a question about key import in s32k

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

a question about key import in s32k

990 Views
cfyywcc
Contributor II

In our s32k project, we want to encrypt/decrypt data by using the aes128cbc of CSEc module, but i don't understand how to import the key bytes to the CSEc modle.

in one user manual, i've noticed that, for security purpose we should not use plaintext key in code but use the derived m1-m5, which means:

1.KDF(plaintext key: "123456789abc"), and output M1/M2/M3/M4/M5, which is irreversible, irreversible, irreversible.

2. load M1-M3 to CSEc,and get M4_/M5_

3. compare M4_/M5_ to M4/M5, if matched,it means the key loadinng success

but,,,,,,how ?why?

since the 1st step mentioned above is irreversible,  even if M1//M3 is loaded to CESc, it can not get the original plaintext: "123456789abc", so how does it work to  decrypt one cipher  packet which is encrypted with the key "123456789abc" in my peer host pc.

 

Any kind repy is appreciated!

 

Tags (4)
0 Kudos
Reply
3 Replies

977 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi,

have you already seen AN5401?

https://www.nxp.com/webapp/Download?colCode=AN5401&location=null

https://www.nxp.com/webapp/Download?colCode=AN5401SW&location=null

It should provides all necessary details  you need to know at the beginning.

 

One thing is a key which is used to encrypt/decrypt a message a second thing is the message. A key is loaded to the CSEc during initialization of the device. You can’t read the key anymore, you can only update it if needed (for update, you need to know previous value of the key or MASTER_ECU_KEY). All this behavior is given by SHE specification (you can find that on the web).

If you receive a message encrypted by the same key, the key can be used to decrypt the message and you will get original plain text.

Regards,

Lukas

0 Kudos
Reply

968 Views
cfyywcc
Contributor II

Thanks for your kind reply.

 

Yes,i've already read the an5401 doc

And also i know how to implement the encryption/decryption just step by step.

But i just wonder INSIDE the Csec module how does it get the plaintext key to encrypt or decrypt by just loading key with m1/m3 in code:

(Inside the CSEc) If m1/m3 can be reversely calculated to the original plaintext key,the distribution and declosure of m1/m3 is a safety risk.

(Inside the CSEc) If m1/m3 calculation is irreversable,inside the Csec,how does it get the actual plaintext key to encrypt or decrypt?(i mean... Message Encrypted with key "123456789abc" should be decrypted also with the same key,right?)

 

This is exactly what i don' understand.

I'm confused.....

 

0 Kudos
Reply

947 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi,

the key cannot be reversely calculated from M1-M3 values without knowledge of authorizing key. Moreover, it's not possible to export the key. Only CSEc engine is able to read it. For user, it's not accessible ever. Because the CSEc knows the authorizing key, it's able to get the original plaintext key.

Regards,

Lukas

0 Kudos
Reply