cancel
Showing results for 
Search instead for 
Did you mean: 

STSAFE-A110 and hardware-level security

naNEQ
Associate II

I'd like to open a small discussion about what would be the best usage of STSAFE-A110 to enhance the hardware-level security of our IoT device. To be more specific, in our application we want to use the STSAFE-A110 to store the customized device private key and certificate (not the standard leaf certificate in zone 0), that will be used for TLS authentication at the server.

I'm trying to think how this will help in case that a malicious adversary gets hold of our hardware. I suppose nothing is completely secure and it all depends on how good one needs to be protected and/or how many obstacles one wants to make it for the attacker.

Let's however, do a thought experiment. What can the attacker do with our hardware?

I suppose that since the device private key and certificate are not in the MCU flash but in the A110, the attacker

  • cannot get hold of the private key, but can use it for signing (right?)
  • can read out the device certificate

What can one do with the above? Could one clone our device and create others that imitate the original?

What is the real benefit of storing this information inside the STSAFE-A110 instead of the MCU flash directly, since, in the end, one can still use the private key for signing and has access to the certificate.

Would it make sense to protect the link between the MCU and the STSAFE-A110 using the host secure channel? What extra security would that add to our above scenario?

1 REPLY 1
Benjamin BARATTE
ST Employee

Hi @naNEQ ,

This is an interesting discussion.

First the STSAFE-A always has a personalization and you can request a dedicated personalization which will helps to provision your private key and certificate in your application.

 

Regarding the thought experiment, this can help to make your risk analysis.

If you look at the physical attacks, it's depends on your configuration.

If there is a risk that the STSAFE-A can be desolder to be placed on a malicious device, then you can configure the signature to mandate the secure channel. This secure channel between the MCU and the STSAFE-A to limit to usage of the signing API. This is not activated by default on evaluation samples (STSAFA110xxSPL02/03).

In any case, the private key can't be extracted and therefore you can not make several clones from 1 device.

 

The main  advantage for the STSAFE-A solution is to have a secure element that holds and use credential (private key and certificate) in state of the art way and the personalization that simplify the manufacturing provisioning of the private key and certificate.

 

Depending on your risk analysis, we have several option in the STSAFE-A to harden your solution.

 

Best Regards,

 

Benjamin