¶ºÒõ¹Ý

TrustCore SDK empowers developers to build secure, trusted devices. With NanoROOT, we’re extending that capability even further. NanoROOT is a software Root of Trust (RoT) that brings hardware-grade trust to devices—even those without TPMs, TEEs, or dedicated secure elements.

What is NanoROOT?

NanoROOT leverages Physically Unclonable Function (PUF) techniques to derive a unique, tamper-resistant cryptographic context directly from a device’s immutable hardware traits. With this, developers can:Ìý

• Create device-specific identitiesÌýwithout requiring a hardware secure element.Ìý

• Manage keysÌýfor signing, encryption, and verification in a trusted environment.Ìý

• Seal and unseal dataÌýso that only the originating device can access it.Ìý

• Enable secure storageÌýfor protecting sensitive operations.Ìý

NanoROOT brings hardware-grade trust to devices that lack TPMs, TEEs, or other dedicated secure elements.

Why this is exciting

NanoROOT doesn’t just extend the reach of TrustCore SDK—it opens up new possibilities for securing devices that were previously difficult or impossible to trust. By enabling software-based roots of trust, NanoROOT delivers three key advantages:ÌýÌý

1. Expanded device coverage:ÌýDevices without built-in secure elements can now establish a software RoT.Ìý
2. Future-ready:ÌýWith support for RSA, ECDSA, and ML-DSA algorithms, NanoROOT helps position devices for quantum-safe transitions.
3. Developer-friendly:ÌýAvailable as part of TrustCore SDK with ready-to-run utilities for fast evaluation and integration.Ìý

How developers can use NanoROOT

NanoROOT is available through TrustCore SDK APIs, making it easy to embed trusted operations into applications and devices. Developers can use it to:

• Manage keys:ÌýGenerate, import, and use cryptographic keys in a context that is tied to the device itself, ensuring they cannot be cloned or misused outside their origin.

• Protect data:ÌýSeal and unseal sensitive information so that it remains accessible only to the specific device that created it.

• Perform signature operations:ÌýExecute signing and verification using a unique, device-derived cryptographic context, providing assurance that operations are genuine.

• Enable secure identity for legacy devices:ÌýExtend trust to brownfield or legacy deployments that lack secure elements, giving them a reliable way to participate in modern security ecosystems.

Why this matters

Every device tells a story. With NanoROOT, that story begins with a root of trust foundation built openly, developed collaboratively, and designed for the future of device trust.Ìý

To explore what this means for your projects, visit the , and dive into the to start building with NanoROOT today.