ARM TrustZone CryptoCell is a hardware accelerator that is available in the nRF52840 SoC. It adds hardware support for a range of security features, including advanced features that are not covered by the Cryptography library . See the nRF52840 Product Specification for detailed information about CryptoCell.
Hardware-accelerated security operations are usually faster and consume less power than the software backend that is used by the Cryptography library . However, the CryptoCell library requires hardware support and is therefore available only on the nRF52840 SoC.
The CryptoCell library supports the following cryptographic routines:
- Advanced Encryption Standard
- ChaCha stream cipher
- Diffie-Hellman key exchange, as defined in PKCS#3 with key length 1024-bit and 2048-bit
- Elliptic Curve Cryptography, supporting Edwards and Montgomery families of curves (ECC EWD and ECC MONT)
- Elliptic Curve Digital Signature Algorithm (ECDSA)
- Elliptic Curve Diffie-Hellman (ECDH)
- MD5
- SHA-1
- SHA-2 (SHA-224, SHA-256, SHA-384, and SHA-512)
- Keyed-hash message authentication codes (HMAC)
- HMAC-based key derivation function (HKDF), as defined in PKCS#3
- Random number generation (reference standard SP800-90)
- RSA
- Secure Remote Password protocol (SRP)
Using the CryptoCell library
To use CryptoCell functionality, link in the runtime library
nrf_cc310
. The library is available in the
external\nrf_cc310\lib
folder. See the
CryptoCell API
for an overview of available functionality.
For examples of API usage, see the Experimental: CryptoCell examples .