2.2.1.1 Private Keys
ECC private keys are the fundamental building blocks of ECC Security. These keys are private and unique to each device and can never be read. ECC private keys are randomly generated by the secure element's TRNG and are securely held in slots configured as ECC private keys.
Primary Private Key
This is the primary authentication key. It is permanent and cannot be changed. Each device has its own unique private key.
This key is enabled for two primary elliptic curve functions:
- ECDSA Sign for authentication
- ECDH for key agreement. If encryption of the ECDH output is required, the IO protection key needs to be first set up. See Section 2.2.1.7 I/O Protection Key for setup details.
This private key is the foundation for the generation of the corresponding public key and the X.509 Certificates.
Secondary Private Keys
There are additional private keys that can be used for future use cases, such as additional service authentication.
These keys are enabled for the following primary elliptic curve functions:
- ECDSA Sign for authentication.
- ECDH for key agreement. If encryption of the ECDH output is required, the IO protection key needs to be first set up. See Section 2.2.1.7 I/O Protection Key for setup details.
- GenKey for overwriting the slot with a new internally-generated random private key.
While the primary private key and certificates are permanent, these other keys can
be overwritten with a new internally-generated private key (GenKey
command mode = 0x04) to enable key deletion, key rotation and remote provisioning.
The keys are also slot-lockable (KeyConfig.Lockable bit is set to zero), meaning the
Lock
command can be used in SlotLock mode to render the current
key permanent and prevent it from being changed by the GenKey
command. When performing key changes, Key Attestation is required to ensure to another system
that the device’s new public key being presented actually originated from the device
in question.
Key Attestation
The private key in slot 1 is configured as an internal sign-only key, which means it
can only sign messages generated internally by the GenKey
or
GenDig
commands and cannot be used to sign arbitrary external
messages. This feature allows the internal sign key to be used to attest to what
keys are in the device and their configuration/status to any system that knows (and
trusts) the internal sign public key.