Security Features

  • Secure Subsystem:
    • Secure Subsytem with Advanced Crypto Engine (ACE) for execution of various cryptography commands
    • Fast Crypto Engine for SHA-256, HMAC and AES-CMAC algorithms
    • Physical Protection Security Measures, including voltage tampers, temperature tampers and active shield circuitry
    • Sign/verify support:
      • ECDSA – P224, P256, P384 and 256-bit Brainpool elliptic curves
      • ECDSA – SECP256K1 (bitcoin/blockchain) curve
      • RSA 2048-bit signature generation and verification
      • RSA 3072-bit signature verification only
    • ECDH/ECDHE/ECBD key agreement support:
      • Elliptic Curve Diffie-Hellman (ECDH) support for P224, P256, P384 and 256-bit Brainpool
      • Elliptic Curve Burmeiseter-Desmedt (ECBD) support for P224 curve
    • Internal symmetric and asymmetric key generation and derivation:
      • P224, P256, P384 and 256-bit Brainpool
      • 2048-bit RSA keys
      • AES 16-byte keys
    • AES and RSA encryption/decryption support:
      • AES ECB/GCM encryption/decryption supported directly
      • RSA 1024-bit and 2048-bit keys encryption/decryption support
    • NIST SP800-90 A/B/C Random Number Generator (RNG)
    • 16 MHz SPI interface to communicate security commands between the core and the Secure Subsystem
    • Secure Subsystem’s authorization sessions can be used to prevent various kinds of attacks or denial of service
    • Secure Subsystem’s Advanced Crypto Engine algorithms have achieved JIL HIGH rating and are certified by FIPS as per Cryptographic Algorithm Validation Program (CAVP)
    • Secure Subsystem with FIPS 140-2 Level 2 with Physical Security Level 3 certification as per Cryptographic Module Validation Program (CMVP) [in progress]
  • Advanced Flash Security with CodeGuard™ Flash Security and Flash OTP:
    • Secure Boot Segment (BS) with immutability:
      • CodeGuard Flash Security and Flash OTP by Write Inhibit facilitates realizing secure boot with immutability and external tools (Debugger/ICSP™) will not have access to read/write/erase the Boot Segment:
        • Optionally, as per user configuration, it is possible to allow an external tool to read the Flash content
      • User code in General Segment (GS) will not be capable of reading/writing/erasing code in Boot Segment (with high-security setting) via Run-Time Flash Programming/Reading:
        • Ensures integrity of the boot code
      • Code in Boot Segment cannot modify itself with high security and write protection enabled
  • Secure firmware upgrade with CodeGuard™
    • CodeGuard provides protection for on-chip code Flash memory
    • Provides an environment to support secure methods for transmitting and receiving data in the customer end product
  • Additional Security Features Include:
    • Does not allow execution from RAM
    • Restricts ICSP programming/erasing operations for all of Flash memory when Flash OTP by Write Inhibit is activated, and cannot be deactivated