• State Resolved
  • Locked Locked
  • Replies 9 replies
  • Subscribers 53 subscribers
  • Views 740 views
  • Users 0 members are here
Support feedback
Options
Options
Similar topics

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

Cryptographic key provisioning

iVivek
Intellectual 350 points
Other Parts Discussed in Thread: CC2540

For my project I want to securely provision a unique AES key for each device (CC2540/50).

I have the following questions in this regard:

Can the AES module key store used to persistently store AES keys ?

If not, what is the preferred way of storing keys ?

Is is secure to store the Key in the EEPROM ?

How difficult is it for someone to physically extract the key from the EEPROM/AES key store.

How can I securely provision the keys on the device during manufacturing ?

 

  • 0
    TI__Guru** 105180 points
    Hi,

    The internal flash of the CC26xx can be considered secure when the Bootloader Backdoor is disabled. When the bootloader backdoor is disabled, the contents of internal flash cannot be read externally. See the Device Configuration section of the TRM (SWCU117).

    I would recommend storing the key in the last sector of flash (CCA) since this sector will typically not be erased as it contains the CCFG. You would need to reserve a location in flash to hold the key, then implement a test command that receives & programs the key to internal flash.

    You can also use the SNV driver to store board specific / custom parameters. More details can be found in the BLE SW Developer's Guide (SWRU393).

    Best wishes
  • 0
    TI__Mastermind 29650 points
    You should also disable JTAG access to ensure keys cannot be read out again.
    More info can be found as Jeff mentions in Chapter 9 - Device Configuration of the Technical Reference Manual: www.ti.com/.../swcu117a.pdf
  • 0 in reply to svendbt
    Intellectual 350 points

    Thanks and for the answer. 

    can you please provide some pointers for more info on the "test commands" you mentioned. I did not find any much info in the TRM or Developer Guide.

    --

    Regards,

    Vivek

  • 0 in reply to iVivek
    TI__Guru** 105180 points
    Hi Vivek,

    Test commands are what you would need to implement in your app to ingest the key. One way would be via UART. There is an example on how to add UART to your project on the BLE wiki (www.ti.com/ble-wiki). However, the example is not specific for any higher level protocol - you would need to define the mechanism / protocol over UART based on your system's requirements.

    Best wishes
  • 0 in reply to JXS
    Intellectual 350 points

    My understanding was that CCA is part of the internal flash. Do you mean that the CCA is not part of the internal flash and needs to be accessed over the UART ?

    Can you please point me to some application code which uses CCA to store some data?

  • 0 in reply to iVivek
    TI__Guru** 105180 points
    No, CCA is part of internal flash. It's the last sector. UART would not directly access flash, you would receive data over UART in your app, then write the contents to flash. No example code exists for this specifically, but you could define a region in the linker to hold your key, then use the FlashProgram APIs in driverlib (CC26XXWARE) to write the contents to flash.

    Best wishes
  • 0 in reply to JXS
    Intellectual 350 points

    Instead of adding UART support in the App can the same thing be achieved using the Bootloader interface(COMMAND_DOWNLOAD and COMMAND_SEND_DATA) ?

    So it will work this way:

    1. Reserve space in the CCA while building the app.

    2. During manufacturing, firmware is first flashed on the internal flash and then per device unique key is sent to the bootloader and flash it in the CCA.

    (I am assuming here that COMMAND_DOWNLOAD and COMMAND_SEND_DATA commands can be use to write to the CCA)

    3. Send bootloader commands to write the CCFG to disable Bootoader, Jtag and write protect the CCA area where the key is stored.

    Will this work ?

    --

    Vivek

  • 0 in reply to iVivek
    TI__Mastermind 29650 points

    iVivek said:
    1. Reserve space in the CCA while building the app.

    You can either do this trough the linker file or create an array with 0xFF's at your desired location in your application:

    const someArray[128] @ "0x0001F000" = {0xFF,0xFF......};

    iVivek said:

    (I am assuming here that COMMAND_DOWNLOAD and COMMAND_SEND_DATA commands can be use to write to the CCA)

    Correct.

    iVivek said:

    3. Send bootloader commands to write the CCFG to disable Bootoader, Jtag and write protect the CCA area where the key is stored.

    Will this work ?


    Yes, this should work. You can also use COMMAND_DOWNLOAD/SEND_DATA to write the CCFG area as well if you want to simplify your boot loader program.

    Regards,

    Svend

  • 0 in reply to svendbt
    Intellectual 350 points
    Thanks a lot and