About the structure of Secure JTAG

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

About the structure of Secure JTAG

Jump to solution
2,579 Views
george
Senior Contributor II

Hi All,

I want you to tell about the structure of Secure JTAG.

By reading the document about i.MX6, I learned about Secure JTAG.

  1. In Secure JTAG mode, the JTAG controller output from TDO the Challenge value including unique ID which the Device has. Concurrently, an Internal Response value is generated using the Challenge value and Response key beforehand burned in eFUSE. A specific algorithm is used in order to generate an Internal Response value.
  2. In ICE/debugger side, The Challenge value got from TDO and Response key set up beforehand are processed using the same algorithm as the Device side.
  3. And it's Response value is returned to Device TDI.
  4. Device compares the Internal Response value generated itself with the Response value got from TDI, and judges allow/not-allow to JTAG access.

  • Therefore, Response key in eFUSE and Responce key given to ICE/Debugger are symmetric key.
  • In common with all products, it can be used by setting free hexadecimals to Response key.

Is my understanding described in the above correct?

BR,

George

Labels (1)
0 Kudos
Reply
1 Solution
1,881 Views
igorpadykov
NXP Employee
NXP Employee

Hi George

key is symmetric.

Best regards

igor

View solution in original post

0 Kudos
Reply
6 Replies
1,881 Views
igorpadykov
NXP Employee
NXP Employee

Hi George

Secure JTAG requires external debugger tools (such as Lauterbach Trace32,

ARM RVDS/DS5 Debuggers, etc.) that support the challenge/response-based authentication

mechanism and its usage is described in AN4686 Configuring Secure JTAG for the

i.MX 6 Series Family of Applications Processors. I think your understanding is correct.

Best regards

igor

-----------------------------------------------------------------------------------------------------------------------

Note: If this post answers your question, please click the Correct Answer button. Thank you!

-----------------------------------------------------------------------------------------------------------------------

1,881 Views
george
Senior Contributor II

Dear Igor,

Thank you for the reply.

I already read the document which you say.

However, we have not got yet debugger which can use the Security JTAG function.

And I am uneasy about whether our understanding is correct.

Can one key burned to eFUSE be used for all devices as a common key for JTAG access?

BR,

George

0 Kudos
Reply
1,881 Views
igorpadykov
NXP Employee
NXP Employee

Hi George

sorry, I do not understand your question

Best regards

igor

0 Kudos
Reply
1,881 Views
george
Senior Contributor II

Dear Igor

Is the following correct?

  • Response key in eFUSE and Responce key given to ICE/Debugger are symmetric key.
  • In common with all products, it can be used by setting free hexadecimals to Response key.

BR,

George

0 Kudos
Reply
1,882 Views
igorpadykov
NXP Employee
NXP Employee

Hi George

key is symmetric.

Best regards

igor

0 Kudos
Reply
1,881 Views
george
Senior Contributor II

Thanks.

0 Kudos
Reply