Key Management

Key management is often the critical link in a secure system. Key management includes securely generating, distributing, and storing keys. The devices contain factory provisioned key material and X.509-complaint certificate that can be used to authenticate a device and provide a starting point for enrolling user keys.

Factory keys and passcodes are generated by a Microchip NIST-certified HSM and injected into the virgin devices in encrypted form after proving that the silicon wafers have been fabricated using the genuine Microchip design. Only the genuine Microchip device can decrypt the bitstream used to load the Factory keys and passcodes. During the design of each device, Microchip inserts a number of highly obfuscated secrets. When the devices are fabricated according to this design, the secrets are “baked” into the devices, and can be used by Microchip to provide assurance that they are legitimate devices made according to the correct design.

The devices include the following non-volatile memory blocks for storing the security keys and passcodes:

To improve the security of the non-volatile storage used, all passcodes are hashed and all keys are enciphered as key codes by the SRAM-PUF before being stored. The SRAM-PUF then reconstructs the decryption keys from the key codes before being used. Thus, an attacker who manages to somehow measure the states of the non-volatile cells or monitor a data bus to/from the non-volatile storage cannot directly learn the actual passcode or encryption key.

Multiple user-selectable key modes are available and a secure mechanism (SPPS) is provided to update encryption keys and passcodes.