This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Dynamic key management for encryption and decryption

Hi all,

Would like to know that is there anything that is similar to TrustZone, which the key is not hardcoded in the application program, installing the key file like the hex file? Moreover, if something like that exist, is there anyway to modify it via the application program? Thanks

Best regards,

MLai

0 Einar Thorsrud over 5 years ago

Hi MLai,

The nRF52840 does not have a concept of secure / non-secure that you get from TrustZone in the nRF53 series. Also, there is no key management unit. If you need such features, then it may be worth looking at the nRF5340 instead.

Regarding what the nRF52840 can do, it has the ACL which can be used to prevent read access to flash. So for instance, you can store a key in a flash page that is read early in the boot process and lock that region from reading later on. That key could either be used directly, or could be pushed to the CC310 to be used as a root key. The application could then later on use that key without ever accessing the root key, as that was locked down using ACL early in the boot process.

Einar
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel