• State
  • Locked Locked
  • Replies 5 replies
  • Subscribers 43 subscribers
  • Views 1912 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

Random Numbers, Cryptography and SimpleLink API

Frank Pilhofer
Prodigy 130 points
Other Parts Discussed in Thread: CC3200, UNIFLASH

Hi,

a few quick questions:

  1. Does the CC3200 include a hardware random number generator?
  2. Does each CC3200 device have an immutable unique identifier such as a serial number?
  3. Do you have recommendations for ensuring that certificate files in flash are not tampered with?
  4. Given that the network processor already has hardware acceleration for cryptographic functions, are you considering to offer a SimpleLink API for standalone cryptographic functions (e.g., for digital signatures)?
  5. Are you planning to move the SimpleLink library or parts thereof into ROM?

Thank you,

Frank

  • 0
    TI__Expert 4345 points

    Frank,

    Good questions, please see answers below:

    1. Does the CC3200 include a hardware random number generator?

    CC3200 includes a hardware random number generator. It is used by the network processor, and cannot be accessed by the application directly.

    2. Does each CC3200 device have an immutable unique identifier such as a serial number?

    Yes. This can be implemented using DIEID is visible in the MCU memory map [GPRCM_DIEID_READ_REG3. Note than WLAN MAC ID is also visible in MCU memory map [GPRCM_DIEID_READ_REG5, GPRCM_DIEID_READ_REG6]

    3. Do you have recommendations for ensuring that certificate files in flash are not tampered with?

    Certificate files in the serial flash are encrypted automatically by the network processor using a device specific key so they cannot be read or modified by the user. However, they could be deleted or replaced by other certificate files. 

    4. Given that the network processor already has hardware acceleration for cryptographic functions, are you considering to offer a SimpleLink API for standalone cryptographic functions (e.g., for digital signatures)?

    My understanding is that Digital signature require hash function and public/private key encryption. Public/private key are not accessible from the Host Processor in the current version of the device.

    5. Are you planning to move the SimpleLink library or parts thereof into ROM?

    No.

  • 0 in reply to Adnan
    Prodigy 130 points

    Adnan,

    thank you very much for your response.

    I have a few follow-up questions:

    1. If the network processor has a RNG, would it be an idea to add a Simplelink API function that reads random numbers from the network processor and returns them to the application?

    2. Excellent, thank you.

    3. I am not sure I understand. When I install certificate files, e.g., the server's root certificate, I just upload them using Uniflash, and neither Uniflash nor the device is aware that any file is a certificate file until at runtime, in a call to sl_SetSockOpt(). At what point is the file encrypted? Should I use a different process instead?

    Thank you,

    Frank

  • 0 in reply to Frank Pilhofer
    TI__Expert 6005 points
    Hi Adnan,
    Any update WRT the request to add a Simplelink API function to provide a random number back to the application? I also have a customer requesting this.
    Thanks, Merril
  • 0 in reply to Newman
    Prodigy 40 points

    Hi,

    yes also for my project I need to read a RND generated by network processor from M4 application processor. So please, there is a follow up on this item ?

  • 0 in reply to Gabriele Merlonghi2
    Expert 1100 points
    Hi,

    I also need access to the RNG for encryption.

    Yuval