RE: Security vulnerability issues

Emil Lenngren — Wed, 20 Aug 2025 18:56:42 GMT

Regarding the first issue, I was pretty sure that issue was purely due to bad software and not the hardware itself? Note that the software feeds the hw a sequence of modular multiplications to perform, depending on the bits of the private key. The hw executes every individual modular multiplication in constant time, but the issue was that the software enqueues a different number of modular multiplications depending on the bit pattern of the private key. By changing the high level algorithm to one that always schedules the same number of modular multiplications, the result is that you get a constant time implementation, which resolves the issue, right?

RE: Security vulnerability issues

Einar Thorsrud — Mon, 18 Aug 2025 10:37:11 GMT

Hi,

Regarding CVE-2021-29415, this is not fixed in the nRF52840 HW. However, the risk is limited as this is mostly a theoretical attack, which may not be practical outside of a lab environment:

No other code can execute on the device at the same time.
Nordic acknowledges the weakness documented in CVE-2021-29415 about the Arm CryptoCell310 IP.
The nRF52840 was designed back in 2015 and physical attacks were not part of the threat model for the device.

Regardign CVE-2020-27211, this has been fixed in revision 3 of the nRF52840. See IN141 Informational Notice v1.1.

Best regards,

Einar