As I known, the CSEc key will be loaded in the format of M1, M2, M3, and the M4, M5 are used to check the result of key load. It is safe for that the calculation is irreversible, but I want to know that after loading the key to CSEc slot, whether the key is decrypted or still stored as the format of M1 to M5?
Hi,
it follows SHE specification:
Regards,
Lukas
Thanks for the reply. Refer to the attachment, I will suppose that when the key like BOOT_MAC_KEY loaded to slot, it will be encrypted with the AES in ECB mode. And when it used like BOOT_MAC calculation, it is still read in AES encrypted form. Am I correct?
Hi,
I'm sorry for delayed response.
From user's point of view, this is completely hidden to user. A user can use the keys or BOOT_MAC as needed and knowledge of these background operations is not needed. It follows SHE specification to ensure the keys / BOOT_MAC are protected as required. We can't share more details.
Regards,
Lukas