Systems and techniques are provided for image authentication for secure boot. For example, a process for image authentication for secure boot can include: obtaining an expected tag image comprising an expected tag corresponding to an image to be loaded into memory; loading the expected tag into a first memory region corresponding to a hardware memory authenticator; loading, by the memory controller, the image into a second memory region; providing an authentication indication to the hardware memory authenticator, wherein the authentication indication triggers the hardware memory authenticator to authenticate the image; reading a portion of the image from the second memory region; generating, at the hardware memory authenticator, an authentication tag corresponding to the portion of the image; and performing a comparison of the authentication tag and the expected tag to obtain an authentication result, wherein, the authentication result is a successful match, and the portion of the image is authenticated.