Normal World and Secure World using TrustZone Diagram.

Getting Started

The Arm CryptoCell-300 family of embedded security solutions is aimed at high efficiency systems with emphasis on small footprint and low power consumption. The CryptoCell-300 family offers platform security services as well as a rich set of cryptographic services, targeting multiple threats. These services are needed across various Internet of Things (IoT) domains such as home automation, factory automation, smart energy, industrial IoT and other areas where there is potential usage of an Arm Cortex-M processor. 

The CryptoCell-300 family uses a modular approach which consists of control and scheduling, data interfaces, cryptography and various security resources to enable the right level of security and PPA trade-offs for a particular threat model.

CryptoCell complements TrustZone for Armv8-M and together these solutions form a Trusted Execution Environment (TEE). This helps reduce the attack surface and isolate sensitive assets and processes from potentially malicious application code.

Key Features

The CryptoCell-300 family provides these key features to owners of assets on the platform (chip vendors, device makers and more):

  • Brand-name and IP protection through enforcement of code authentication and code confidentiality – the IP allows an image owner to deliver the code to the target device – in the field or on the manufacturing floor - signed and encrypted. That code owner can be a chip vendor, a device maker, or other entities in the ecosystem. The model allows chip vendors and other entities to rely on different roots of trust, without having to share them.

  • Authenticated debug, allowing authorization of ecosystem partners for specific capabilities – the IP allows cryptographic enforcement of a debug policy that takes into account the state of the device (e.g. manufacturing and deployment status) and the specific grants the entity attempting to debug has received from an authorized entity (e.g. the OEM behind the device). The IP allows fine granularity of debug control, as well as separated authorization path for different owners of assets in the device.

  • Secure provisioning of code and data, allowing different entities to send assets to the device in a manner preserving the integrity and confidentiality over untrusted communication means.

  • Hardware based management of roots-of-trust, enforcing different access control policies based on the state of the device (e.g. manufacturing and deployment status).

  • Efficient implementation of a rich set of cryptographic services such as:

    • Symmetric ciphers like AES and chacha20 (operational in multiple modes).

    • Hashing functions like SHA1, SHA256 and keyed-hash message authentication code (HMAC) based on these hash functions.

    • Asymmetric cryptographic schemes like RSA and various schemes based Elliptic Curve Cryptography.

    • Random number generation based on a true source of entropy.

The support for some of these modes is optional and allows the integrator to trade off area footprint with performance.

CryptoCell-312 is also available with enhancements which help protect against side-channel attacks (CryptoCell-312P)

Learn more

Want to know more about Security on Arm?

Learn more

Free on-demand training webinar about Arm CryptoCell

Watch now

Simplifying the design of secure IoT systems

Read now

Get support

Arm support

Arm training courses and on-site system-design advisory services enable licensees to realize maximum system performance with lowest risk and fastest time-to-market.

Arm training courses  Open a support case

Community Blogs

Blog post image
Leading the Digital Transformation of the Car at IAA Frankfurt

This week at IAA New Mobility World, to demonstrate the future of in-car experiences, we are exhibiting a market-ready, scalable infotainment and cockpit control system from MediaTek and Mobica, featuring TomTom Navigation.

2 days ago by Andy Moore
Blog post image
Tasking Lives Up To Its Promises

Tasking could help overcome a major resource underutilization issue in High-Performance Computing, When parallel applications partition and distribute compute and data across processors in the system, working together to solve a given problem, they…

2 days ago by Alex Rico
Blog post image
Characterization of Multi-threaded HPC Codes

Core counts continue to increase for High-Performance Computing (HPC) systems, but multiple factors may prevent current software from fully utilizing the increased available thread count. Inter-thread communication and serialized execution may hamper…

2 days ago by Josh Randall
Blog post image
Creating Minimal Docker Images for the Edge

Carefully crafting your Dockerfiles proves to be not only important for minimizing your container attack surface, but also for speeding up the deployment times of applications running both in the cloud and at the edge. In this post we will examine…

3 days ago by Josh Minor
Blog post image
Arm joins CXL - establishing key industry standard to streamline…

Arm joins Compute Express Link (CXL) Consortium, alongside industry leaders, to ensure low friction CXL development and to contribute to the future definition with CXL member companies.

4 days ago by Richard Grisenthwaite
Blog post image
Announcing an ML how-to guide: Deploying a quantized TensorFlow Lite…

Announcing an ML how-to guide which gives an end-to-end solution on using the Arm NN SDK. It acts as a great starting point for mobile app developers who want to trial the Arm NN SDK.

5 days ago by Darren Doyle

Community Forums

Answered Where do I find presentations and photos from SC'18? 2 votes 1337 views 0 replies Started 9 months ago by John Linford Answer this
Suggested answer Provision to get out of BKPT instruction 0 votes 692 views 4 replies Latest yesterday by morghan Answer this
Suggested answer Rookie needs help 0 votes 130 views 1 replies Latest yesterday by Joseph Yiu Answer this
Suggested answer Fail to connect with CM0DSEvel
  • Cortex-M0
  • DesignStart
 0 votes 112 views 1 replies Latest yesterday by Joseph Yiu Answer this
Suggested answer COrtex M7 cache hit rate measurement
  • Cortex-M7
  • performance
  • Cache Management
 0 votes 115 views 1 replies Latest yesterday by Joseph Yiu Answer this
Suggested answer How to detect FPU in Cortex M?
  • Cortex-M
 0 votes 84 views 1 replies Latest yesterday by Joseph Yiu Answer this
Answered Where do I find presentations and photos from SC'18? Started 9 months ago by John Linford 0 replies 1337 views
Suggested answer Provision to get out of BKPT instruction Latest yesterday by morghan 4 replies 692 views
Suggested answer Rookie needs help Latest yesterday by Joseph Yiu 1 replies 130 views
Suggested answer Fail to connect with CM0DSEvel Latest yesterday by Joseph Yiu 1 replies 112 views
Suggested answer COrtex M7 cache hit rate measurement Latest yesterday by Joseph Yiu 1 replies 115 views
Suggested answer How to detect FPU in Cortex M? Latest yesterday by Joseph Yiu 1 replies 84 views