4.1 HSM

HSM on the PIC32CK SG01/SG00 family of microcontrollers presents a wide variety of cryptographic features and security functions. Offers high-performance accelerators for cryptographic functions, secure key storage capabilities, secure boot and debug functions, and real-time clock with integrated tamper response features. The ability to integrate an HSM would strengthen the developers' ability to add security to their products while fighting off malicious cyber threats and attacks of various kinds.

The following are the key features of HSM on the PIC32CK SG01/SG00:

1. High-Performance Cryptographic Accelerators: The HSM includes hardware accelerators for various cryptographic algorithms, providing high performance and efficiency for security operations. Some supported algorithms are AES, TDES, ChaCha20, SHA-1, SHA-2, Poly1305, RSA, and ECC.
2. Secure Non-Volatile Key Storage: The HSM provides secure storage for cryptographic keys in non-volatile memory. This ensures that keys are protected from unauthorized access and tampering, even when the device is powered off.
3. Secure Boot: The HSM supports secure boot functionality, which ensures that the microcontroller only executes authenticated and authorized firmware. This prevents the execution of malicious or tampered code.
4. Secure Debug: The HSM includes secure debug features that allow for secure debugging of the microcontroller. This ensures that sensitive information is not exposed during the debugging process and that debug access can be restricted or disabled based on security policies.
5. True Random Number Generator: It includes a hardware-based TRNG for generating high-quality random numbers. These random numbers are essential for cryptographic operations, such as key generation and nonces.
6. Tamper Response Module: The HSM includes a tamper response module that detects physical tampering attempts and can trigger responses, such as erasing sensitive data or entering a secure state to protect against unauthorized access.