Home IP Core
SILICON ROOT-OF-TRUST IP

OpenTitan-Based Silicon Root-of-Trust IP

Designed against FIPS 140-3 Level 3. Synthesizable RTL. Full DICE attestation chain, OTP-backed lifecycle controller, and physical attack countermeasures — licensable, tape-out ready.

Request Datasheet
IP ARCHITECTURE

Block hierarchy and attestation chain

The zeroRISC RoT IP Core is structured around eight functional sub-blocks sharing an internal AHB-Lite bus. The DICE Attestation Engine orchestrates certificate chain generation at power-on, using secrets held in the OTP Controller and processed by the Key Manager.

OpenTitan-based root-of-trust IP block architecture showing cryptographic subsystems and attestation chain
TECHNICAL SPECIFICATION

IP specifications and interfaces

Feature Specification Notes
Symmetric CipherAES-256-GCMNIST FIPS 197 / SP 800-38D
Hash FunctionSHA-3-256 / SHA-2-256NIST FIPS 202 / 180-4
AsymmetricECDSA-P384NIST FIPS 186-5; used for attestation signing
RNGCSRNG (NIST SP 800-90A)CTR_DRBG with TRNG seed input
Bus InterfaceAHB-Lite / AXI4-Lite32-bit, little-endian; selectable at integration
Foundry NodesTSMC 28nm HPM, GF 22FDX, SMIC 40nmAdditional nodes available via NDA
Gate Count~350–420 kGE (estimated)Configuration-dependent; DFT overhead separate
Supply Voltage0.8 V – 1.1 VNode-dependent; IO ring separate
Attestation ProtocolDICE / DMTF DSP0267UDS, CDI_0, CDI_1, application cert chain
Lifecycle StatesDEV / PROD / LOCKED / RMA / EOLOTP-backed, HMAC-authenticated transitions
FIPS 140-3 LEVEL 3 DESIGN TARGET

Designed against FIPS 140-3 Level 3

FIPS 140-3 Level 3 requires physical security mechanisms beyond logical security — tamper-evidence, tamper-response, and identity-based operator authentication. The zeroRISC IP is designed against all Level 3 requirements: the architecture, physical security posture, and cryptographic algorithm selection are built to that target from first principles.

The license package includes FIPS 140-3 design validation documentation covering the security policy, physical security mechanisms, and cryptographic algorithm validation records. CMVP product module submission for your end device remains your team's process — zeroRISC does not file CMVP on your behalf.

Physical tamper-evidence and tamper-response mechanisms
Operator authentication via HMAC-SHA-256
Role-based access: Crypto Officer / User roles defined
FIPS 140-3 design validation documentation included in license package
Request Validation Scope Document
DESIGN TARGET — VALIDATION SCOPE
Standard
FIPS 140-3 (ISO/IEC 19790)
Security Level
Level 3
Module Type
Hardware (silicon IP embedded module)
Approved Algorithms
AES-256-GCM · SHA-3-256 · SHA-2-256 · ECDSA-P384 · CTR_DRBG
IP SUB-BLOCKS

Deep-dive into each IP component

Attestation Engine

DICE-compliant certificate chain engine. UDS derivation, CDI_0/CDI_1, boot-stage attestation certificates. Register map and API surface documented.

View deep-dive →

Lifecycle Controller

OTP-backed state machine spanning DEV, PROD, LOCKED, RMA, EOL. HMAC-authenticated transition commands. Tamper-evident state persistence.

View deep-dive →

Fault-Injection Countermeasures

EMFI, laser fault, voltage glitch, and power side-channel countermeasures. Redundant logic paths, alert architecture, PRNG pipeline randomization.

View deep-dive →

Request the IP Core datasheet

Full specification PDF, FIPS 140-3 design validation documentation overview, and integration package contents — delivered after NDA.

Request Datasheet Schedule Briefing