OPTIGA™ TPM SLB 9672 FW16.xx
Ready-to-use TPM with SPI interface and PQC-protected firmware update mechanism optimized for IoT network and embedded control devices
OPTIGA™ TPM SLB 9672 FW16.xx is one of the latest products in a new generation of future-proof OPTIGA™ TPMs. It is optimized for connected devices, offering enhanced security features.
This standardized, out-of-the-box TPM provides a solid foundation for securely establishing the identity and software status of connected devices, and for protecting the integrity and confidentiality of data at rest and in transit.
Feature-rich, ready for current and future security challenges OPTIGA™ TPM SLB 9672 FW16.xx is future-proof – it comes with extended memory and stronger cryptographic algorithms, and is the first TPM in the market that offers a PQC-protected firmware update mechanism using XMSS signatures. Integrated resiliency features allow the TPM firmware to be recovered in compliance with the NIST SP 800-193 Platform Firmware Resiliency Guidelines.
Its enhanced security features include AES bulk encryption, configuration of the TPM unique ID and configurable endorsement primary seed.
OPTIGA™ TPM SLB 9672 FW16.xx provides a unique ID. This is required to monitor IoT devices on connected networks for application security and ease of maintenance. This unique ID cannot be erased.
The above features can be configured during platform manufacturing according to the individual needs of a device. This gives customers greater flexibility to adapt the TPM to application-specific needs.
Available in consumer-grade quality, OPTIGA™ TPM SLB 9672 FW16.xx comes with an extended temperature range from -40°C to +105°C to support industrial use cases with lifetimes of up to 10 years.
OPTIGA™ TPM SLB 9672 is also available in a second version:
OPTIGA™ TPM SLB 9672 FW15.xx is the primary choice for Microsoft Windows environments/ecosystems and connected devices with PC architectures.
Summary of Features
- High-end standardized security controller with 192-bit key length
- PQC-protected firmware update mechanism using XMSS signatures
- Support for latest specifications of TCG TPM 2.0 standard (revision 1.59)
- TCG, CC, and FIPS certifications
- Windows HLK certification
- Support for latest cryptographic algorithms: up to RSA-4096, AES-128, AES-192, AES-256, ECC NIST P384, SHA2-384
- Enhanced security features: TPM_CC_EncryptDecrypt2 and TPM2_changeEPS functions / configurable unique ID
- Full personalization with 4 endorsement keys (EK) and 4 EK certificates (RSA 2048, RSA 3072, ECC NIST P256, ECC NIST P384)
- Extended non-volatile memory (51 kB)
- SPI interface
- Thin UQFN-32 package
- Proven, standardized turnkey security solution
- High confidence level based on Common Criteria and FIPS certifications
- Faster cryptographic operations compared with the previous generation (2 to 4 times faster, depending on the functions)
- Easy integration with Windows and Linux OS platforms
- Programmable Logic Controllers (PLC)
- Network infrastructure devices and equipment such as gateways, routers, wireless access points, network interface cards, and switches
- IoT-embedded controllers