• State Verified Answer
  • Replies 17 replies
  • Subscribers 70 subscribers
  • Views 8802 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 213624
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Saving root key on battery powered devices

bperrin2

Hi,

On battery powered devices, how is it possible to retain a root key when changing batteries? 

The crypto cell has an Always On power domain for retaining device secrets but it seems to work when crypto cell is disabled for power saving reasons. However, it doesn’t seems to retain keys when not powered. Or are the keys stored in flash zone only readable by the crypto cell?

If not what will be the proposed solution by Nordic?

Thanks in advance for your support.

Bernard

Parents
  • 0

    Hi,

    You cannot retain the root key within CryptoCell, and the nRF52840 does not have any secure flash, so you have to store it in (normal) flash. You are still able to keep the key in a reasonably secure manner using something like the following strategy:

    • Store the key in a reserved flash region.
    • Enable read-back protection using Control access port. This prevents a debugger from accessing the flash (the only way to disable it is to first do a full chip erase).
    • In the bootloader:
      • Read the key from flash and copy it to CryptoCell (secure always on RAM).
      • Enable ACL to protect the key so that it cannot be accessed by the application.

    The above procedure should keep the root key safe against most kinds of attacks, but it does not provide protection against decapping. If you need that, then the only option is to use an additional device, such as for example the OPTIGA Trust X instead.

  • 0 in reply to Einar Thorsrud

    Hi Einar - Thanks for covering this, it is appreciated. As a follow up, the CryptoCell as described in the nRF52840 reference manual can have a device root key (Kdr) set. Is it possible to store the asymmetric key pair to flash as you described, but encrypted to the CC310 Kdr? This would ensure it can only exist in RAM after being decrypted by the CC310, even if for some reason it was recovered from flash.

  • 0 in reply to Blake

    Hi,

    Unfortunately it will not work, as the Device Root Key also has to be configured after every reset. This is because the CryptoCell peripheral does not have any persistent (flash) memory.

Reply Children
No Data
Related