# key management creation/distribution/delection/destroy/update/storage ## Function provided by key management 1. **Generate device key** a. Send to ECC to generate public key b. Send to ECC and AES for encryption 2. **Generate random number** 3. **Generate session key** a. Generate its meta data b. Store the key in the key buffer c. Store the meta data in the meta data buffer 4. **Store the session key** a. Store the key in the key buffer b. Store the meta data in the meta data buffer ## Input/Output | Name | I/O | Width |Description | | :--------: | :--------: |:---:| :-------- | | Mode | Input | 3 | Select the mode(G_K~P~, G_R~N~, G_K~S~, R_K~P~, S_K~S~) | | Destination | Input | 2 | Select the destination(AES, ECC, Flash, Processor) | | Device_ID | Input | x | Device ID of the corresponding session key | | Input_data | Input | 256 | Session key or helper data | | Correction_bits | Input | 32 | For PUF value correction | | Helper_data | Output | 256 | For reproduce the K~P~ | | Correction_bits | Output | 32 | For PUF value correction | | KMtoAES |Output | 256 | Output R~N~, K~P~ or K~S~ to AES module | | KMtoECC |Output | 256 | Output R~N~, K~P~ or K~S~ to ECC module | | KMtoProcessor |Output | 256 | Output R~N~, K~P~ or K~S~ to the processor | >K~P~: Private key >R~N~: Random number >K~S~: Session key > >G_K~P~: Generate the private key >G_R~N~: Generate a random number >R_K~P~: Reproduce the private key >G_K~S~: generate a session key >S_K~S~: Store the session key \ \ ## Architecture \