nRF52840 and the Root of Trust

RE: nRF52840 and the Root of Trust

Einar Thorsrud — Wed, 03 Oct 2018 13:01:12 GMT

Hi Thomas,

The CC310 core in the nRF52840 does not have any secure flash (only secure RAM), so it cannot hold a private key during power cycles. Therefore, your only option is to store the private key in normal flash and provision CC310 on every boot. The key can still be protected so that it cannot be read by a debugger nor accessed by the application as I have described in this post, but it does not offer any protection against decapping. This may or may not be secure enough, depending on the use case.

Einar

RE: nRF52840 and the Root of Trust

Thomas Peter — Tue, 02 Oct 2018 10:12:28 GMT

Dear Bjørn

Can you give us an update on the nRF52840 and the Root of Trust?

We are also working on a project that requires maximum security and trust. Is it possible to securely handle private keys with the nRF52840 and its CryptoCell 310?

If yes, where and how is the private key held (how is the Root of Trust implemented)?

Also if yes, is example code available?

Thank you and best regards

Thomas

RE: nRF52840 and the Root of Trust

Bjørn Kvaale — Fri, 13 Oct 2017 09:30:25 GMT

Update from the expert: "A correction to what I wrote earlier (my mistake mixing some terms). nRF52840 will not have the TrustZone as described in the ARM documentation. That requires Armv8 (M23 or M33) while nRF52840 will have a Cortex M4F. I should have written: “Whether this solution will be Secure Boot as described by ARM, or something ...” instead of referring to Trust Zone. This mix-up has been updated in the answer above.

Regarding your question: “…what is available with the HW available on nRF52840”. For this the answer is: This is fixed but not yet ready to be published."

RE: nRF52840 and the Root of Trust

Gregor Bader — Thu, 12 Oct 2017 06:27:20 GMT

Hi Bjørn,

Thank you for this information. For "... what is available with the HW available on nRF52840", is this already fixed or still under discussion or not yet ready to be published?

RE: nRF52840 and the Root of Trust

Bjørn Kvaale — Thu, 12 Oct 2017 06:11:34 GMT

Got this answer from an expert here at Nordic: "Answer to your question is “something in between”, at least in the timeframe of the next few months for when we are releasing nRF52840. We will have some example code showing how to do Root of Trust, but I will not guarantee that we will have a full RoT solution integrated with the rest of our infrastructure in this timeframe. Whether this solution will be Secure Boot as described by ARM, or something else has not been concluded. The design goal for this implementation would be to give a solution that shows the potential of what is available with the HW available on nRF52840.

There will as well be documentation describing how to implement a Root of Trust solution using the features available on the nRF52840 chip."