Winbond Extends Secure Flash Family with New Memory Densities, PQC Support and Secure Supply Chain Management

PR10_Winbond_TrustMe_2024_25

Winbond Electronics Corporation unveils the latest extension of TrustME® Secure Flash W77Q family with 256Mb, 512Mb and 1Gb devices.

These ground-breaking secure flash devices are the first in the market implementing Leighton–Micali Signature (LMS) algorithm for PQC (Post Quantum Cryptography), a critical en-hancement for securing connected IoT edge devices used in commercial, industrial and server segments.

PQC (Post Quantum Cryptography) is considered crucial as it replaces classical crypto-graphic algorithms that are no longer considered to be safe in lieu of Quantum Comput-ers. Governments and security analysts portray 2030 as the year traditional cryptography will become obsolete. In response, US NSA and UK NCSC have adopted LMS as the preferred PQC algorithms for digitally signing and authenticating firmware and software updates. Compliance with the new CNSA 2.0 guidelines for software and firmware sign-ing is expected by 2025, with a complete transition mandated by 2030.

The newly released TrustME® W77Q series in densities of 256Mb, 512Mb, 1Gb are the cutting-edge technology, supporting asymmetric key cryptography algorithm and ena-bling devices to facilitate both Secure OTA with asymmetric PQC signatures and Secure Supply chain via LMS-OTS (NIST 800-208). Winbond is proud to be the first memory vendor to integrate PQC, meeting the emerging regulations requirements and setting a new standard in the industry. These devices are optimally designed for applications in Industrial IoT, networking, servers, and critical infrastructure applications.

These new W77Q devices support high-performance Quad-SPI at 166MHz, extended Replay Protected Monotonic Counters (RPMC) with 8 counters for PC based imple-mentation. The 512Mb and 1Gb devices enable simultaneous read and write option en-hancing operational efficiency for software OTA operation.

Winbond’s W77Q Secure Flash is backward compatible with the popular W25Q family and comes equipped with an arsenal of features designed to ensure platform security:

· Code and Data Protection : Robust protection for both code and data, making it exceedingly difficult for hackers to tamper. RoT implementation follows the TCG DICE attestation mechanism.

· Authentication : Winbond Secure Flash devices employ stringent authentication protocols, ensuring that only authorized actors and software layers gain access.

· Secure Software Updates with Rollback Protection : The devices facilitate remote secure software updates while safeguarding against rollback attacks, ensuring that only legitimate updates are executed. To maintain the highest level of security and integrity during software updates, W77Q employs Leighton-Micali Signature (LMS) algorithms, as recommended by NIST Special Publication 800-208. This method guarantees the authenticity and integrity of the updating software, thereby providing an additional layer of security.

· Platform Resiliency : Follows NIST 800-193 recommendations, unauthorized code changes are automatically detected, enabling the system to recover to a secure state and disturbing potential cyber threats.

· Secure Supply Chain: The origin and integrity of flash content is guaranteed by Secure Flash at every stage of the supply chain. W77Q implements remote attestation based on LMS-OTS (NIST 800-208). This advanced approach effectively pre-vents content tampering and misconfiguration during platform assembly, transportation, and configuration, safeguarding against cyber adversaries.

Moreover, these security features are designed to meet the stringent certification requirements of Common Criteria, SESIP, and FIPS 140-3, underscoring our commitment to providing secure and reliable memory solutions.

“PQC represents the future of secure communications in the face of rapidly advancing quantum computing technologies. Our latest TrustME® W77Q devices are not just products, they are a testament to Winbond’s commitment to innovation and security in an ever-evolving digital world,” said Winbond. “By being the first memory to integrate the PQC algorithm, we are setting a new industry standard, ensuring our clients are equipped with the most advanced and secure memory solutions available.”

Related Articles

Sign up to the MVPro Newsletter

Subscribe to the MVPro Newsletter for the latest industry news and insight.

Please enable JavaScript in your browser to complete this form.

Trending Articles

Latest Issue of MVPro Magazine