English
Language : 

AN4240 Datasheet, PDF (11/30 Pages) STMicroelectronics – This application note provides an easy introduction to the usage
AN4240
Secure storage for cryptographic keys
4
Secure storage for cryptographic keys
The CSE provides secure, and non-volatile storage for cryptographic keys as described in
the SHE Functional Specification. The keys are stored in fifteen memory slots, with one
ROM slot, thirteen non-volatile slots, and one RAM slot as shown in Table 2. The first four
slots have a dedicated usage, the other slots are available for application specific keys. The
BOOT_MAC slot is loaded with a MAC value used by the secure boot process. All other
slots are used for encryption or message authentication keys. The SECRET_KEY slot is
programmed with a random value during device fabrication same as the Unique Identifier
Number (UID). It is unique for every part and is programmed into the secure flash when it is
tested in wafer form. UID is 120 bits long. UID is used during inter ECU communications to
confirm that external controllers is not substituted. SECRET KEY may only be used to
import/export keys.
All CSE encryption and message authentication commands specify a key, by its Key ID.
Slot Name
SECRET_KEY
MASTER_ECU_KEY
BOOT_MAC_KEY
BOOT_MAC
KEY_1
KEY_2
KEY_3
KEY_4
KEY_5
KEY_6
KEY_7
KEY_8
KEY_9
KEY_10
RAM_KEY
Table 2. Memory Slots
Key ID
0x0
0x1
0x2
0x3
0x4
0x5
0x6
0x7
0x8
0x9
0xA
0xB
0xC
0xD
0xE
Type
ROM
non-volatile
non-volatile
non-volatile
non-volatile
non-volatile
non-volatile
non-volatile
non-volatile
non-volatile
non-volatile
non-volatile
non-volatile
non-volatile
RAM
Table 3. describes that each memory slot holds a 128-bit value, a 28-bit counter and five
security flags.
Table 3. Key attributes
Flag Name
Description
WRITE_PROT If set, memory slot cannot be updated
BOOT_PROT If set, memory slot is disabled if Secure Boot is not enabled
DEBUG_PROT If set. memory slot is disabled if a debugger is connected
Doc ID024209 Rev 2
11/30