- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- Advanced AnalogAdvanced Analog
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
- S32Z/E
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- Generative AI & LLMs
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
- RFID / NFC
- Advanced Analog
-
- NXP Tech Blogs
- Home
- :
- Product Forums
- :
- S32K
- :
- Re: S32N55 HSE2 - Debug Authorization Challenge-Response Algorithm Details
S32N55 HSE2 - Debug Authorization Challenge-Response Algorithm Details
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
S32N55 HSE2 - Debug Authorization Challenge-Response Algorithm Details
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
We have successfully provisioned the ADKP (32 bytes) on S32N55 using HSE_FW_S32N5_1_0_24_0 via HSE_OTP_FOEM_ADKP_ATTR_ID SetAttribute service, and confirmed it is programmed via GetAttribute (returns SHA3_384 reference, E_OK).
Now we need to implement the Challenge-Response debug authorization algorithm for S32N55 without using a smart card (volkano.exe requires smart card which we do not have).
We would like to implement this in Python (similar to our S32K3xx implementation) by directly computing the response.
---
## Environment
- Platform: S32N55 EVB
- HSE FW Version: HSE_FW_S32N5_1_0_24_0
- GrayVIP Version: SW32N5_GRAYVIP_1_0_22_0
- Debug Tool: TRACE32 (Lauterbach)
---
## S32K3xx Challenge-Response Algorithm (Our Working Implementation)
```python
# S32K3xx - Working implementation
def ChallengeResponse(ADKP, UID, Challenge):
# 1. Hash UID (64-bit)
HUID = SHA256(UID) # 32 bytes
# 2. Hash ADKP master (16 bytes)
ADKPM = SHA256(ADKP) # 32 bytes
# 3. Derive ADKP using AES-128-ECB
dADKP = AES128_ECB_ENC(key=ADKPM, data=HUID[0:16]) # 16 bytes
# 4. Compute Response using AES-128-ECB
Response = AES128_ECB_ENC(key=dADKP, data=Challenge) # 16 bytes
return Response
Key parameters:
ADKP size : 16 bytes (AES-128)
UID size : 64-bit (2 x 32-bit words)
Challenge : 128-bit (16 bytes)
Response : 128-bit (16 bytes)
```
---
## S32N55 Key Differences
1. ADKP size : 32 bytes (HSE_OTP_FOEM_KEY_SIZE = 32U in hse_srv_attr.h)
2. UID size : 128-bit (vs 64-bit in S32K3xx)
3. Debug I/F : CoreSight SDC-600 (CHIP.SecureChallenge() in TRACE32)
---
## Critical Questions
### 1. Challenge Size
Is the Challenge size on S32N55 16 bytes (128-bit) or 32 bytes (256-bit)?
S32K3xx: Challenge = 128-bit (16 bytes)
S32N55: Challenge = ??? bytes
This determines how many CHIP.SecureChallenge() indices are used for the Challenge:
CHIP.SecureChallenge(0) = UID[63:0]
CHIP.SecureChallenge(1) = UID[127:64]
CHIP.SecureChallenge(2) = Challenge word 0
CHIP.SecureChallenge(3) = Challenge word 1
CHIP.SecureChallenge(4) = Challenge word 2 ← only if Challenge > 128-bit
CHIP.SecureChallenge(5) = Challenge word 3 ← only if Challenge > 256-bit
Could you please confirm the exact index mapping for CHIP.SecureChallenge() on S32N55?
### 2. Hash Algorithm for UID
Is SHA256 still used for UID hashing on S32N55 (128-bit UID)?
S32K3xx: HUID = SHA256(UID_64bit) → 32 bytes
S32N55: HUID = SHA256(UID_128bit)? → 32 bytes
or SHA3_384(UID_128bit)? → 48 bytes
### 3. AES Mode
Since ADKP is 32 bytes on S32N55, is AES-256-ECB used instead of AES-128-ECB?
S32K3xx: AES-128-ECB (16-byte key)
S32N55: AES-256-ECB (32-byte key)?
### 4. Derivation Algorithm
Is the overall derivation algorithm the same as S32K3xx?
Proposed S32N55 algorithm:
HUID = SHA256(UID_128bit) # 32 bytes
ADKPM = SHA256(ADKP_32bytes) # 32 bytes
dADKP = AES256_ECB_ENC(key=ADKPM,
data=HUID) # 32 bytes
Response = AES256_ECB_ENC(key=dADKP,
data=Challenge) # 32 bytes
Is this correct?
### 5. Response Format
How is the Response sent to S32N55 via TRACE32?
SYStem.Option KEYCODE %Byte <response_bytes>
What is the expected byte order (little endian / big endian)?
### 6. Debug Authorization Mode
Which attribute controls the Challenge-Response vs Password mode?
HSE_OTP_APP_DEBUG_AUTH_MODE_ATTR_ID (63U) - OTP fuse based
HSE_APP_DEBUG_AUTH_MODE_ATTR_ID (106U) - NVM based
Is there anything that needs to be configured before the Challenge-Response can work?
---
A complete Python implementation or pseudocode for S32N55 Challenge-Response would be greatly appreciated.
Thank you.
alejandro_e
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello again @EddiePark,
The only current implementation I was able to find is by using a smart card, for example with the TRACE32 version we use internally the only cmm script for secure debugging requires an smart card to be installed.
As I mentioned a different conversation we had, my expertise regarding the S32N55 (an the expertise of other engineers that take care of the community) is very limited since the chips has not been completely released yet. Furthermore the documentation is still being actively worked on a regular basis and all the information is subject to change.
Now, regarding the challenge-response, please check the HSE API Reference manual, in particular section 17 HSE Debug Authorization Protocol, there you can see all the technical details. You can also check the S32N5 Security Reference Manual, particularly Chapter 21 Secure Debug, note that this last reference is a secure document and you will need to contact your NXP representative to get access to it. You should be able to get all the information you require in the API reference manual.
Please note that the S32K3 uses HSE (1) and the S32N55 uses HSE2 the process might not be translatable, I don't know the details on how the S32K3 challenge-response works, however, it has a very different architecture, particularly considering the existence of debug domains in the S32N55 and all the isolation configurations available, which are not present in the S32K3.
Regarding your final question, we do not have a python implementation nor a pseudo-code description on how to perform the challenge-response, for now the only delivered solution is the cmm script I mentioned above.
Please let me know if you need more information.
