At Rambus, we create cutting-edge semiconductor and IP products, spanning memory and interfaces to security, smart sensors and lighting.

Products
- - - Explore our full catalog of products so you can find the right solution to fit your needs.
    - Product Selector
Solutions
- - By Market
  - AI & Machine Learning
  - Automotive
  - Data Center
  - Edge
  - Government
  - IoT
- - - Explore our full catalog of products so you can find the right solution to fit your needs.
    - Product Selector
Resources
- - Resource Library
  - Our library of informational videos, papers, presentations, and more
  - Webinars
  - Check out our library of upcoming and on-demand webinars
- - Inventions
  - Explore innovations that enable the superior performance of Rambus solutions
  - Certifications
  - Certified silicon IP solutions tailored to the specific needs of some of the world’s most demanding applications
- - - Explore our full catalog of products so you can find the right solution to fit your needs.
    - Product Selector
Company
- - About
  - Corporate Overview
  - Leadership
  - Inventors
  - Careers
  - Locations
  - Investor Relations
- - News & Media
  - Newsroom
  - Blog
  - Events
- - - Explore our full catalog of products so you can find the right solution to fit your needs.
    - Product Selector
- English

IME-IP-341 Inline Memory Encryption Engine

Home > Security IP > Inline Memory Encryption IP > IME-IP-341 Inline Memory Encryption Engine

IThe Rambus IME-IP-341 is an SoC-ready, in-line memory encryption engine using AES/SM4 ciphers with XTS/ECB/Bypass as modes of operation. It incorporates multi-stream, multi-algorithm support required for supporting multiple virtual machines (e.g., Realms in ARMv9). It supports configurable protection of different memory regions (up to 32) with separate individual keys mapping to individual regions (e.g., PAS in MPE ARMv9).

The IME-IP-341 provides (optional) protection against power-analysis side-channel attacks by incorporating Differential Power Analysis (DPA) countermeasures within the cipher primitives. Additionally, Datapath Integrity (DI) using ECC based SRAMs with (optional) parity protection in the cipher datapath provides robustness against random errors, ensuring operation under stringent operating conditions in advanced technology nodes. For CMVP certification IME-IP-341 uses a CAVP certified cipher engine and (optional) built in known answer self-test (KAT).

Contact

Product Brief

How the IME-IP-341 Engine Works

The Rambus IME-IP-341 is an inline memory encryption engine for protection of off-chip memory. The programming for the security attributes and keys per region is programmed by a dedicated AMBA interface towards trusted subsystem. At the start, different memory regions (up to 32) can be programmed as per different security policies of the system.

Once the IP is programmed and initialized, it acts as a transparent datapath engine between the SoC bus and DDR controller. It also includes functionality to convert an encryption key into its equivalent decryption. Zeroization, and startup behavior is supported in compliance with MPE engine requirements for ARMv9. The IME-IP-341 supports programmable sector size (default is 64B, same as a typical cache line width and a typical DDR burst size).

Solution Offerings

Features

Deliverables

Features

Deliverables

Secure Networking Basics: MACsec, IPsec, and SSL/TLS/DTLS

The MACsec, IPsec and SSL/TLS/DTLS protocols are the primary means of securing data in motion (communicated between connected devices). These protocols can be anchored in hardware or implemented in software as part of an end-to-end security architecture. This white paper provides fundamental information on each of these protocols including their interrelationships and use cases.