nRF Security

The nRF Security subsystem (nrf_security) integrates cryptographic services for SoCs from Nordic Semiconductor.

The nRF Security subsystem provides:

• A unified interface to both PSA Crypto APIs and Mbed TLS APIs

• Hardware acceleration through dedicated cryptographic libraries on selected SoCs (nrf_cc3xx, CRACEN), with binary versions of the libraries listed in Cryptographic libraries

• Software fallbacks when hardware acceleration is unavailable (nrf_oberon)

• A PSA driver abstraction layer enabling simultaneous use of hardware and software implementations

• Compatibility with the specific Mbed TLS version included in the nRF Connect SDK through sdk-mbedtls

• Integration logic for the Oberon PSA Crypto core (sdk-oberon-psa-crypto)

• Source code for the CRACEN driver

• Integration with the nRF Connect SDK build system

The nRF Security subsystem can interface with the nrf_cc3xx_mbedcrypto library. This library conforms to the specific revision of Mbed TLS that is supplied through the nRF Connect SDK.

Subpages:

• Enabling nRF Security
• Configuring nRF Security with legacy crypto APIs
  • Deprecation of legacy crypto support
  • Configuring the legacy crypto backend
  • AES configuration
  • AES cipher configuration
  • CMAC configuration
  • AEAD configurations
  • DHM configurations
  • ECC configurations
  • ECDH configurations
  • ECDSA configurations
  • ECJPAKE configurations
  • ECC curves configurations
  • RSA configurations
  • Secure Hash configurations