FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Software to use Security and Integrity IP block of FRDM-K64F board

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Software to use Security and Integrity IP block of FRDM-K64F board

‎01-29-2016 12:10 AM
1,072 Views
ramkumarkoppu
Contributor I

To build proof of concept of Security Software architecture on FRDM-K64F board, I need to know how do I get access to following items:

  1. How to enable BootRoM to do secure boot. authenticating and decrypting boot images on the flash.
  2. Will it be possible to bypass BootROM and boot from flash? how?
  3. Where do I find software to use Security and Integrity IP block?
  4. Is there any existing TLS stack which uses Security and Integrity IP block to speed up crypto operations?
  5. Is there any eFUSE memory array on this board? if it is how to program it.
0 Kudos
Reply
4 Replies

‎02-01-2016 02:06 AM
599 Views
Hui_Ma
NXP TechSupport
NXP TechSupport

Hi

For K64 product without secure boot, customer could consider to refer AN4605 (Secure Bootlaoder Implementation).

http://cache.nxp.com/files/microcontrollers/doc/app_note/AN4605.pdf

Or customer could consider Kinetis K82 MCU sub-family. It builds upon the Kinetis MCU portfolio with advanced security capabilities including boot ROM to support encrypted firmware updates. The Kinetis K82 MCU contains automatic decryption from external serial NOR flash memory, hardware AES acceleration with side band attack protection, and hardware support for public key cryptography. These advancements are done while maintaining a high level of compatibility with the rest of the Kinetis MCU portfolio.   

More detailed info about K82 MCU please check below link:

Kinetis K82 Secure Microcontrollers (MCUs)|NXP

Our third partner provides Embedded SSL SDK for Kinetis K60 product, which supports TLS 1.0. More detailed info, please check below link:

Cypherbridge Systems Products & Services

The FRDM-K64F board doesn't provide eFUSE memory.


Wish it helps
Have a great day,
Ma Hui

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

0 Kudos
Reply

‎02-03-2016 05:09 AM
599 Views
ramkumarkoppu
Contributor I

Hi Ma Hui,

Thanks for the info. K82 does not look like supported with mbedos software.

0 Kudos
Reply

‎02-01-2016 06:59 AM
599 Views
bobpaddock
Senior Contributor III

"which supports TLS 1.0."

TSL 1.0 is depreciated, it is no longer considered safe.

Is usage of TSL 1.0 enforced by the hardware of the K82?

"Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations":


http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-52r1.pdf

0 Kudos
Reply

‎02-01-2016 07:51 PM
599 Views
Hui_Ma
NXP TechSupport
NXP TechSupport

Hi Bob,

Thank you for the info.

The uSSL Software Stack of NXP third partner Cypherbridge Systems company supports TLS 1.0, 1.1 and 1.2, more detailed info please check below link:

Cypherbridge Systems Products & Services

K82 product provides on-the-fly AES decryption module (OTFAD) , which combined with QuadSPI external flash memory controller.

More detailed info, please check K82 reference manual:

http://cache.nxp.com/files/32bit/doc/ref_manual/K82P121M150SF5RM.pdf

Wish it helps.

best regards,

Ma Hui

0 Kudos
Reply