BK-Demo for Arm Cortex-M Core Development Boards
BK Functionality Project
Explore the functionalities the Intrinsic ID BK software has to offer by installing BK-Demo on an Arm Cortex-M core development board. BK-Demo is a simulation version mimicking the behavior and functionality of the Intrinsic ID commercial product BK-Pro. This product is based on the concept of SRAM Physical Unclonable Functions (PUFs), where the underlying SRAM is used as a silicon fingerprint from which device-unique keys can be derived, avoiding the need to store secret key material on chip.
BK-Demo illustrates how the BK-Pro API works and allows you to:
- enroll a device, generate an activation code and a PUF root key.
- derive device-unique and independent cryptographic keys from the PUF root key.
- protect user keys by wrapping them with device-unique wrapping keys.
- derive an ECC 256-bit private key from the SRAM PUF and compute the public key. In addition, to verify that the same keypair is reconstructed each time, even after power cycles.
- generate a certificate signing request (CSR) and sign certificates (SSC).
- sign and verify messages (ECDSA).
- generate ephemeral keys to be used in secure communications (ECDH).
Important Note: BK-Demo mimics this behavior but doesn’t offer the same security level as the commercial BK product. Keys and certificates created by BK-Demo are for demonstration and evaluation purposes only and are not safe to be used in a commercial product.
BK-Demo is delivered as a compressed archive. The archive contains the following items:
- Binary files
- Example projects
The BK-Demo binary files work with Arm Cortex M0, M0+, M33, M4, and M7 core development boards. To get started easily, we added two BK functionality projects as an example. These projects require either a NXP LPCXpresso54114 or a NUCLEO-L4A6ZG development board.
Authentication & Key Vault Project for ST NUCLEO-L4A6ZG
In this project we will illustrate how you can use BK Software IP to secure an STM32L4A6ZG microcontroller. In particular, we will illustrate how you can:
- Leverage an SRAM based Physical Unclonable Function (PUF) to create a device-unique root key
- Derive a cryptographic device identity consisting of an asymmetric key pair
- Generate a certificate signing request (CSR) from the device and turn it into a device certificate
- Verify device authenticity with a challenge-response protocol
- Use the PUF root key to securely store multiple keys in NVM
We Value Your Suggestions
Over the course of the year we will make BK-Demo available on other platforms. Suggestions? Feel free to contact us via info[@]intrinsic-id.com.
Please complete this form and get approved to receive BK-Demo. Fields with an asterisk (*) are required.