To Next Page

To Previous Page

Figure 20. Signature generation with public key algorithm

DT50960V1

HASH

John Doe1

John Doe2

Signature

Digest

Message

Signature

Private

key

Public

key

Certificate

A certificate is related to public key algorithms. It authenticates the public key in an asymmetric transfer. It is used

to counteract usurpation by an attacker that substitutes the right public key by his own key. A certificate consists in

the public key signed by a certificate authority (CA) private key. This CA is considered as fully trusted.

In addition to the public key, the certificate also contains version numbers, validity period and some IDs.

AN5156

MAC or signature and certificate

AN5156 - Rev 8

page 48/56

General Information2
Table 2. Glossary2
Overview5
Security Purpose5
Figure 1. Corrupted Connected Device Threat5
Table 3. Assets to be Protected6
Attack Types7
Introduction to Attack Types7
Software Attacks8
Table 4. Attacks Types and Costs8
Hardware Attacks9
Non-Invasive Attacks10
Silicon Invasive Attacks11
Iot System Attack Examples12
Figure 2. Iot System12
List of Attack Targets13
Device Protections16
Configuration Protection16
Trustzone ® for Armv8-M Architecture16
Dual-Core Architecture17
Figure 3. Armv8-M Trustzone® Execution Modes17
Figure 4. Simplified Diagram of Dual-Core System Architecture17
Memory Protections18
Figure 5. Memory Types18
System Flash Memory19
User Flash Memory19
Embedded SRAM19
External Flash Memories20
STM32 Memory Protections21
Software Isolation21
Debug Port and Other Interface Protection21
Boot Protection22
System Monitoring22
Secure Applications23
Secure Firmware Install (SFI)23
Root and Chain of Trust23
Stmicroelectronics Proprietary SBSFU Solution23
Secure Boot (SB)23
Secure Firmware Update (SFU)24
Figure 6. Secure Boot FSM24
Configurations25
Arm TF-M Solution25
Figure 7. Secure Server/Device SFU Architecture25
Product Certifications26
Table 8. Basic Feature Differences of Trustzone-Based Secure Software26
STM32 Security Features27
Overview of Security Features27
Static and Dynamic Protections27
Security Features by STM32 Devices27
Table 10. Security Features for STM32L0/1/4/4+, STM32WB, STM32WL Devices28
Readout Protection (RDP)29
Table 11. Security Features for STM32L5, STM32U5, STM32H503/5, Stm32H72X/73/74X/75, Stm32H7Ax/7Bx, STM32F7 Devices29
Figure 8. Example of RDP Protections (STM32L4 Series)30
Lifecycle Management-Product State31
Table 12. RDP Protections31
One-Time Programmable (OTP)32
Trustzone32
Core State33
Secure Attribution Unit (SAU)33
Figure 9. Trustzone® Implementation at System Level33
Memory and Peripheral Protections34
Flash Memory Write Protection (WRP)34
Execute-Only Firmware (PCROP)34
Secure Hide Protection (HDP)35
Firewall35
Figure 10. HDP Protected Firmware Access35
Figure 11. Firewall FSM36
Figure 12. Firewall Application Example36
Memory Protection Unit (MPU)37
Table 13. Attributes and Access Permission Managed by MPU37
Customer Key Storage (CKS)38
Table 14. Process Isolation38
Figure 13. Dual-Core Architecture with CKS Service38
Antitamper (Tamp)/Backup Registers (BKP)39
Clock Security System (CSS)39
Power Monitoring (PVD)39
Memory Integrity Hardware Check39
Independent Watchdog (IWDG)40
Device ID40
Cryptography40
Hardware Accelerators40
Cryptolib Software Library40
On-The-Fly Decryption Engine (OTFDEC)41
Figure 14. Typical OTFDEC Configuration41
Guidelines42
Table 15. Security Use Cases42
Conclusion44
Appendix A Cryptography - Main Concepts45
Secret Key Algorithms45
Figure 15. Symmetric Cryptography45
Public Key Algorithms (PKA)46
Figure 16. Signature46
Figure 17. PKA Encryption46
Hash Algorithms47
MAC or Signature and Certificate47
Figure 18. Message Hashing47
Figure 19. MAC Generation with Secrete Key Algorithm47
Figure 20. Signature Generation with Public Key Algorithm48
Revision History49
Table 1. Applicable Products49
Table 16. Document Revision History49
Table 5. Memory Types and Associated Protection50
Table 6. Scope of STM32 Embedded Memory Protection Features50
Table 7. Software Isolation Mechanism50
Table 9. Security Features for STM32C0, STM32F0/1/2/3/4, STM32G0/4 Devices50

Brand	ST
Model	STM32H7 Series
Category	Computer Hardware
Language	English

ST STM32H7 Series Application Note

Table of Contents

Other manuals for ST STM32H7 Series

Questions and Answers:

ST STM32H7 Series Specifications

Related product manuals