More Secure LPC chips?

martinfierz · ‎10-28-2019

Dear NXP team / community,

there is a "nice" video on the web showing how power glitching can be used to disable code read protection on the LPC family of chips (Breaking Code Read Protection on the NXP LPC-family Microcontrollers ). The presentation also shows clearly what the problem with the bootloader is and how to solve it theoretically (i.e. the code read protection value should be checked against a single value to allow access to the code, instead of 4 billion values allowing access to the code).

In a previous thread on this forum (https://community.nxp.com/message/941392#comment-968319 ) an NXP developer mentioned that NXP was working on more secure versions of those chips. That was two years ago.

Could somebody of NXP comment on whether there are new members of the LPC family that no longer have this vulnerability? We would like to choose a more secure chip in our next design, but would not like to switch the CPU family / development toolchain (MCUxpresso) as we have gotten used to it.

cheers

Martin

vicentegomez · ‎10-30-2019

Hi

Please check the LPC54Sxx family on the next link:

LPC540XX Family of Microcontrollers (MCUs) | NXP

and check the evaluation board

LPCXpresso54S018 Development Board | NXP

The new LPC54S0xx MCU devices in this family provide Physical Unclonable Function (PUF) root key using dedicated SRAM for silicon fingerprint making it possible to generate, store, and reconstruct keys. In addition, the LPC54S0xx devices feature an on-chip hardware AES engine to protect the image content and accelerate processing for data integrity and proof of origin. Data can be encrypted or decrypted by the AES engine using the encrypted key stored in the OTP, SRAM PUF-based or a software supplied key.

Another option is the LPC55 that has a cortex M33 with TrustZone-M

LPC55S6x|Arm® Cortex®-M33|32-bit Microcontrollers (MCUs) | NXP

and the evaluation board is

LPCXpresso55S69 Development Board | NXP

Regards

Vicente