back to main page

Coming soon

Please understand this is draft, thank you

1. SafeLink Module Presentation

The Safe link module allows for the secure communication between a Host and the STM32WW4, at the level of the SDIO interface. In particular, the Safe link module allows the Host to ensure it is communicating with a real STM32WW4 provisioned by ST, to compute a common session key between the two devices and to perform encryption, decryption and authentication of the data exchanged on the SDIO interface. Finally, the Safe link offers a mechanism that update the session key periodically.

To ensure the security of the communication channel between a Host and the STM32WW4, the following conditions must be respected:

• The SDIO/SPI link must allow authentication and confidentiality of messages
• Prevention against passive eavesdropping and/or active tampering (injection of fault) on the link
• Forward secrecy
• The Host must be connected to authentic Typhon from ST
• Secure storage of key agreement private key
• SCA and fault protection of key agreement private key
• Safe link Security strength up to 192-bit for WPA3-Enterprise-192

Following methods have been retained to meet these requirements:

• Asymmetric Key agreement based on ECDH-key agreement P-384 ECC or P-256 ECC.
• Symmetric Key agreement base on challenge method and CMAC key agreement AES-256.
• AES-GCM packet encryption.
• Support of ephemeral keys pair, on STM32WW4 and on Host.
• The Host checks Typhon Certificate signature built by ST authority, based on ECDSA.
• The STM32WW4 private key is stored in its OTP Upper storage, tamper protected and decrypted by a ROM secret at EWS provisioning.
• The STM32WW4 Safe link code is protected against side channel attacks.