Jump to main content
Security Features
Flash OTP by ICSP Write Inhibit
On-Chip Secure Boot Flash
Configurable as an Immutable Root-of-Trust
Parts of the Flash memory
can be configured as OTP
Capable of
Secure boot support:
Validation of host code image and host code signature validation
Secure update support for
host code: Secure encryption key storage and image decryption
X.509 certification
storage, parsing, validation and revocation, supporting both ECC and
RSA
128-bit Unique Device Serial
Number for Identification (UUID)
Support for Secure Use Cases:
Secure boot
Key Storage in IRT/Immutable secure boot region for realizing:
Secure boot
Secure firmware update
Secure debug
Secure debugging
Flash Protection
Configuration of up to
eight Flash protection regions across ranges of Flash addresses
Regions can be configured
as
Immutable
Root-of-Trust (IRT)
OTP region
A combination of
R/W/X protections.
Regions can be
Made
permanent
Locked until
device Reset
Enabled/disabled
during code execution
Flash protection regions
can apply to
The active
partition
The inactive
partition
Both
Cryptographic Accelerator
AES-128, AES-192 and
AES-256: Fully compliant with NIST FIPS 197
ECB, CBC, CFB,
OFB, CTR, GCM, CCM, XTS and CMAC Modes
HASH/HMAC
SHA-1, SHA-256, SHA-224, SHA-384 and SHA-512 capability
Public Key Cryptography:
RSA, DSA and ECC
RSA with/without
Chinese Remainder Theorem (CRT); up to a 4096-bit key
length
DSA support up to
a 2048-bit key length
ECDSA Sign/Verify
with
Prime
field P-192, P-224, P-256, P-384, P-521
Binary
field K-163, K-233, K-283, K-409, K-571
Binary
field B-163, B-233, B-283, B-409, B-571
EdDSA with
Edwards Curves
JPAKE and
SRP-based password authenticated key exchange protocols
Rabin Miller
primality test
Elliptic Curve
Diffie Hellman (ECDH/ECDHE) key agreement
NIST-800-22 and
NIST-800-90B compliant True Random Number Generator (TRNG)
Key generation compliant
with NIST-800-133 and NIST-186-4
CAVP certification
capable
The online versions of the documents are provided as a courtesy. Verify all content and data in the device’s PDF documentation found on the device product page.