Electronic device and methods supporting secure boot functionalities performed utilizing an unsecured System-on-Chip (SoC) are provided. In various embodiments, the electronic device contains an unsecured SoC, a locked off-chip Non-Volatile Memory (NVM) component, and an unlocked off-chip NVM component. An on-chip or first stage boot loader program is stored in a first on-chip memory area; and, when execute, causes an on-chip processor to loads an image of a cryptographic key, such as a public key, into a second on-chip memory area. The cryptographic key is stored in the locked off-chip NVM component, possibly in conjunction with a second stage boot loader program. The on-chip processor then utilizes the cryptographic key, alone or in combination with other data, as a root-of-trust to verify the authenticity of one or more software components, such as an operating system, stored in the unlocked off-chip NVM component prior to booting the software component(s).