Will there be new silicon version of nrf52 to fix this APPROTECT loophole

RE: Will there be new silicon version of nrf52 to fix this APPROTECT loophole

Thomas Peter — Wed, 12 Jan 2022 16:36:19 GMT

I just found https://infocenter.nordicsemi.com/pdf/in_142_v1.1.pdf and other notices that confirm this.

RE: Will there be new silicon version of nrf52 to fix this APPROTECT loophole

Thomas Peter — Wed, 12 Jan 2022 16:16:09 GMT

nRF52832 hardware revision G and nRF52840 hardware revision B appear to address this issue. Has this loophole been closed in these hardware revisions?

RE: Will there be new silicon version of nrf52 to fix this APPROTECT loophole

Hung Bui — Mon, 15 Jun 2020 13:39:43 GMT

At this moment we don't have a plan to release a new version of silicon of the nRF52 to prevent this voltage fault infection technique.

I just want to emphasise that this attack tampering the voltage condition outside of the normal operation condition of the chip and most of the standard microcontroller circuits don't have protection against this type of attack.

RE: Will there be new silicon version of nrf52 to fix this APPROTECT loophole

Torsten Robitzki — Mon, 15 Jun 2020 13:09:36 GMT

Hi Hung,

yes there one essential question open: Are there plans to fix this issue in a future hardware version? (and if so, when can we expect to have them available?)

According to the cited article above, Nordic knows about this issue for 2 month. So I'm sure, that Nordic has plans to either fix this, or to not fix this. Not letting us know, how Nordic is going to handle this, feels unfair.

Our bootloader used AES GCM, to both decrypt and sign the binaries with a symmetric key that needs to stay private.

RE: Will there be new silicon version of nrf52 to fix this APPROTECT loophole

Hung Bui — Mon, 15 Jun 2020 12:55:19 GMT

Hi Torsten,

We have released the official Information Notice as pointed by Hugh.
If you have a specific questions please let me know. You may want to convert the case to private if there is sensitive information.

Regarding protecting keys for signed firmware update, please be aware that the key for DFU update stored the bootloader is the public key. The expose of this public key wouldn't compromise the security protection of the Secure DFU signing scheme. The public key is only used to verify the authenticity and integrity of the image. The attacker can't use this public key to generate his own DFU package.

RE: Will there be new silicon version of nrf52 to fix this APPROTECT loophole

hmolesworth — Fri, 12 Jun 2020 17:09:39 GMT

There is an updated report from Nordic here: in_133_v1.0.pdf

What are the implications for crypto keys?

RE: Will there be new silicon version of nrf52 to fix this APPROTECT loophole

Hung Bui — Fri, 12 Jun 2020 11:49:49 GMT

Hi Torsten,

We are fully aware of the attack's disclosure and your concern. We will release a public statement about this attack and the effect on our chip soon. I will keep you updated when we have the statement published. We will continue the discussion after we have the public statement.