sNVM Master Key (SMK)

The sNVM master key (SMK) is a 512-bit symmetric key for securing the content of the sNVM. It is the concatenation of a 256-bit key used for authentication and another 256-bit key used for encryption. It is randomly self-generated on each device, so it is unique for each device. The key is stored as an encrypted and authenticated key code in the pNVM using the PUF key-wrapping mechanism. It is the primary key used for the optional user-specified authentication or authenticated encryption of sNVM pages using AES and the synthetic initialization vector (SIV) cipher mode. SIV mode effectively incorporates a tweak that allows each page to be encrypted and authenticated with different resulting ciphertext and authentication tags, even if the plaintext contents are the same. For more information, see Secure Non-Volatile Memory (sNVM).

Note: The authenticated writes to the sNVM using the system services pass only after the SMK (sNVM Master Key) is successfully generated by the device. To generate the SMK, program the device with an authenticated client in sNVM using Libero SoC. When the SMK is generated, it can be used for performing authenticated writes to the sNVM through system services firmware.

Note: When the SMK is generated, it can be modified, but not deleted. Every time authenticated/ciphertext sNVM clients are programmed through Libero SoC/FP Express. SMK key is re-generated or initialized on new blank device. SMK cannot be generated using system services.