function		MD5	—		—
Random number generation		-
Key management function		AES 128/256 bit
		RSA 1024/2048 bit	—		^{(2048 bit only)}
		ECC P-192/224/256/384	—		—
		Triple-DES 56/56x2/56x3 bit	—		—
		ARC4 2048 bit	—		—
Key update function		AES 128/256 bit			In Development
		RSA 1024/2048 bit	—		In Development
		ECC P-192/224/256/384	—		—
		Triple-DES 56/56x2/56x3 bit	—		—
		ARC4 2048 bit	—		—
SSL/TLS cooperation function		TLS1.2 compliant Supporting cipher suites: TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256	—		In Development
Key agreement		ECDH 512 bit, DH 2048 bit	—		—
Key Wrap		AES 128 bit/256 bit	—		—
Secure booting		-
Secure updating of firmware		-			In Development

Available | — Unavailable

Maximum key length for each algorithm.

- AES: 256 bit
- RSA: 2048 bit
- DES: 56 bit
- Triple-DES: 168 bit
- ARC4: 2048 bit
- DH: 2048 bit
- ECDH: 512 bit
- ECDSA: 256 bit
- DSA 2048 bit / ECDSA 512 bit (Cryptographic algorithm for authentication): Not supported

Operating Environment

MCU	RX Family	RE Family		RZ Family
IDE	CS+ V8.02.00 or later e² studio V7.7.0 or later IAR Embedded Workbench for Renesas RX 4.14.01 later	IAR Embedded Workbench for ARM version 8.32.1 or later	e² studio V.7 or later	e² studio V.7.6.0
C Compiler	C/C++ Compiler Package for RX Family V3.02.00 or later	IAR C/C++ Compiler for ARM version 8.32.1 or later	GCC ARM Embedded Version 6.3.1.20170620	GCC ARM Embedded Toolchain (6-2017-q2)
Debugger	E1 emulator E20 emulator E2 emulator Lite	IAR I-jet Segger JLink	Segger JLink	Segger JLink
Evaluation board	Renesas Starter Kit for RX231 (B Mask: built-in Trusted Secure IP) Renesas Starter Kit+ for RX65N-2MB (Built-in Trusted Sesure IP) Renesas Starter Kit for RX66T (Built-in Trusted Sesure IP) Renesas Starter Kit+ for RX72M (Built-in Trusted Secure IP) Renesas Starter Kit+ for RX72N (Built-in Trusted Secure IP) Renesas Starter Kit for RX72T (Built-in Trusted Secure IP) RX72N Envision Kit GR-ROSE	Evaluation Kit RE01 1500KB Evaluation Kit RE01 256KB		RZ/A2M Evaluation Board Kit (Contact us about details)
Evaluation board (optional) ^Note	Wireless LAN expansion board package for RSK (includes Wireless LAN module (eWBC))(Part Number: RTK0ZZZZZZP00000BR)	—		—

Note: This board is required to check the operation of sample code for checking the secure updating of firmware via wireless LAN.

Purpose

Cryptographic communications among CPUs in equipment at sites or within equipment
Secure updating of firmware for embedded devices in general

Obtaining the product

We will provide the product to customers who will be adopting or plan to adopt a Renesas microcontroller. Please contact your local Renesas Electronics sales office or distributor.

Target Devices

Family	Group
RX Family	RX23W RX231, RX230 [RX231 only] RX66N RX65N, RX651 RX66T RX72M RX72N RX72T
RZ Family	RZ/A2M
RE Family	RE01 1500KB RE01 256KB

Development Tools Support

Title	Description
My Renesas	Create a My Renesas account to use our tool download services, receive e-newsletter/update notifications, and take advantage of our other services.
e-learning	Information for studying and learning about microcontrollers and microprocessors.
FAQ	Frequently asked questions and useful hints for development.
Forum	A forum and community site to share technical information, questions and opinions with others who use Renesas MCU's.
Tool News	Tool release information and other important information.
Operating Environment	Information on system requirements and operating environment for the latest version of tools.
Info on Discontinued Products	A list of Renesas software and tools that have been discontinued and are no longer being offered for new projects.

You can filter the sample codes and application notes that are displayed using the below filters.

Back

Action Needed

Download

My Account

My Account

Trusted Secure IP Driver

Overview

Topics

Release Information

Features

Components

Functions

Operating Environment

Purpose

Obtaining the product

Target Devices

Development Tools Support