CC2745R10-Q1: About Persistent Keys Max

Kaichi Miyatake

Part Number: CC2745R10-Q1
Other Parts Discussed in Thread: SYSCONFIG

Tool/software:

In the SDK8.40 settings, I don't think you can select a value of 35 or more for the HSM Persistent Keys Max.

We were planning to store 118 keys in the HSM, so we are having trouble with the number of keys that can be registered.

No.1
In this case, is there any solution other than storing the key information in the data flash once and transferring it to the HSM each time an encryption calculation is performed?

Please let us know if there are any other solutions.

No.2
With the method in No.1, we need to store the key information in the data flash, so we are concerned about a decrease in security.

If we encrypt the information in the data flash, can we obtain the same confidentiality and tamper resistance as an HSM?

No.3
Are there plans to increase the number of keys that can be registered by updating the SDK?
If so, please tell us which version and how many.

No.4
How many times can HSM be rewritten?

5 months ago

0 Nima 5 months ago

TI__Genius 14745 points

Hello,

Kaichi Miyatake said:
In the SDK8.40 settings, I don't think you can select a value of 35 or more for the HSM Persistent Keys Max.

We were planning to store 118 keys in the HSM, so we are having trouble with the number of keys that can be registered.

You can store up to 35 keys in KeyStore, which is held in flash, not the HSM. The HSM can only hold 5 keys max.

HSM Asset Store is different from the PSA KeyStore. It's not clear in sysconfig, but they are two different locations.

Kaichi Miyatake said:
No.1
In this case, is there any solution other than storing the key information in the data flash once and transferring it to the HSM each time an encryption calculation is performed?

Due to the limited size of keys that the HSM can store, the keys will have to be stored in flash. However, one method to keep these keys in flash secure, is to store a private key in the HSM Asset Store and wrap the keys before storing them in non-volatile flash.

Kaichi Miyatake said:
No.2
With the method in No.1, we need to store the key information in the data flash, so we are concerned about a decrease in security.

The solution for this is what I stated above, wrap the keys when storing them in flash, and unwrap them when they are needed. That way, even if an attacker were to read out the keys, they will be encrypted by a private key inside the HSM which is irretrievable.

Kaichi Miyatake said:
No.3
Are there plans to increase the number of keys that can be registered by updating the SDK?
If so, please tell us which version and how many.

The number of keys stored in the HSM will not change (this is due to the limitations of HSM RAM space).

I've asked the team about if there are any plans to increase the amount of space for the PSA KeyStore (which is stored in a reserved region of flash).

Kaichi Miyatake said:
No.4
How many times can HSM be rewritten?

Do you mean the HSM firmware? Do you mind elaborating on this question?

Best,

Nima Behmanesh

0 Kaichi Miyatake 5 months ago in reply to Nima

Prodigy 110 points

Thank you for your response.

No.1
Sorry, I did not understand the difference between HSM Asset Store and PSA KeyStore.
Where is the API described for storing keys in the HSM Asset Store?

No.2
Is the API for storing keys stored in the HSM Asset Store in the data flash the following flow?
Or is this method storing the key stored in the PSA KeyStore in the data flash, which is not secure?
"KeyStore_PSA_setKeyId()" → "KeyStore_PSA_importKey()" → "KeyStore_PSA_initKey()" → "KeyStore_PSA_exportKey()" → "NVS_write()"

No.3
Understood.

No.4
We would like to know the number of endurance times that key information can be rewritten in HSM Asset Store and PSA KeyStore, respectively.

0 Kaichi Miyatake 5 months ago in reply to Nima

Prodigy 110 points

I would like to use PSA_KeyStore according to the sequence in the attached image.
Please allow me to ask additional questions based on this sequence.

No.5
Am I correct in understanding that PSA_KeyStore uses an HSM to store encrypted keys?

No.6
I believe the ExportData is a different encrypted value than the keyMaterial.
Can I import this and use it as the same key as when I imported keyMaterial?

No.7
I think the ExportData will be decrypted and converted back to the keyMaterial value and used for cryptographic calculations.
Am I correct in understanding that this decrypted key value never leaves the HSM?

Flow Image

0 Nima 5 months ago in reply to Kaichi Miyatake

TI__Genius 14745 points

Hello,

I will take a look at this and get back to you tomorrow.

Best,

Nima Behmanesh

0 Kaichi Miyatake 5 months ago in reply to Nima

Prodigy 110 points

Hi Nima,

How is the status of the confirmation?

We would appreciate it if you could respond as soon as the confirmation is complete.

+1 Nima 5 months ago in reply to Kaichi Miyatake

TI__Genius 14745 points

Hello,

Kaichi Miyatake said:
No.1
Sorry, I did not understand the difference between HSM Asset Store and PSA KeyStore.
Where is the API described for storing keys in the HSM Asset Store?

No.2
Is the API for storing keys stored in the HSM Asset Store in the data flash the following flow?
Or is this method storing the key stored in the PSA KeyStore in the data flash, which is not secure?
"KeyStore_PSA_setKeyId()" → "KeyStore_PSA_importKey()" → "KeyStore_PSA_initKey()" → "KeyStore_PSA_exportKey()" → "NVS_write()"

Please see this page for more information: KeyStore — SimpleLink Low Power F3 SDK BLE5-Stack User's Guide 3.03.04.00 documentation

There is no KeyStore API, you set it up via key lifetimes in PSA.psa.zip

I've attached a project file that contains the method of storing keys in the HSM. Note that these keys, once imported into the HSM, are no longer exportable.

Kaichi Miyatake said:
4
We would like to know the number of endurance times that key information can be rewritten in HSM Asset Store and PSA KeyStore, respectively.

PSA KeyStore is in a secured region of flash, so it would be the same amount of times you can write to flash before flash wears down. You can find this information in the TRM.

For HSM, I don't believe we have these numbers. Though, by rewritten, what do you mean? Do you mean how many times you can write before the HSM RAM starts wearing down?

Kaichi Miyatake said:
No.5
Am I correct in understanding that PSA_KeyStore uses an HSM to store encrypted keys?

You can use the PSA KeyStore (keys that are stored in flash, not the HSM) to store both wrapped and unwrapped keys (encrypted or plaintext).

For the HSM, you can send in a plaintext key, and receive a wrapped key back, which can be stored in flash safely. When it comes to using the wrapped key, the key will be sent to the HSM, where the HSM will internally unwrap the key and use it. All plaintext keys that are stored in the HSM can't be exported, so the HSM will use them internally, but the application will have no way to retrieve the actual key material.

Kaichi Miyatake said:
No.6
I believe the ExportData is a different encrypted value than the keyMaterial.
Can I import this and use it as the same key as when I imported keyMaterial?

See above.

Kaichi Miyatake said:
No.7
I think the ExportData will be decrypted and converted back to the keyMaterial value and used for cryptographic calculations.
Am I correct in understanding that this decrypted key value never leaves the HSM?

Yes, this understanding is correct.

Some key things to remember:

1. Plaintext keys stored in the HSM cannot be exported. However, plaintext keys stored in the HSM can be exported as encrypted key blobs that can be stored in flash. When these encrypted key blobs are sent to the HSM, the HSM will decrypt and use the key.

2. HSM Asset Store and KeyStore are two different locations. You can find more information about key lifetimes in the documentation I provided above.

Please let me know if you'd like me to clear anything up.

Best,

Nima Behmanesh

Bluetooth®︎

Bluetooth forum

CC2745R10-Q1: About Persistent Keys Max