2 Overview

The TA101 security device interfaces with a host MCU to provide a hardened Root-of-Trust (RoT) with symmetric and asymmetric computation ability to facilitate multiple security-related capabilities within an automotive system. The algorithm summary tables referenced below highlight the individual cryptographic algorithms’ support within the device. These algorithms allow the following functional capabilities within the product:

  • Secure boot support: Validation of the host code image and host code signature validation. Support for both 128-bit and 256-bit security strength functions.
  • X.509 certificate storage, parsing and validation, supporting both ECC and RSA
  • Monotonic counters protected against tearing
  • Elliptic curves support: ECC
    • P-224 – Elliptic Curve Digital Signature Algorithm (ECDSA) sign, verify, KeyGen, Elliptic Curve Diffie–Hellman (ECDH) and Elliptic-Curve Burmester-Desmedt (ECBD)
    • P-256 – ECDSA sign, verify, KeyGen and ECDH
    • P-384 – ECDSA sign, verify, KeyGen and ECDH
    • P-521 – ECDSA sign, verify, KeyGen and ECDH
    • Ed25519 – EdDSA sign, verify and KeyGen
    • X25519 – KeyGen and ECDH
    • Secp256k1 (Bitcoin/Blockchain) – ECDSA sign, verify and KeyGen
    • 256-bit Brainpool – ECDSA sign, verify, KeyGen and ECDH
  • RSA Support:
    • 1024-bit, 2048-bit, 3072-bit, 4096-bit RSA-OAEP encrypt/decrypt
    • 2048-bit, 3072-bit, 4096-bit RSA signature generation and verification
    • 2048-bit, 3072-bit, 4096-bit RSA key generation and key derivation
  • ECDH key management capability with integrated KDF in Counter mode using HMAC-SHA256, HMAC-SHA384 or HMAC-SHA512
  • Multiple Key Derivation Functions (KDF) are supported
    • Includes PRF, HKDF, SP800-108 KDF and SHA-256 one-step KDF
    • TLS V1.2 – Full-session establishment support including PRF KDF in conjunction with host SW
    • TLS V1.3 – Full-session establishment support including HKDF in conjunction with host SW
    • Cryptographic support for HDCP V2.2 including two specific AES options for key management
  • Symmetric Cryptography and Algorithm Support
    • AES Key Generation (16 or 32 byte keys)
    • AES-ECB encryption/decryption (128-bit, 256-bit). Support for external API software implementation with host MCU of alternate ciphers CBC, CCM, Counter mode and others
    • AES-CMAC (128-bit, 256-bit) calculation and validation
    • Authenticated Encryption with Associated Data (AEAD) using AES-GCM (128-bit or 256-bit supporting single and split modes)
    • SHA-256, SHA-384, SHA-512 and HMAC-SHA256, HMAC-SHA384 and HMAC-SHA512 digest calculation
  • NIST SP800-90 Random Number Generator (RNG) – 256-bit security strength
  • Approximately 6k to 11k bytes of available user memory (varies with the number of stored keys)
  • I/O buffer with a maximum size of 1024 bytes
  • Advanced Crypto Engine (ACE) for Execution of All Cryptography Commands
  • Fast Crypto Engine (FCE) – High-speed hardware cryptographic functions
    • AES-CMAC (128-bit) calculation and validation at SPI bus speed (up to 16 MHz)
    • SHA-256, HMAC-SHA256 at SPI bus speed (up to 16 MHz)
  • Multiple I/O options for security commands include:
    • 1 MHz Standard I2C interface
    • 16 MHz SPI protocol, I/O type 0 and 3

The TA101 will be certified to the FIPS 140-3 certification scheme.

The TA101 was developed to achieve a vulnerability assessment rating of JIL High for the protection level of the private/secret keys in accordance with the vulnerability analysis scoring procedure defined in the specification: JIL-Application-of-Attack-Potential-to-Smartcards-and-Similar-Devices_v3-1.