RPMB - SD Association
Source: https://www.sdcard.org/developers/boot-and-new-security-features/replay-protected-memory-block
Archived: 2026-04-23 17:13
RPMB - SD Association
RPMB
Developers
SD Standard Overview
SD Family
Capacity (SD/SDHC/SDXC/SDUC)
Bus Speed (Default Speed/High Speed/UHS/SD Express)
SD Express Implementation Overview - In short videos and articles
SD Express Member Products
Boot and Extended Security Features (RPMB and TCG)
Boot (secured and fast)
TCG
RPMB
Speed Class
Application Performance Class
Low Voltage Signaling
Content Protection
Host Controllers
SDIO/iSDIO
Wireless LAN SD
TransferJet SD
ASSD
smartSD
Embedded SD
Application Formats
SD-Audio
SD-Video
SD-Binding
SD-SD
SD-SD eBook
SD Express / UHS-II Verification Program (SVP) Verified Product
How to Start Using SD Standards in Your Product
Use and Licensing
Developers
Developers
SD Standard Overview
SD Family
Capacity (SD/SDHC/SDXC/SDUC)
Bus Speed (Default Speed/High Speed/UHS/SD Express)
SD Express Implementation Overview - In short videos and articles
SD Express Member Products
Boot and Extended Security Features (RPMB and TCG)
Boot (secured and fast)
TCG
RPMB
Speed Class
Application Performance Class
Low Voltage Signaling
Content Protection
Host Controllers
SDIO/iSDIO
Wireless LAN SD
TransferJet SD
ASSD
smartSD
Embedded SD
Application Formats
SD-Audio
SD-Video
SD-Binding
SD-SD
SD-SD eBook
SD Express / UHS-II Verification Program (SVP) Verified Product
How to Start Using SD Standards in Your Product
Use and Licensing
Replay Protected Memory Block (RPMB)
RPMB is introduced to store data in an authenticated memory area for the purpose of protecting data from a replay attack or avoiding unexpected data updates.
SD Specification Part 1 v9.0 defines how RPMB may be used on SD memory cards, either through the SD protocol over the SD interface or through the NVMe protocol over the PCIe interface on SD Express cards.
The use of RPMB through the NVMe interface in SD Express cards is the same as defined in NVMe standards.
RPMB function is using a shared secret key between hosts and card therefore it is expected to be used mainly for OEM products using specific cards with specific hosts.
A special allocated memory area is set in the SD card for the RPMB data – named RPMB Unit/Target. Access to this area is allowed only after authenticating the card using the RPMB protocol and secret keys.
RPMB feature allows cards to have:
Secured Write Protect capability. RPMB restricts the use of the Write Protect features, Permanent Write Protect and Write Protect Until Power Cycle, to occur after performing RPMB authentication.
Secured access to the boot partitions for updating or erasing the boot code saved in either of the two boot partitions.
Two popular usages for RPMB are:
Software Version Authentication to Prevent a Downgrade Attack Software using RPMB
Secure Boot Prevention of undesired, or hacked, code from running on a device
Newly added memory structure for Boot and RPMB
RPMB
Developers
SD Standard Overview
SD Family
Capacity (SD/SDHC/SDXC/SDUC)
Bus Speed (Default Speed/High Speed/UHS/SD Express)
SD Express Implementation Overview - In short videos and articles
SD Express Member Products
Boot and Extended Security Features (RPMB and TCG)
Boot (secured and fast)
TCG
RPMB
Speed Class
Application Performance Class
Low Voltage Signaling
Content Protection
Host Controllers
SDIO/iSDIO
Wireless LAN SD
TransferJet SD
ASSD
smartSD
Embedded SD
Application Formats
SD-Audio
SD-Video
SD-Binding
SD-SD
SD-SD eBook
SD Express / UHS-II Verification Program (SVP) Verified Product
How to Start Using SD Standards in Your Product
Use and Licensing
Developers
Developers
SD Standard Overview
SD Family
Capacity (SD/SDHC/SDXC/SDUC)
Bus Speed (Default Speed/High Speed/UHS/SD Express)
SD Express Implementation Overview - In short videos and articles
SD Express Member Products
Boot and Extended Security Features (RPMB and TCG)
Boot (secured and fast)
TCG
RPMB
Speed Class
Application Performance Class
Low Voltage Signaling
Content Protection
Host Controllers
SDIO/iSDIO
Wireless LAN SD
TransferJet SD
ASSD
smartSD
Embedded SD
Application Formats
SD-Audio
SD-Video
SD-Binding
SD-SD
SD-SD eBook
SD Express / UHS-II Verification Program (SVP) Verified Product
How to Start Using SD Standards in Your Product
Use and Licensing
Replay Protected Memory Block (RPMB)
RPMB is introduced to store data in an authenticated memory area for the purpose of protecting data from a replay attack or avoiding unexpected data updates.
SD Specification Part 1 v9.0 defines how RPMB may be used on SD memory cards, either through the SD protocol over the SD interface or through the NVMe protocol over the PCIe interface on SD Express cards.
The use of RPMB through the NVMe interface in SD Express cards is the same as defined in NVMe standards.
RPMB function is using a shared secret key between hosts and card therefore it is expected to be used mainly for OEM products using specific cards with specific hosts.
A special allocated memory area is set in the SD card for the RPMB data – named RPMB Unit/Target. Access to this area is allowed only after authenticating the card using the RPMB protocol and secret keys.
RPMB feature allows cards to have:
Secured Write Protect capability. RPMB restricts the use of the Write Protect features, Permanent Write Protect and Write Protect Until Power Cycle, to occur after performing RPMB authentication.
Secured access to the boot partitions for updating or erasing the boot code saved in either of the two boot partitions.
Two popular usages for RPMB are:
Software Version Authentication to Prevent a Downgrade Attack Software using RPMB
Secure Boot Prevention of undesired, or hacked, code from running on a device
Newly added memory structure for Boot and RPMB