Normal World and Secure World using TrustZone Diagram.

Getting Started

The Arm CryptoCell-300 family of embedded security solutions is aimed at high efficiency systems with emphasis on small footprint and low power consumption. The CryptoCell-300 family offers platform security services as well as a rich set of cryptographic services, targeting multiple threats. These services are needed across various Internet of Things (IoT) domains such as home automation, factory automation, smart energy, industrial IoT and other areas where there is potential usage of an Arm Cortex-M processor. 

The CryptoCell-300 family uses a modular approach which consists of control and scheduling, data interfaces, cryptography and various security resources to enable the right level of security and PPA trade-offs for a particular threat model.

CryptoCell complements TrustZone for Armv8-M and together these solutions form a Trusted Execution Environment (TEE). This helps reduce the attack surface and isolate sensitive assets and processes from potentially malicious application code.

Key Features

The CryptoCell-300 family provides these key features to owners of assets on the platform (chip vendors, device makers and more):

  • Brand-name and IP protection through enforcement of code authentication and code confidentiality – the IP allows an image owner to deliver the code to the target device – in the field or on the manufacturing floor - signed and encrypted. That code owner can be a chip vendor, a device maker, or other entities in the ecosystem. The model allows chip vendors and other entities to rely on different roots of trust, without having to share them.

  • Authenticated debug, allowing authorization of ecosystem partners for specific capabilities – the IP allows cryptographic enforcement of a debug policy that takes into account the state of the device (e.g. manufacturing and deployment status) and the specific grants the entity attempting to debug has received from an authorized entity (e.g. the OEM behind the device). The IP allows fine granularity of debug control, as well as separated authorization path for different owners of assets in the device.

  • Secure provisioning of code and data, allowing different entities to send assets to the device in a manner preserving the integrity and confidentiality over untrusted communication means.

  • Hardware based management of roots-of-trust, enforcing different access control policies based on the state of the device (e.g. manufacturing and deployment status).

  • Efficient implementation of a rich set of cryptographic services such as:
    • Symmetric ciphers like AES and chacha20 (operational in multiple modes).
    • Hashing functions like SHA1, SHA256 and keyed-hash message authentication code (HMAC) based on these hash functions.
    • Asymmetric cryptographic schemes like RSA and various schemes based Elliptic Curve Cryptography.
    • Random number generation based on a true source of entropy.

The support for some of these modes is optional and allows the integrator to trade off area footprint with performance.

Want to know more about Security on Arm?

Learn more

Free on-demand training webinar about Arm CryptoCell

Watch now

Simplifying the design of secure IoT systems

Read now

Get support

Community Blogs

Blog post image
PlasticArm: Realizing the full potential of the Internet of Things

PlasticArm is bringing the possibility of seamlessly embedding billions of extremely low-cost, ultra-thin, conformable microprocessors into everyday objects – a significant leap forward in realising the Internet of Everything.

4 days ago by Charlotte Christopherson
Blog post image
Gain up to 35% performance benefits for deploying Redis on AWS Graviton2

In this blog we compare the performance of Redis on Arm-based AWS Graviton2 processors to Intel Xeon processors.

5 days ago by Pranay Bakre
Blog post image
Buried interconnects for signal routing

Buried interconnects can help mitigate the interconnect resistance issue and augment the technology scaling roadmap for sub-5nm process nodes.

9 days ago by Rahul Mathur
Blog post image
Arm机密计算架构技术白皮书

作者:Arm 首席应用工程师 David Brooke 原文:https://developer.arm.com/documentation/den0125/0100 1.      概述 在本篇文章中,我们将介绍机密计算(Confidential Computing)在现代计算平台中扮演的角色,并解释机密计算的原理。然后我们将说明 Arm 机密计算架构 (Arm CCA) 如何在 Arm 计算平台中实现机密计算。 看完本文后,您将能够: 定义

9 days ago by Zenon Xiu (修志龙)
1
Blog post image
The journey to a brave new world of secure, easy to deploy and maintain…

The first SystemReady IR product, the NXP i.MX 8M Mini EVK has been certified, leading the charge towards a consistent and best-in-class cloud native experience at the IoT edge.

11 days ago by Olivier Bernard
1
Blog post image
Introducing the Scalable Matrix Extension for the Armv9-A Architecture

In this blog, read the details for Scalable Matrix Extension (SME). This is a new extension from the latest Arm Vision day announcement for Armv9-A.

11 days ago by Martin Weidmann

Community Forums

Answered Where should I ask my question?
  • ARM Community
 0 votes 7975 views 5 replies Latest 2 months ago by Andy Neil Answer this
Answered Forum FAQs
  • ARM Community
 0 votes 5193 views 0 replies Started 8 months ago by Annie Answer this
Answered Forum FAQs
  • ARM Community
 0 votes 807 views 0 replies Started 8 months ago by Annie Answer this
Answered Forum FAQs
  • ARM Community
 0 votes 889 views 0 replies Started 8 months ago by Annie Answer this
Answered Forum FAQs
  • ARM Community
 0 votes 1814 views 0 replies Started 8 months ago by Annie Answer this
Answered Forum FAQs
  • ARM Community
 0 votes 1068 views 0 replies Started 8 months ago by Annie Answer this
Answered Where should I ask my question? Latest 2 months ago by Andy Neil 5 replies 7975 views
Answered Forum FAQs Started 8 months ago by Annie 0 replies 5193 views
Answered Forum FAQs Started 8 months ago by Annie 0 replies 807 views
Answered Forum FAQs Started 8 months ago by Annie 0 replies 889 views
Answered Forum FAQs Started 8 months ago by Annie 0 replies 1814 views
Answered Forum FAQs Started 8 months ago by Annie 0 replies 1068 views