Replay Protected Memory Block

A Replay Protected Memory Block (RPMB) is provided as a means for a system to store data to the specific memory area in an authenticated and replay protected manner and can only be read and written via successfully authenticated read and write accesses. The data may be overwritten by the host but can never be erased.^[1]

Use in computing systems

Since RPMB is tamper-resistant, it can be used as a storage medium for a variety of data-critical purposes on an embedded system:

A place to write "permanent" and/or "pre-programmed" data on a system without any programmable ROM storage, or if the data is too large for it.
Along with encryption and hardware fuses, it can also be used to build a trusted storage solution for a trusted execution environment^[2]
Anti-rollback protection for versioned data (keys, encrypted files, software, etc).^[3]
Storage for a Trusted Application^[3]

Some operating systems, such as Linux may provide a generic driver for accessing an RPMB device attached to an eMMC.^[4] However, in other cases the access to RPMB is controlled through a proprietary driver; this may require use of a Trusted Application instead of a normal application to access the data.^[3]

Logical unit addressing

The UFS specification allocates a "Well-Known LUN" identifier of 44h for the RPMB device.^[1] This can be represented as:

UFS LUN: WLUN_ID (80h) | UNIT_NUMBER_ID = C4h
64-bit SCSI LUN: WLUN_ID (C1h) | UNIT_NUMBER_ID = C1h 44h 00h 00h 00h 00h 00h 00h

Memory layout

An RPMB device supplies the following memory sections:

Section	Access	Size
Authentication Key	Write-only	32 bytes
Write Counter	Read-only	4 bytes (32 bits)
Data Area	Read/write	Multiple of 128 Kbytes*

* This is the minimum defined by the specification, the actual block size depends on the flash vendor's implementation.

References

^ ^a ^b JEDEC Standard No. 220
^ Raj, Himanshu; Saroiu, Stefan; Wolman, Alec; Aigner, Ronald; Cox, Jeremiah; England, Paul; Fenner, Chris; Kinshumann, Kinshuman; Loeser, Jork; Mattoon, Dennis; Nystrom, Magnus; Robinson, David; Spiger, Rob; Thom, Stefan; Wooten, David (August 10–12, 2016), "fTPM: A Software-Only Implementation of a TPM Chip", 25th USENIX Security Symposium, Austin, TX, USA{{citation}}: CS1 maint: location missing publisher (link)
^ ^a ^b ^c Cai, Liang, Guard Your Data with the Qualcomm Snapdragon Mobile Platform (PDF), retrieved April 19, 2021
^ Winkler, Thomas, Replay Protected Memory Block (RPMB) subsystem, retrieved April 19, 2021

[JESD220A-1] JEDEC Standard No. 220

[fTPM-2] Raj, Himanshu; Saroiu, Stefan; Wolman, Alec; Aigner, Ronald; Cox, Jeremiah; England, Paul; Fenner, Chris; Kinshumann, Kinshuman; Loeser, Jork; Mattoon, Dennis; Nystrom, Magnus; Robinson, David; Spiger, Rob; Thom, Stefan; Wooten, David (August 10–12, 2016), "fTPM: A Software-Only Implementation of a TPM Chip", 25th USENIX Security Symposium, Austin, TX, USA{{citation}}: CS1 maint: location missing publisher (link)

[qc-snapdragon-3] Cai, Liang, Guard Your Data with the Qualcomm Snapdragon Mobile Platform (PDF), retrieved April 19, 2021

[LinuxeMMC-4] Winkler, Thomas, Replay Protected Memory Block (RPMB) subsystem, retrieved April 19, 2021

[1]

[2]

[3]

[4]