I am working on an embedded device which send/receive data and stored them in ciphertext mode (encrypted mode).
Now what's best approach for storing keys (I used ARM CORTEX M series MCU)?
1-Storing keys in the SRAM memory and in each booting sequence, inject keys to the embedded MCU and store them in the SRAM memory.
It is best way I think,then when MCU sense penetration (with tamper sensor or …) it can erased SRAM quickly and reset itself.
Disadvantage: if attacker success to pass tampers and access to device, how safe is SRAM memory (against code mining). I can't find any security ability for this memory in MCUs.
2-Generate keys and stored them in the flash memory in programming MCU.
MCU flash memory's support CRP (code read protection) which prevent from code mining and with assist of its internal AES engine and RNG (random number generation) engine we can make a random key and encrypt flash memory and stored that random key in the OTP (one time programmable memory -a 128 bit encrypted memory), then in code execution we decode flash memory with RNG key and access to initial key and codes.
Disadvantage: Keys stored in a non volatile memory, tampers will be useless and attacker have a lot of time to mine keys.
3-Stored key in the EEPROM memory,combination of 2 above approach, key stored in the non volatile memory but when tampers sense penetration EEPROM is erasable.
I consider LPC18S57FBD208(cortex m3 with 1MB of flash memory, 180MHZ, 136KB SRAM, 16KB EEPROM and a TFT LCD controller which i need to drive a 7" TFT LCD and AES 128 bit crypto engine) for that is there any other better suggestion?