This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Does nRf52840 implements the whole Arm TrustZone CryptoCell-3xx?

Hi:

As we are going to use nRF52840 on our product, we were trying the check the HW security implemented in the chip. nRf52840 implemented Arm TrustZone CryptoCell-310 in its silicone; but, the API does not show the complete set of functionality ARM promises with Arm TrustZone CryptoCell-3xx family. For example, is TEE and REE implemented in the nRf52840? If yes, are you going to release API for it? I could not find any resources for Arm TrustZone on nRf52840.

Best,

Mahmoud

0 Frank Audun Kvamtrø over 6 years ago

The name TrustZone® is a registered trademark of ARM® that might mean more than one thing. In context of nRF52840 devices we only supply the crypto toolbox functionality as an IP block (e.g. HW accelerated cryptography and secure key derivation). This is not the full Trusted Execution Environment as described by ARM® TrustZone®, which is coupled to the ARMv8-M architecture. I can understand that this brand name might lead to some confusion. In the nRF52840 design we have platform security mechanisms together with features provided by the CC310 which provides HW-accelerated Secure Boot with a solid Root-of-Trust, as well as a generic HW accelerated cryptographic engine used by the application.

We do have an upcoming device that does provide Trusted Execution Environment through TrustZone®. This is a Nordic Semiconductor SIP built on the ARM® Cortex M33 architecture design, bundled with the ARM® TrustZone® CryptoCell-310 Security IP core. This is however in a product for NB-IoT (cellular IoT).

For more information about this device, please see the following links:

www.nordicsemi.com/.../Nordic-nRF91-low-power-cellular-IoT-sneak-peek-cellular-made-easy-cellular-for-everything-else
www.nordicsemi.com/.../nRF91-SiP-Series
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel