Your secret keys must remain secret to maintain the security architecture - having plenty of secure key storage is critical.
Attackers use invasive attacks on a device to extract Flash content and when an attacker learns how to extract keys or content from a device, they use the same attack vector to attack other devices. A Physically Unclonable Function creates a secret, random, and unique key, from individual device imperfections. The PUF-key encrypts all keys in the secure key storage and applications can handle the keys whilst they remain confidential. The PUF Key is generated at startup and is not stored in flash.
Have you Discovered a Vulnerability?
Our Product Security Incident Response Team (PSIRT) is responsible for ensuring the vulnerabilities discovered in our products are mitigated and communicated responsibly. If you detect a security threat, let us know.
Information on how to subscribe to security notices can be found here.