PUF enroll returns activation code of zeros on an RT685 secure boot enabled MCU

yoeinhor · ‎09-05-2023

Hi,

I have an RT685 MCU that has its OTP fuses burnt to enable secure boot.

I am trying to use the PUF in my image but the activation code returned from the enroll operation is always zeros on this chip.

I have another chip that is not locked on which activation code is returned correctly using the same code.

Also, blhost seems to be able to generate an activation code when booting from ISP.

Any help on getting PUF enrollment working on the locked part will be greatly appreciated.

Thanks.

RaRo · ‎09-11-2023

Hello @yoeinhor,

To start, could you please take a look at the following application note for the LPC55Sxx: LPC55Sxx Usage of the Physically Unclonable Function and Hash Crypt to Coding? It might be useful.

Best regards, Raul.

yoeinhor · ‎09-14-2023

Thanks, @RaRo .

I reviewed the application note but did not find anything to point me in the right direction.

Any other ideas?

Thanks.

RaRo · ‎09-15-2023

Hello @yoeinhor,

Could you please check if you enable (1) the PUF_BLOCK_ENROLL bit in BOOT_CG[5] (also known as SEC_BOTT_CFG[5]) bit fields while you burned the OTP fuses to enable secure boot?

The RT6xx User manual. Chapter 42. RT6xx Secure Boot ROM mentions the following about PUF_BLOCK_ENROLL: "Block further enrollment of the PUF block. When this bit is set, ROM blocks generation of new activation codes." Which could explain why you cannot do the enrollment anymore.

You could check the OTP configuration with MCUXpresso Secure Provisioning Tool. You could download it here.

Best regards, Raul.