• State TI Thinks Resolved
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 17 subscribers
  • Views 426 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

CC1352P: Crypto Key Store and persistent memory

Robert Keith
Prodigy 215 points
Part Number: CC1352P

Hello,

I was reading through the cryptography peripheral and I am curious about how keys are stored. I may have been reading the documentation incorrectly, but it seems to me that the private keys generated on device are not stored in a secure element in this peripheral which is persistent through a power loss scenario? The key must be copied to NVS and then reloaded into the keystore area. Is this correct or is there a protected, persistent memory block which the keystore has exclusive access to and stores private keys in?

Thanks,

Robert

  • 0
    TI__Mastermind 23730 points
    Hi Robert,

    I will ask the drivers team regarding key storage for crypto. I will come back to you when I hear from them.
  • 0 in reply to Severin Suveren
    TI__Mastermind 23730 points

    Your reading is correct, private keys are not stored in a secure element which is persistent through standby. There are two types of keys that can be used with CC13x2/CC26x2 devices:

    • Asymmetric (ECDH, ECDSA, ECJPAKE)
      • Public/private key pair.
      • There is no form of secure element (key store) for them. They must be stored in RAM/FLASH/NVS.
    • Symmetric
      • 128 or 256 bits.
      • There is a secure element (key store) for them. However, we do not expose it because it does not have retention and will be wiped whenever we go into standby. The drivers reserve slots 6 and 7 for internal use and upload the key every time you want to do an operation and then wipe it again. This is what most customers end up doing anyway since they have no guarantee the key is still there. Customers that do not care about power and never go into standby can use it but will need to write their own drivers or modify ours.