FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

IMXRT1052 XIP Encryption Issue

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED
Jump to solution

IMXRT1052 XIP Encryption Issue

Jump to solution
‎12-01-2024 07:14 PM
694 Views
acallamp
Contributor III

May I ask the expert: RT1052+XIP encryption method? If I want to use the UID of the chip as the key without burning the fuse, which solution should I choose to encrypt and generate the image? Because I am worried that after burning the fuse, the chip cannot be reused. May I ask if there are any good methods for encryption. It is also beneficial for the factory to facilitate mass production.

0 Kudos
Reply
1 Solution

Jump to solution
‎12-01-2024 11:54 PM
670 Views
marek-trmac
NXP Employee
NXP Employee

Hi,

"Encrypted mode with UID" => "BEE with OTPMK". The mode is available only for signed images, so it will require to burn fuses for signing.

You can always review, which fuses will be burnt in:

1) OTP Configuration dialog (use filter "Required")

2) Prior the write script is executed, the GUI tool first check the fuses in the processor and then displays all irreversible changes.

After the fuses burnt, the chip still can be used with the same keys. Fuse bit burnt to 1 cannot be reverted to 0 anymore.

> May I ask if there are any good methods for encryption
You need to decide, whether you need same flash content for all products. If yes, you need same key for all products and you must use user key. Using UID/OTPMK means each product uses different key, so flash content is different.

 

 

Regards,
Marek


NOTE: If you find the answer useful, kindly click on [ACCEPT AS SOLUTION] button

View solution in original post

Reply
2 Replies

Jump to solution
‎12-01-2024 11:54 PM
671 Views
marek-trmac
NXP Employee
NXP Employee

Hi,

"Encrypted mode with UID" => "BEE with OTPMK". The mode is available only for signed images, so it will require to burn fuses for signing.

You can always review, which fuses will be burnt in:

1) OTP Configuration dialog (use filter "Required")

2) Prior the write script is executed, the GUI tool first check the fuses in the processor and then displays all irreversible changes.

After the fuses burnt, the chip still can be used with the same keys. Fuse bit burnt to 1 cannot be reverted to 0 anymore.

> May I ask if there are any good methods for encryption
You need to decide, whether you need same flash content for all products. If yes, you need same key for all products and you must use user key. Using UID/OTPMK means each product uses different key, so flash content is different.

 

 

Regards,
Marek


NOTE: If you find the answer useful, kindly click on [ACCEPT AS SOLUTION] button
Reply

Jump to solution
‎12-02-2024 12:41 AM
661 Views
acallamp
Contributor III
HI:
Does MFGTOOL only support USB and have production software that supports UART?
0 Kudos
Reply