About the structure of Secure JTAG

george · ‎03-17-2015

Hi All,

I want you to tell about the structure of Secure JTAG.

By reading the document about i.MX6, I learned about Secure JTAG.

In Secure JTAG mode, the JTAG controller output from TDO the Challenge value including unique ID which the Device has. Concurrently, an Internal Response value is generated using the Challenge value and Response key beforehand burned in eFUSE. A specific algorithm is used in order to generate an Internal Response value.
In ICE/debugger side, The Challenge value got from TDO and Response key set up beforehand are processed using the same algorithm as the Device side.
And it's Response value is returned to Device TDI.
Device compares the Internal Response value generated itself with the Response value got from TDI, and judges allow/not-allow to JTAG access.

Therefore, Response key in eFUSE and Responce key given to ICE/Debugger are symmetric key.
In common with all products, it can be used by setting free hexadecimals to Response key.

Is my understanding described in the above correct?

BR,

George

igorpadykov · ‎03-20-2015

Hi George

key is symmetric.

Best regards

igor

igorpadykov · ‎03-17-2015

Hi George

Secure JTAG requires external debugger tools (such as Lauterbach Trace32,

ARM RVDS/DS5 Debuggers, etc.) that support the challenge/response-based authentication

mechanism and its usage is described in AN4686 Configuring Secure JTAG for the

i.MX 6 Series Family of Applications Processors. I think your understanding is correct.

Best regards

igor

-----------------------------------------------------------------------------------------------------------------------

Note: If this post answers your question, please click the Correct Answer button. Thank you!

-----------------------------------------------------------------------------------------------------------------------

george · ‎03-19-2015

Dear Igor,

Thank you for the reply.

I already read the document which you say.

However, we have not got yet debugger which can use the Security JTAG function.

And I am uneasy about whether our understanding is correct.

Can one key burned to eFUSE be used for all devices as a common key for JTAG access?

BR,

George

igorpadykov · ‎03-19-2015

Hi George

sorry, I do not understand your question

Best regards

igor

george · ‎03-19-2015

Dear Igor

Is the following correct?

Response key in eFUSE and Responce key given to ICE/Debugger are symmetric key.
In common with all products, it can be used by setting free hexadecimals to Response key.

BR,

George

igorpadykov · ‎03-20-2015

Hi George

key is symmetric.

Best regards

igor

george · ‎03-22-2015

Thanks.