3.5.2 Cryptographic Accelerator
The Cryptographic Accelerator is an autonomous hardware accelerator with Differential Power Analysis (DPA) countermeasures to pro-
tect keys.
It supports AES encryption and decryption with 128/192/256-bit keys, ChaCha20 encryption, and Elliptic Curve Cryptography (ECC) to
support public key operations, and hashes.
Supported block cipher modes of operation for AES include:
• ECB (Electronic Code Book)
• CTR (Counter Mode)
• CBC (Cipher Block Chaining)
• CFB (Cipher Feedback)
• GCM (Galois Counter Mode)
• CCM (Counter with CBC-MAC)
• CBC-MAC (Cipher Block Chaining Message Authentication Code)
• GMAC (Galois Message Authentication Code)
The Cryptographic Accelerator accelerates Elliptical Curve Cryptography and supports the NIST (National Institute of Standards and
Technology) recommended curves including P-192, P-256, P-384, and P-521 for ECDH (Elliptic Curve Diffie-Hellman) key derivation,
and ECDSA (Elliptic Curve Digital Signature Algorithm) sign and verify operations. Also supported is the non-NIST Curve25519 for
ECDH and Ed25519 for EdDSA (Edwards-curve Digital Signature Algorithm) sign and verify operations.
Secure Vault also supports ECJ-PAKE (Elliptic Curve variant of Password Authenticated Key Exchange by Juggling) and PBKDF2
(Password-Based Key Derivation Function 2).
Supported hashes include SHA-1, SHA-2/256/384/512 and Poly1305.
This implementation provides a fast and energy efficient solution to state of the art cryptographic needs.
3.5.3 True Random Number Generator
The True Random Number Generator module is a non-deterministic random number generator that harvests entropy from a thermal
energy source. It includes start-up health tests for the entropy source as required by NIST SP800-90B and AIS-31 as well as online
health tests required for NIST SP800-90C.
The TRNG is suitable for periodically generating entropy to seed an approved pseudo random number generator.
3.5.4 Secure Debug with Lock/Unlock
For obvious security reasons, it is critical for a product to have its debug interface locked before being released in the field.
In addition, Secure Vault High also provides a secure debug unlock function that allows authenticated access based on public key cryp-
tography. This functionality is particularly useful for supporting failure analysis while maintaining confidentiality of IP and sensitive end-
user data.
For more information about this feature, see AN1190: Series 2 Secure Debug.
3.5.5 DPA Countermeasures
The AES and ECC accelerators have Differential Power Analysis (DPA) countermeasures support. This makes it very expensive from a
time and effort standpoint to use DPA to recover secret keys.
3.5.6 Secure Key Management with PUF
Key material in Secure Vault High products is protected by "key wrapping" with a standardized symmetric encryption mechanism. This
method has the advantage of protecting a virtually unlimited number of keys, limited only by the storage that is accessible by the Cor-
tex-M33, which includes off-chip storage as well. The symmetric key used for this wrapping and unwrapping must be highly secure be-
cause it can expose all other key materials in the system. The Secure Vault Key Management system uses a Physically Unclonable
Function (PUF) to generate a persistent device-unique seed key on power up to dynamically generate this critical wrapping/unwrapping
key which is only visible to the AES encryption engine and is not retained when the device loses power.
MGM210P Wireless Gecko Multi-Protocol Module Data Sheet
System Overview
silabs.com | Building a more connected world. Rev. 1.2 | 8
