FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

If in the mass production stage, how to safely and effectively manage CSEc keys

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED
Jump to solution

If in the mass production stage, how to safely and effectively manage CSEc keys

Jump to solution
‎09-25-2023 11:36 PM
2,191 Views
ZEROOO
Contributor IV

Hi,

    I have some questions about the management of CSEc key. We have added a constant array to store the key value when the key is loaded, but if this constant is placed in the pflash area, I think it is not safe. Do you have any suggestions about the management of the key? If a key program is specially set up at the time of mass production, this part of the program is brushed first and then the formal program is brushed, so it seems inconvenient when the canned program is mass-produced.

Labels (1)
Labels
0 Kudos
Reply
1 Solution

Jump to solution
‎10-08-2023 11:58 PM
2,030 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @ZEROOO 

FPROT is a protection against modification of the flash. But it still can be read. To restrict the access via JTAG, you need to secure the device using FSEC.

Here's simple example including backdoor key access (temporary unlocking the security):

https://community.nxp.com/t5/S32K-Knowledge-Base/Example-S32K144-Verify-Backdoor-Access-Key-S32DS1-3...

Regards,

Lukas

View solution in original post

Reply
5 Replies

Jump to solution
‎09-27-2023 12:20 AM
2,148 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @ZEROOO 

the keys should definitely not stay in flash in plain form (or rather in any form). That's considered as a serious security risk.

Users (Tiers and OEM) usually build up secure environments in which they can program secrets into the components. This includes individual-person access to these facilities as well as measures in and around the equipment.

Depending on needs and tools, it's possible to load configuration project first, erase it and then load the final application. Or the final application can be programmed and then the keys (or not the keys but rather only M1-M5 values for each key) can be supplied externally via some communication interface, for example. Everything is up to you.

If you want to keep it as simple as possible and if you don't want to load configuration project or load the keys externally, an option is to put the keys to some specific sector in flash, then load the application in production facility, reset the device, the SW will check if it is first startup, the SW will do the configuration and load the keys and then it will erase the flash sector with plain keys.

Regards,

Lukas

0 Kudos
Reply

Jump to solution
‎09-27-2023 03:31 AM
2,141 Views
ZEROOO
Contributor IV

Hi 

    Is the key loaded into a particular sector only the one that EEPROM assigned to CSEc, which would still require burning the code twice.

0 Kudos
Reply

Jump to solution
‎09-28-2023 10:34 PM
2,124 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

You can simply use one sector in program flash, so everything is loaded in single shot.

0 Kudos
Reply

Jump to solution
‎10-06-2023 10:21 PM
2,061 Views
ZEROOO
Contributor IV

Hi 

    I tried to modify the FPROT register for pflash protection, but I found that it could not be erased, and the key could still be seen through the debugger. How do I close the JTAG interface to prevent it from being viewed.

ZEROOO_0-1696656085366.png

 

0 Kudos
Reply

Jump to solution
‎10-08-2023 11:58 PM
2,031 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @ZEROOO 

FPROT is a protection against modification of the flash. But it still can be read. To restrict the access via JTAG, you need to secure the device using FSEC.

Here's simple example including backdoor key access (temporary unlocking the security):

https://community.nxp.com/t5/S32K-Knowledge-Base/Example-S32K144-Verify-Backdoor-Access-Key-S32DS1-3...

Regards,

Lukas

Reply