Quetions about security keys in CSE

cancel
Showing results for 
Search instead for 
Did you mean: 

Quetions about security keys in CSE

852 Views
jaejynshin
Contributor III

Hello Experts

 

I am new at the CSE. So I have some trouble to handle the CSE in my MPC5777C device.

I have some questions about MASTER_ECU_KEY

 

1. Can I erase the MASTER_ECU_KEY ?

 

2. How can I know if MASTER_ECU_KEY is already written ?

 

Thank you

Jaejyn

Labels (1)
3 Replies

519 Views
petervlna
NXP Employee
NXP Employee

Hello,

1.The MASTER_ECU_KEY is intended to be populated by the “owner” of the component using
SHE and it can be used to reset SHE or change any of the other keys. 

A  new  MASTER_ECU_KEY  can  be  written  with  the  knowledge  of  the  current  MASTER_ECU_KEY and is protected by the common lock mechanisms described in Chapters 4.1.1, 4.1.2, 4.1.3 and 4.1.4. of SHE specification.
The MASTER_ECU_KEY must be empty after production.

2. The CSE will return 0 if the MASTER_ECU_KEY is empty.

Peter

519 Views
jaejynshin
Contributor III

Thank you Peter Vlna

I have one more question.

I read how to erase previous written keys at the "AN4234: Using the Cryptographic Service Engine(CSE)"

C.1 Appendix C Resetting the secure flash to its factory state

But I can't understand how to generate the KDEBUG value.

KDEBUG is defined as :
• KDEBUG = KDF(MASTER_ECU_KEY ,DEBUG_KEY_C)
• DEBUG_KEY_C = 0x01035348_45008000_00000000_000000B0

What kind of the KDF(Key Deviation function) is it using ?

And DEBUG_KEY_C is always the same value ?

Thank you

Jaejyn

0 Kudos

519 Views
petervlna
NXP Employee
NXP Employee

Hi,

1. MASTER_ECU_KEY can be erased but not by SHE application. so user cannot erase the key.

2. KDF is defined in SHE specification. SHE specification is distributed to HIS members.

see note from SHE spec:

Copyright notice
This document and its content is copyright of AUDI AG and BMW AG ©, 2008.
All rights by reserved. Distribution allowed for all HIS members. You may not, except with express written permission
of all HIS members, distribute or commercially exploit the content. Nor may you transmit it or store it in any other
website or other form of electronic retrieval system.

Peter