Secure Boot is a widely used essential security feature of computing systems in general that is increasingly being deployed in embedded microcontrollers or MCUs as well. Secure Boot solutions focus on the initial stages out of system reset and aim to ensure trusted firmware and application code. This application note explains how to use QuiddiKey® as an integral part of a Secure Boot solution. By integrating the appropriate API calls during the first stages of boot, secure key storage can be added to the available boot flow. This then enables protection of confidential information such as application and user keys, as well as (part of) the actual boot code itself and application code. By using QuiddiKey, key material is no longer stored in the plain but is protected with physical unclonable function (PUF) technology, which greatly enhances security robustness against reverse engineering attacks.
Contents includes:
- How to embed the PUF functionality in the context of Secure Boot
- How to set up the QuiddiKey IP to be ready for use
- How to create an Activation Code (AC) using the Enroll functionality
- How to use the AC when preparing QuiddiKey for key-related operations
- How to wrap/unwrap keys required for code encryption
- How to ensure integrity of code and keys by means of hash values in One-Time Programmable memory (OTP)
Please complete this form and we will send you our application note Secure Boot with QuiddiKey. Fields with an asterisk (*) are required.