FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

MPU Usage for Sensitive Data Storage

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

MPU Usage for Sensitive Data Storage

‎04-17-2019 01:09 AM
2,538 Views
orhun_suezer
Contributor I

Dear All,

here is a conception question regarding the MPU usage.

Given that I have to protect some of relatively big size of sensitive data (private keys, specific secrets, parameters etc.) in my µC. However the CSEc does not provide me that big size of memory. Here comes 2 ideas into my mind

1- Encrypt all of the sensitive data w/ AES, then store them in the Flash area in ciphertext form and keep the AES key in CSEc.

2- Use a specific Flash partition to store the sensitive data and limit the access to that area by the MPU (Memory Protection Unit).

Although I assume the Option 1 is better, I can not find any concrete use case where the Option 2 may have disadvantages. Especially Option 2 is interesting if there is no CSEc module is available.

What would you think about the Option 1 and Option 2?

How would you criticize Option 2 from security perspective?

Thanks in advance for your support!

0 Kudos
Reply
3 Replies

‎04-17-2019 06:05 AM
2,417 Views
orhun_suezer
Contributor I

Dear Lukas,

thank you for your quick answer. First of all I want to ask you what do you mean exactly with "and even if the MPU is configured to forbid access to certain area, it can be easily reconfigured." ? 

Moreover I want to got o one stage further. Imagining that the µC will actually be set into a mode where the engineering interfaces such as JTAG are deactivated. So for me the only way to get to the data is somehow to dig into the chip HW, microprobe the Flash interface and try to read out the data. I can assume that what is explained in 5.2.1 Flash memory security would not help against this kind of an attack because it focuses only to the "programming interfaces", is that true?

Cheers!

0 Kudos
Reply

‎04-18-2019 02:25 AM
2,417 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi Orhun,

if someone is able to establish access via JTAG (stolen password for backdoor access if enabled or whatever) or in case of microprobing, MPU does not help at all. Encryption of data by CSEc is 'one step up' because the data are not directly readable.

Regards,

Lukas

0 Kudos
Reply

‎04-17-2019 04:26 AM
2,417 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi,

from security point of view, option 2 is quite useless. MPU is safety feature, not security feature. Out of reset, the MPU is enabled and only descriptor 0 is valid. It covers whole address space and all accesses are permitted. And even if the MPU is configured to forbid access to certain area, it can be easily reconfigured.

Take a look at "5.2.1 Flash memory security" in the reference manual.

Regards,

Lukas

Reply