The initial key is obtained from the PMC CDO in both the master and slave SLRs. The master SLR has three keys in its PMC CDO, with one key required for each slave SLR. These three keys are then transferred to the USER_KEY_6 register for SSLR1, USER_KEY_5 register for SSLR2, and USER_KEY_4 register for SSLR3. Similarly, each slave SLR has a key in its PMC CDO, which is copied to the USER_KEY_6 register.
The application running on the client requests the TRNG to generate two 128-bit IVs, named IV1 and IV2, and a 256-bit key. These IVs and key are sent to master through configure secure communication command. This command contains IV1, IV2, and the key to be used for secure communication and the slave SLR number to which these IVs and key belong. On reception of configure secure communication command for the first time, the master PLM updates IV1 as current IV and encrypts IV2 and key with the current key-IV pair.
Master sends IV1 and encrypted key-IV2 pair to slave SLR to which they belong. Slave SLR updates IV1 as current IV and decrypts received key-IV2 pair with current key-IV pair. Decrypted key and IV2 are stored as a new key and an IV. Slave SLR increments IV by one and sends a response to the master without encryption because secure communication is not yet established. IV increment is done to use unique IV for each unique data set sent. After sending the response, the slave updates the current key and IV with decrypted key and IV2. Master processes the response. If the response is success, the master PLM updates the current key and IV with key, IV2 and sends response to the application for the configure secure communication command served.