QRoot Lite IP – Crypto Quantique

QRoot Lite™ IP

Lightweight and Configurable Root-of-Trust Soft IP

QRoot Lite™ is a silicon IP solution designed specifically for resource-constrained MCUs and IoT devices. It provides essential security capabilities including secure boot, device attestation, and sealed storage. Built on the industry-standard TCG MARS specification, QRoot Lite™ simplifies integration, reduces costs, and accelerates your journey toward regulatory compliance and trusted embedded products.

Book an IP evaluation Contact sales

QRoot Lite™ is for teams building secure ASICs & SoCs with tight area and power budgets

SoC & ASIC Design Teams
Embedding root-of-trust directly into silicon designs without external TPMs.
Embedded Platform & Security Architects
Adding secure boot, attestation, and key protection to low-power MCUs.
OEMs & Product Companies
Building smart sensors, medical devices, gateways, and other connected products that require hardware-level trust.
Compliance-Driven Teams
Meeting customer or regulatory requirements for attestation, firmware validation, and device integrity without complexity.

Reduce Silicon Footprint

Minimize silicon area and cost with a lightweight security IP block optimized for constrained microcontrollers and low-end SoCs

Accelerate Integration

Streamline secure boot and device attestation integration using straightforward APIs and standard interfaces, freeing engineers for core tasks

Meet Compliance Easily

Quickly achieve industry and regulatory security standards by integrating proven, standards-based (TCG MARS) root-of-trust capabilities

Future-Proof Security

Leverage evolving cryptographic standards and open specifications to ensure your embedded products stay secure and relevant long-term

Lower Overall Costs

Eliminate external TPMs and reduce complexity, lowering both development and Bill-of-Materials costs for embedded products

Secure by Design

Implement secure boot, firmware attestation, and sealed storage directly into your silicon, protecting devices against counterfeiting, tampering, and unauthorized firmware

Lightweight, Configurable Security

QRoot Lite™ is optimized for minimal silicon footprint (~25k gates), making it ideal for resource-constrained microcontrollers and IoT SoCs.

Rapidly implement secure boot and attestation capabilities without significant area, cost, or complexity overhead.

Secure Boot & Firmware Integrity

Protect your devices at boot-time by ensuring only authorized firmware and software run, verified through trusted measurements and cryptographic signatures.

Prevent malicious software attacks, unauthorized access, and firmware tampering to safeguard critical device functionality.

Standards-Based Attestation

QRoot Lite™ fully aligns with the Trusted Computing Group’s MARS specification, providing standard attestation and measurement reporting (PCR/TSR).

Achieve compliance with industry standards effortlessly, enabling your product to meet rigorous security regulations and customer demands.

Sealed Storage (Key Protection)

Safely store cryptographic keys and sensitive data by cryptographically binding storage to the device identity and its verified state.

Ensure that secret keys remain protected even if hardware falls into unauthorized hands, safeguarding data against tampering and cloning.

Flexible Cryptography (Hash, MAC, KDF)

Choose from configurable cryptographic primitives, such as SHA-2 and NIST-approved lightweight algorithms like Ascon, tailored to your performance and security requirements.

Maintain cryptographic agility to ensure future-proof security as threats evolve and standards advance.

Hardware & Firmware Integration Simplicity

QRoot Lite™ integrates easily via standard industry interfaces (APB, AXI, SPI, UART) and provides a clean, intuitive firmware API compatible with the MARS command set.

Simplify the integration process, accelerating your development cycle, and freeing up your engineers for value-added innovation.

Trusted Sensor Readings (TSRs)

Use built-in Trusted Sensor Registers (TSRs) to verify sensor data integrity, ensuring critical sensor readings cannot be tampered with.

Establish trust in your IoT devices’ sensor data, enabling reliable decision-making and reducing vulnerability to cyberattacks and sensor spoofing.

Supply Chain & Device Provenance Security

Authenticate the integrity and authenticity of your devices throughout their lifecycle and across the supply chain using verifiable attestation and secure identity features.

Prevent device counterfeiting, unauthorized manufacturing, and supply chain infiltration, safeguarding brand reputation and customer trust.

Integration & Footprint

Estimated ~25k gates, optimized for low-area MCUs

Delivered as soft IP for rapid and flexible integration

No special processor modes or privilege levels required

Interfaces & Compatibility

Memory-mapped interfaces: APB, AXI, AHB-lite

Serial interfaces: SPI, UART

Firmware API compliant with TCG MARS command set (CBOR serialized)

Cryptographic Standards

Supports SHA-2, Ascon, and NIST – Hash/MAC/KDF

Compliant with TCG MARS 1.0 specification

Future-proof, cryptographically agile implementation

Operating Conditions

Ultra-low power optimized

Robust across typical IoT operating environments

Suitable for constrained embedded applications

Embed Security into Your Devices with Q-Root Lite™

QRoot Lite™ delivers trusted, standards-based security optimized for embedded MCUs and IoT products. Easily implement secure boot, attestation, and sealed storage in your designs without the complexity or overhead.

Talk to Crypto Quantique experts today to learn more or start your evaluation.

Download Silicon IP Products Brochure Contact sales

Search the site