To protect computers, servers and smart connected devices against cyber-attacks, STMicroelectronics has introduced two security modules which store system-authentication data such as cryptographic keys and software measurements in inaccessible and unalterable hardware.
The new STSAFE Trusted Platform Modules (TPM) is designed to protect PCs and servers, as well as other home and office equipment such as printers, copiers, home gateways, network routers, and switches.
“This protected storage prevents attackers from interfering with the device’s integrity, stealing private data, or taking over the system to gain unauthorized access or privileges that would put the system, data, or its network at risk”, ST said in the announcement.
“Robust security is central to maintaining trust in the rapidly growing number of smart connected devices that support the way we live and work,” said Marie-France Florentin, General Manager, Secure Microcontrollers Division, STMicroelectronics. “Our state-of-the-art security modules combine the latest trusted computing technology with value-added features that enable superior protection for end-users’ privacy and safety.”
The first device of the STSAFE-TPM devices, the ST33TPHF2ESPI, supports the Trusted Computing Group’s latest TPM 2.0 specifications which adds extra features over the earlier TPM 1.2. It can also switch easily between the two, allowing OEMs to provide TPM 1.2 or TPM 2.0 capability on the latest device technology.
The second device is the ST33TPHF20SPI, which supports TPM 2.0 and which the company says has the largest non-volatile memory in the market to provide up to 110Kbytes storage for sensitive data.
The STSAFE-TPM modules feature the secure ARM SecurCore SC300 processor, which has anti-tamper, data-watching, and memory-protection features.
Both devices are Common Criteria (CC) and Trusted Computing Group (TCG) certified against the applicable TPM 1.2 and 2.0 protection profiles and US Federal Information Processing Standard (FIPS) 140-2 certifications are in progress.
The new modules come with RSA and ECC Endorsement Keys (EKs) needed to support authentication and associated key certificates are provided, signed by the independent certification authority Globalsign Ltd to guarantee authenticity.
The ST33HTPH2ESPI and ST33HTPH20SPI are available in either a TSSOP28 or QFN32 package. Both devices are in production now.
For further details, view the full Press release.