Silicon Labs Cryptograpy Hardware Acceleration Drivers#

The Simplicity SDK includes PSA device drivers and ALT plugins for selected PSA Crypto and Mbed TLS library functions to support acceleration of cryptographic algorithms and support secure key storage. peripherals depending on the capabilities of the target device. All PSA Crypto drivers and Mbed TLS ALT "legacy" plugins in the Simplicity SDK support bare metal, RTOS and multi-threaded applications.

The ALT plugins support the "legacy" ALT(ernative) crypto APIs of Mbed TLS which receive key material in plaintext format, and hence do not support secure key handling, in contrast to the PSA Crypto APIs which supports importing and storing keys safely, and reference the keys by identifiers. The legacy crypto APIs will be removed in a future Mbed TLS version, and fully replaced by the PSA Crypto APIs.

Secure Key support#

The PSA Crypto APIs provides secure key support by importing and storing key material safely in a trusted format or storage. The PSA import key API function returns a key identifier which the user can subsequently apply to other PSA Crypto APIs , e.g. to encrypt some plaintext message.

• Series-2 and Series-3 HSE Vault High devices support "wrapping" keys by encrypting the key material during the import function, then the "wrapped" key can be stored in untrusted RAM.

• Series-2 HSE Vault Mid and VSE devices can enable TrustZone Secure Key Library (SKL) which will import and protect the plaintext keys in Secure RAM. For persistent keys stored in PSA ITS, the ITS driver will encrypt the plaintext keys before storing them securely in NVM3 which is located in NonSecure Flash. For more information on TZ SKL please refer to the application note AN1374 https://www.silabs.com/documents/public/application-notes/an1374-trustzone.pdf

• Series-3 HSE devices support importing keys into a Key Slot Unit (KSU) which can transfer keys efficiently and securely to HOSTSYMCRYPTO and LPWAES peripherals for fast secure crypto operations. KSU support is faster than wrapped key support because wrapped keys need to be moved to the SE for every operation, compared to, once stored in the KSU the key can be used quickly multiple time. Currently, the PSA HOSTSYMCRYPTO device drivers do not provide KSU support. KSU support is planned to be added in the near future.

Secure Engine (SE) Peripheral#

Series 2 and Series 3 devices with a Hardware Secure Engine (HSE) incorporate the SE peripheral for cryptographic hardware acceleration. In order to support the SE peripheral, the Simplicity SDK includes SE specific PSA Crypto drivers and ALT plugins for the "legacy" crypto APIs for Mbed TLS. For HSE Vault High devices the PSA SE Crypto drivers supports key wrapping for secure key support (opaque driver mode), in addition to plaintext key support (transparent driver mode). On HSE Vault Mid devices the SE does not support key wrapping, and hence the PSA SE drivers only work for plaintext keys (transparent driver mode). In order to support secure keys on Series-2 HSE Vault Mid the user can enable TrustZone Secure Key Library (TZ SKL) which will import and protect the plaintext keys in Secure RAM. For persistent keys stored in PSA ITS, the ITS driver will encrypt the plaintext keys before storing them securely in NVM3 which is located in NonSecure Flash. For more information on TZ SKL please refer to the application note AN1374 https://www.silabs.com/documents/public/application-notes/an1374-trustzone.pdf

Note: The Secure Engine drivers are multi-thread capable, but do not support preemption. This means the application developer is responsible for not calling a driver-accelerated PSA Crypto API under conditions which would cause preemption of an already-running operation. For bare metal applications, this usually means not calling cryptographic operations from ISR. For RTOS-based applications, this boils down to not calling these SE-accelerated functions from either ISR or inside critical/atomic sections, since the underlying mutex acquisition would fail.

CRYPTOACC Peripheral#

Series 2 devices with a Virtual Secure Engine (VSE) incorporate the CRYPTOACC peripheral for cryptographic hardware acceleration. In order to support the CRYPTOACC peripheral, the Simplicity SDK includes CRYPTOACC specific PSA Crypto drivers and ALT plugins for the "legacy" crypto APIs of Mbed TLS. VSE devices do not support key wrapping, and hence the PSA CRYPTOACC drivers only work for plaintext keys (transparent driver mode). In order to support secure keys on Series-2 VSE the user can enable TrustZone Secure Key Library (TZ SKL) which will import and protect the plaintext keys in Secure RAM. For persistent keys stored in PSA ITS, the ITS driver will encrypt the plaintext keys before storing them securely in NVM3 which is located in NonSecure Flash. For more information on TZ SKL please refer to the application note AN1374 https://www.silabs.com/documents/public/application-notes/an1374-trustzone.pdf

Note: The CRYPTOACC peripheral has not been hardened against side-channel analysis (SCA) attacks. Certain APIs in Mbed TLS might give the impression of being secured against this class of attack, but this is not necessarily true if the hardware acceleration plugins are used. For example: some APIs operating over elliptic curves will require an RNG function pointer and state to be passed as arguments in order to perform coordinate randomization. Since the CRYPTOACC peripheral does not allow for this type of acceleration, these parameters will not be used. However, it should be stated that timing based SCA attacks are more challenging to perform on hardware accelerated operations of this type – since they are significantly faster than their software implementation counterparts.

HOSTCRYPTO Peripheral#

Series 3 devices incorporate the HOSTCRYPTO and LPWAES peripherals for cryptographic hardware acceleration. The HOSTCRYPTO and LPWAES can use keys provided in plaintext format or keys stored in the Key Slot Unit (KSU) for secure key support. KSU supports faster secure key operations than the SE wrapped key operations. The Simplicity SDK include PSA Crypto drivers in order to support the HOSTCRYPTO peripheral. The LPWAES peripheral is reserved for internal Simplicity SDK components and is not supported by the PSA Crypto drivers. Currently the PSA HOSTCRYPTO drivers do not provide KSU support. KSU support is planned to be added in the near future.

Supported Features/Drivers for PSA Crypto#

In this section, all cryptographic primitives, algorithms, modes-of-operations, etc., that have dedicated drivers implemented will be listed. When including an SLC component that supports an algorithm in PSA Crypto, any corresponding driver usable for the current device will be automatically enabled.

Note: The fact that an algorithm is not explicitly listed in the below tables does not necessarily mean that it is unsupported through the PSA Crypto API: Mbed TLS provides software implementations for most algorithms supported by the PSA Crypto API specification. Also note that that 'composite algorithms' may be partially accelerated using the drivers—as an example, HKDF is not accelerated in its entirety, but the underlying HMAC operations are.

Encryption#

Authenticated Encryption#

Hash Functions#

Message Authentication Codes#

Signatures#

Key Exchange#