Micron adds RPMC support to NOR flash devices for improved security

In an announcement, Micron Technologies said its Replay-Protection Monotonic Counter feature is now available for its serial NOR flash memory devices, which the company said will provide greater security for products that use them.

Micron said its RPMC-enabled serial NOR device enhances pre-boot security in a range of computing architectures, and makes systems resistant to rollback and replay attacks. It's also compliant with Intel's Serial Flash Hardening Product -- External Architecture Specification -- and meets the chipset security needs of Intel's Ultrabook platform.

According to Intel, serial flash is persistent storage that is available on motherboards used for the PC platform, and includes the CPU BIOS code and provides support for security, power management and other functions.

Intel said serial flash does not offer any protection against hardware attacks, but the replay protection specification provides what Intel said is a "building block" for additional security using the Replay-Protection Monotonic Counter (RPMC).

In a blog post on Micron's website, Lance Dover, product architecture manager, wrote that an effective monotonic counter has to be nonvolatile and immune to power loss in case it is reset or corrupted.

"Many embedded systems utilize a real-time clock to provide a monotonic counter for cryptographic freshness or for the purpose of anti-replay," Dover wrote. "Micron's RPMC has no such weakness because its count values are internally managed using flash memory techniques that prevent corruption resulting from power loss. In addition, our RPMC is designed to ensure monotonicity of the count values and may only be used by an authenticated party."