KW for STM32H5

In a context of symmetric or asymmetric cryptography, protection of secret keys is essential. For this purpose, ST proposes a solution so that the keys remain secret at any time and usable only on a specific device. On STM32, two elements are required to do so:

  • The first one is an hardware coupling and chaining bridge (CCB) to isolate the key manipulation inside hardware cryptographic IPs.
  • The second one is a Root Security Services extension (RSSe) library allowing the user firmware to use the secret key while never giving access to the secret key itself. In the document, the library is referenced as “RSSe KW” (RSSe for Key Wrap) and the output is referenced as “wrapped key”.

A detailed description of RSSe KW is provided in AN6278

List of applicable products:

Type Products
Microcontroller STM32H5Fxxx, STM32H553xx


1. RSSe KW for DUA

The provisioning of unique keys may be required for some use cases as initial attestation, for example. This provisioning is a crucial step and may be very costly to guaranty the unicity and confidentiality of the keys. STMicroelectronics addresses this challenge by provisioning, in secure facilities, each applicable STM32 with unique key pairs called Device Unique Authentication keys (DUA). These keys are ECC (Elliptic Curve Cryptographic) keys of 256 bits. The public part is freely accessible through a certificate signed by a STMicroelectronics Certificate Authority (CA) while the wrapped private part is accessible only through the RSSe KW.

2. RSSe KW principles overview

RSSe KW is a library implemented in STM32 microcontrollers that get wrapped DUA keys. The main goal of the RSSe KW is to provide wrapped keys usable only on one specific device. The RSSe KW prevents the sensitive keys from:

  • Being accessed by any firmware or debugging access.
  • Being used by another device (including STM32).

3. DUA wrapped key usage contexts

The output of the RSSe KW contains the selected DUA key wrapped for a specific context along with elements needed to use it. On STM32H5 devices, the "specific context" depends on:

  • The security state (secure or nonsecure).
  • The privilege state (privileged or unprivileged).
  • The key usage: signature or scalar multiplication computation (for ECC keys).
  • The HDP level.
  • The Epoch counter selection.

All these elements can be chosen when launching the key wrap command.

The list of allowed contexts is:

Key wrapped Security state Privilege state Key usage HDP level Epoch counter selection
DUA License Usage key secure privilege signature HDPL2 Epoch forced to zero
DUA License Usage key secure privilege scalar multiplication HDPL2 Epoch forced to zero
DUA License Usage key secure privilege signature HDPL3 Epoch forced to zero
DUA License Usage key secure privilege scalar multiplication HDPL3 Epoch forced to zero
DUA User key secure privilege signature HDPL2 Epoch forced to zero
DUA User key secure privilege scalar multiplication HDPL2 Epoch forced to zero
DUA User key secure privilege signature HDPL3 Epoch forced to zero
DUA User key secure privilege scalar multiplication HDPL3 Epoch forced to zero


Warning
The output wrapped key can only be used on the specific device it has been requested. The product state configured must be different than OPEN. Moreover, it can only be used in the context requested during the service call. This allows the user to restrict the usage of the key to the context needed.


4. RSSe KW interface

With the use of Cube Programmer, the user can get the wrapped key with only one command. The output container is stored into a binary file chosen by the user

If a custom tool is used, the RSSe KW must first be installed in STM32 RAM memory before receiving the KW command as described in AN6278