OPTIGA TPM SLB 9672 FW16
Ready-to-use TPM with SPI interface and PQC-protected firmware update mechanism optimized for IoT network and embedded control devices
OPTIGA™ TPM SLB 9672 FW16.xx is one of the latest products in a new generation of future-proof OPTIGA™ TPMs. It is optimized for connected devices, offering enhanced security features.
This standardized, out-of-the-box TPM provides a solid foundation for securely establishing the identity and software status of connected devices, and for protecting the integrity and confidentiality of data at rest and in transit.
Feature-rich, ready for current and future security challenges OPTIGA™ TPM SLB 9672 FW16.xx is future-proof – it comes with extended memory and stronger cryptographic algorithms, and is the first TPM in the market that offers a PQC-protected firmware update mechanism using XMSS signatures. Integrated resiliency features allow the TPM firmware to be recovered in compliance with the NIST SP 800-193 Platform Firmware Resiliency Guidelines.
Its enhanced security features include AES bulk encryption, configuration of the TPM unique ID and configurable endorsement primary seed.
OPTIGA™ TPM SLB 9672 FW16.xx provides a unique ID. This is required to monitor IoT devices on connected networks for application security and ease of maintenance. This unique ID cannot be erased.
The above features can be configured during platform manufacturing according to the individual needs of a device. This gives customers greater flexibility to adapt the TPM to application-specific needs.
Available in consumer-grade quality, OPTIGA™ TPM SLB 9672 FW16.xx comes with an extended temperature range from -40°C to +105°C to support industrial use cases with lifetimes of up to 10 years.
OPTIGA™ TPM SLB 9672 is also available in a second version:
OPTIGA™ TPM SLB 9672 FW15.xx is the primary choice for Microsoft Windows environments/ecosystems and connected devices with PC architectures.
Summary of Features
- High-end standardized security controller with 192-bit key length
- PQC-protected firmware update mechanism using XMSS signatures
- Support for latest specifications of TCG TPM 2.0 standard (revision 1.59)
- TCG, CC, and FIPS certifications
- Windows HLK certification
- Support for latest cryptographic algorithms: up to RSA-4096, AES-128, AES-192, AES-256, ECC NIST P384, SHA2-384
- Enhanced security features: TPM_CC_EncryptDecrypt2 and TPM2_changeEPS functions / configurable unique ID
- Full personalization with 4 endorsement keys (EK) and 4 EK certificates (RSA 2048, RSA 3072, ECC NIST P256, ECC NIST P384)
- Extended non-volatile memory (51 kB)
- SPI interface
- Thin UQFN-32 package
Benefits
- Proven, standardized turnkey security solution
- High confidence level based on Common Criteria and FIPS certifications
- Faster cryptographic operations compared with the previous generation (2 to 4 times faster, depending on the functions)
- Easy integration with Windows and Linux OS platforms
Potential Applications
Home & Office devices
- Enterprise printers
Industrial automation
Smart building
- Routers
- Switches
- Access point
- Gateway
- 5G equipment
In this on-demand webinar we show why TPMs are a good way to solve IoT security issues—covering everything from IoT end nodes to network equipment.
In addition you´ll learn:
- Examples of real security attacks that show unexpected weak spots that need to be addressed by a reliable and effective security solution
- Why TPMs are perfectly equipped to solve IoT security challenges and how you can use proven TPM technology to make your devices more resistant to attacks
- How to build strong and secured device identities and deploy effective methods for device authentication
- Examples of TPM usage in business