Calculate CMAC using KMU and nrfx library

RE: Calculate CMAC using KMU and nrfx library

Sigurd Hellesvik — Thu, 06 Jul 2023 11:21:33 GMT

Hah, nice that you saw my answer on the minute

I hope that you find it useful,
And good luck with your continued developement!

RE: Calculate CMAC using KMU and nrfx library

GiulianoFranchetto — Thu, 06 Jul 2023 11:18:50 GMT

Hi Sigurd,

Thanks for the blog post 🙂

RE: Calculate CMAC using KMU and nrfx library

Sigurd Hellesvik — Thu, 06 Jul 2023 11:17:27 GMT

lseg

Better late than never as they say:

Persistent storage of keys and data using the nRF Connect SDK

RE: Calculate CMAC using KMU and nrfx library

Sigurd Hellesvik — Tue, 29 Nov 2022 13:50:09 GMT

Hi,

[quote user="lseg"]Hi, is there any progress on this secure storage blog post?[/quote]

We try to publish security-related content in a planned manner, which is why this has not been published yet.
However, I hope that this blog-post will be out some time this winter.

To allow me to best suggest a solution for your key storage, can you explain what you intend to use the ECC key for?

Regards,
Sigurd Hellesvik

RE: Calculate CMAC using KMU and nrfx library

Sigurd Hellesvik — Mon, 28 Nov 2022 15:07:20 GMT

Hi,

I have been on vacation for the past couple weeks.

But now I am back, so I will have a look at this tomorrow.

Regards,
Sigurd Hellesvik

RE: Calculate CMAC using KMU and nrfx library

lseg — Tue, 15 Nov 2022 10:42:50 GMT

Hi, is there any progress on this secure storage blog post?

I am wondering what I can do if I want to store ECC keys. Could I use KMU for this? Is it correct that I could use KMU to store any key, but the biggest problem is that KMU can only pass symmetric keys through HW to the cryptocell (I am using the nRF53)?

So my only option for ECC keys would be to use ITS (Internal Trusted Storage) using the Platform Security Architecture (PSA) APIs?

Is the use of ITS by PSA still under development as you noted 1 year ago?

Is it also correct to say that this ITS is a part of flash storage where things will be stored encrypted (AES?). So for example if I want to store my ECC key there, it will be encrypted and stored in flash. If I want to use it, it will be read from flash, decrypted to a variable, and this variable would be used as an input for my ecc encryption or decryption function? So it will reside in memory for a short amount of time. There is no way to direct it to the cryptocell HW immediately?

Kind regards,

RE: Calculate CMAC using KMU and nrfx library

Sigurd Hellesvik — Fri, 16 Sep 2022 07:12:21 GMT

Hi again GiulianoFranchetto

The blog-post on secure storage is not ready yet.
But one of the per-cursors for many of the types of secure storage is Trusted Firmware-M.
Recently I posted a blog on An Introduction to Trusted Firmware-M (TF-M). Maybe you find this useful.

Regards,
Sigurd Hellesvik

RE: Calculate CMAC using KMU and nrfx library

Sigurd Hellesvik — Wed, 23 Mar 2022 14:43:06 GMT

I am still working on a blog post on secure key storage, but I am unfortunally not done yet.
Thank you for checking on it!

Just a couple of points I learned while working on this which could be relevant to you from your previous questions:

If you want to store keys in ITS, just use the PSA Crypto API.
For example as it is done in the Persistent key storage Sample.

ITS is for saving data securely to internal flash.

While Protected Storage is intended for saving data to external flash.
This is showcased in the Zephyr Protected Storage Sample.

Regards,
Sigurd Hellesvik

RE: Calculate CMAC using KMU and nrfx library

GiulianoFranchetto — Tue, 22 Mar 2022 11:21:38 GMT

Hi Sigurd,

Was there any progress on this subject?

Regards

Giuliano

RE: Calculate CMAC using KMU and nrfx library

GiulianoFranchetto — Mon, 08 Nov 2021 15:42:14 GMT

Hi,

[quote userid="106736" url="~/f/nordic-q-a/81504/calculate-cmac-using-kmu-and-nrfx-library/337983#337983"]This is a great idea! I will see if I can make such a "guide". I can not make any guarantees for when this is done, but thanks for the suggestion.[/quote]

Glad you love the idea 🙂

Can't wait for that guide, before I'll need to rework all of my security/crypto code!

Regarding security, I'd prefer to be as secure and efficient as possible.

If I can be of any help, feel free to ask.

I'll keep the ticket open if you don't mind, so we can keep track of the progress on either the guide or suggestions/ideas coming from the community.

Regards

Giuliano

RE: Calculate CMAC using KMU and nrfx library

Sigurd Hellesvik — Mon, 08 Nov 2021 15:37:38 GMT

[quote user="GiulianoFranchetto"]With ITP available, when should we use Hardware Unique Key ?[/quote]

For the nRF91 series and nRF53 series, the HUK library use the KMU peripheral.
The CryptoCell can access keys in the KMU directly, without using the application as a middleman.

The ITS library stores its keys in secure flash. To learn how these are secured, see Internal Trusted Storage (ITS) Service.

Even though both keys should be secure, the ones stored by HUK are more secure, because of the fact that they are separated by hardware.

Also, remark that TF-M is still under developement, and that for ITS:
"Currently, the TF-M Secure Storage service implements PSA Protected Storage version 1.0-beta2. There is not yet an implementation of PSA Internal Trusted Storage in TF-M." [1]

So there you have yet another abbreviation: PSA Protected Storage (PS)

[quote user="GiulianoFranchetto"]Could it be possible to have a small table to know when to use which module? Like taking usual use cases for any device on the field, and recommend which module to use?[/quote]

This is a great idea! I will see if I can make such a "guide". I can not make any guarantees for when this is done, but thanks for the suggestion.

Regards,
Sigurd Hellesvik

RE: Calculate CMAC using KMU and nrfx library

GiulianoFranchetto — Mon, 08 Nov 2021 15:21:49 GMT

Hi,

Great, thanks for the answer.

With ITP available, when should we use Hardware Unique Key ?

I'm a bit lost as there are many "keys" entry in the nRFx specification: KMU, HUK, OTP, ITP, nRF9160 has certificate manager...

Could it be possible to have a small table to know when to use which module? Like taking usual use cases for any device on the field, and recommend which module to use?

Regards

Giuliano

RE: Calculate CMAC using KMU and nrfx library

Sigurd Hellesvik — Mon, 08 Nov 2021 15:18:06 GMT

Just heard back from our developers. There is no way of doing CMAC calculation with a KMU key at the moment.

Here is a copy from one of my previous answers (to a private case), which might help you choose how you will store your keys:
"

What you want is likely either OTP or Internal Trusted Stroage (ITP).
ITP is showcased in the Crypto: Persistent key storage sample.

OTP is best for keys that are written once, and will stay the same during the device lifetime.
ITP is best if you intend to change the keys in runtime. (Delete old and add new)

Regards,
Hellesvik

RE: Calculate CMAC using KMU and nrfx library

GiulianoFranchetto — Mon, 08 Nov 2021 14:57:10 GMT

Hi Sigurd,

Actually, I've dig a little bit.

We will not use the KMU in our use case, as the specification states that it's not meant for storing session and low lifespan keys.

Anyway, could be cool to have the answer. Just for academic purposes 🙂

Regards

Giuliano

RE: Calculate CMAC using KMU and nrfx library

Sigurd Hellesvik — Mon, 08 Nov 2021 14:50:09 GMT

Hi Giuliano,

I will look into this, and return with an answer by the end of Wednesday.

Regards,
Sigurd Hellesvik