Arm TrustZone Security System IP

TrustZone Random Number Generator Chip.

TrustZone Random Number Generator

The use of unpredictable random numbers underpins most modern security schemes. A Random Number Generator (RNG) is a mandatory component in any system that generates cryptographic assets.

A standard RNG includes 2 components:

  • True Random Number Generator (TRNG) – a hardware component that generates unpredictable numbers based on a physical process.
  • Deterministic Random Bit Generator (DRBG) – an algorithm capable of producing vast amounts of number sequences after being “seeded” by the TRNG.

The Arm TrustZone RNG offers these 2 components:

  • A TRNG which conforms to the following standards and drafts:
    • NIST SP800-90B
    • NIST SP800-22
    • FIPS 140-2
    • BSI AIS-31
  • Optionally, a software-implemented DRBG which follows NIST SP800-90A (making the entire RNG flow SP800-90C compliant).

TrustZone Full Disk Encryption Chip.

TrustZone Full Disk Encryption

The Arm TrustZone Full Disk Encryption (FDE) product family includes several single or multi-core, high performance Advanced Encryption Standard (AES) engines, designed to support the need to encrypt all user data saved on the latest generation of solid-state storage devices (UFS, eMMC).

The products in the Arm TrustZone FDE family offer optimized implementations of AES modes of operations “designed for storage”, for example, XTS, CBC-ESSIV and CBC-BitLocker.


TrustZone Address Space Controllers Chip.

TrustZone Address Space Controllers

TrustZone Address Space Controllers extend on-chip security by partitioning external memory in to secure and non-secure regions. The Arm CoreLink TZC-400 TrustZone Address Space Controller protects multiple regions of external memory against software attack, with a fast path to hide look up latency and Arm AMBA 4 ACE-Lite and AXI4 support. For on-chip memory, internal SRAM, TrustZone controllers, perform signature checks and ensure secure boot.

Learn more about TZC-400 TrustZone Address Space Controller here

Want to know more about Security on Arm?

Learn more

Resources