ECC private keys are the fundamental building blocks of ECC Security. These keys are private and unique to each device and can never be read. ECC private keys are randomly generated by the secure element's TRNG and are securely held in slots configured as ECC private keys.
This is the primary authentication key. It is permanent and cannot be changed. Each device has its own unique private key.
This key is enabled for two primary elliptic curve functions:
This private key is the foundation for the generation of the corresponding public key and the X.509 Certificates.
There are additional private keys that can be used for future use cases, such as additional service authentication.
These keys are enabled for the following primary elliptic curve functions:
While the primary private key and certificates are permanent, these other keys can
be overwritten with a new internally-generated private key (GenKey
command mode = 0x04) to enable key deletion, key rotation and remote provisioning.
The keys are also slot-lockable (KeyConfig.Lockable bit is set to zero), meaning the
Lock command can be used in SlotLock mode to render the current
key permanent and prevent it from being changed by the GenKey
command. When performing key changes, Key Attestation is required to ensure to another system
that the device’s new public key being presented actually originated from the device
in question.
The private key in slot 1 is configured as an internal sign-only key, which means it
can only sign messages generated internally by the GenKey or
GenDig commands and cannot be used to sign arbitrary external
messages. This feature allows the internal sign key to be used to attest to what
keys are in the device and their configuration/status to any system that knows (and
trusts) the internal sign public key.