What is Root of Trust?

Definition: Highly reliable hardware, firmware, and software components that perform specific, critical security functions. Because roots of trust are inherently trusted, they must be secure by design. Roots of trust provide a solid foundation upon which security and trust can be built.


Root of Trust explained

Encryption, signing, authentication, and authenticated key exchange are all cryptographic operations that rely on secret keys that must be kept secure and remain secret. Therefore, any deployment of cryptography must be carefully considered on the basis of how the secret keys are stored and protected. A robust method of protection is critical in order to become the ‘root of trust’ - the foundation of trust for the entire computing ecosystem.

A root of trust is a vital component of any Public Key Infrastructure (PKI) and Symmetric Key Infrastructures to generate and protect root Certificate Authority keys which are required for:

  • Code signing to ensure software remains secure, unaltered, and authentic,
  • Generating and safe-guarding digital keys and certificates for credentialing and authenticating devices for IoT applications (managing the life-cycle of the device), and other network deployments.

Secure Root of trust functions usually include hardware security modules. A hardware root of trust serves as the foundation for all secure operations of a computing system. It generates, protects and stores the keys that are needed for cryptographic functions within its secure environment, and it is generally part of the secure boot process that provides the foundation for a software chain of trust.

The concept in a hardware root of trust stands out as highly effective compared to lower-level security measures. It is mandatory in many industry-grade standards and regulations (e.g., government, banking, military). A programmable hardware root of trust is designed to be updated on a regular basis in order to keep up with the latest network, app, and device threats and exploitations.



Blog posts

Blog posts

Related products

Related products

Contact us

We look forward to answering your questions.

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.
You have selected two different types of downloads, so you need to submit different forms which you can select via the two tabs.

Your download request(s):

    By submitting below form you will receive links for your selected downloads.

    Your download request(s):

      For this type of documents, your e-mail address needs to be verified. You will receive the links for your selected downloads via e-mail after submitting below form.

      About Utimaco's Downloads

      Visit our Downloads section and select from resources such as brochures, data sheets, white papers and much more. You can view and save almost all of them directly (by clicking the download button).

      For some documents, your e-mail address needs to be verified. The button contains an e-mail icon.

      Download via e-mail


      A click on such a button opens an online form which we kindly ask you to fill and submit. You can collect several downloads of this type and receive the links via e-mail by simply submitting one form for all of them. Your current collection is empty.