JEDEC JESD261

This standard provides a comprehensive definition of the NOR cryptographic security hardware abstraction layer (HAL). It also provides design guidelines and reference software to reduce design-in overhead and facilitate the second sourcing of secure memory devices. It does not attempt to standardize any other interaction to the NOR device that is not related to cryptographic security functionality within the device.

The API definition and functionality described herein require a baseline of symmetric cryptographic capability within supporting memory devices. This architecture does not preclude asymmetric cryptographic functionality in the general sense but does not address asymmetric functionality at the present time.

As with any cryptosystem rooted with symmetric cryptography, a non-ephemeral symmetric secret (key) must be shared between two parties to ensure intended functionality and should be done in a secure manner. This process, typically called key provisioning, is assumed to have already taken place relative to this standard for the targeted computing platform and secure memory device. As such, this standard assumes that a shared secret (nonvolatile root key) already exists between the host and the secure memory device. Initial nonvolatile (pre-shared) key provisioning between a host and memory device will therefore not be addressed by this standard.