Hardware encryption without black keys

flobro

I have hardware encryption using black keys (CAAM), but the customer would also like hardware encryption without the black keys so an ssd partition can be hardware encrypted but be removed in case of a board failure and decrypted on another machine with the key used.

I cannot seem to get the cipher/key working with dmsetup, and am kind of confused as how to tell the system how to tell the difference between using CAAM generated keys and regular keys.

Is it the "capi" part of the cipher, or something else that determines?

(from the imx8m hardware encryption document)

For HW encryption with a caam-keygen key added to kernel keychain:
dmsetup -v create encrypted --table "0 $(blockdev --getsz /dev/loop0) crypt capi:tk(cbc(aes))-plain :36:logon:logkey: 0 /dev/loop0 0 1 sector_size:512"

How to use regular key?

Bio_TICFSL

Hello,

When using CAAM for hardware encryption, there are two approaches:

1. Using CAAM-generated black keys (device-specific):
- The black keys are encrypted with the device's OPTMK (One-Time Programmable Master Key)
- These keys cannot be transferred between devices
- This is what your current implementation uses

2. Using regular keys with hardware acceleration:
- For your requirement to decrypt data on another machine, you need to use regular keys
- The difference is in the cipher specification with dmsetup

For regular key hardware encryption, modify your dmsetup command by removing the "capi:tk" prefix:

```
dmsetup -v create encrypted --table "0 $(blockdev --getsz /dev/loop0) crypt cbc(aes)-plain :36:logon:logkey: 0 /dev/loop0 0 1 sector_size:512"
```

The key difference is:
- With CAAM black keys: `capi:tk(cbc(aes))-plain`
- With regular keys: `cbc(aes)-plain`

The "tk" in "capi:tk" stands for "tagged key" which indicates CAAM black key usage. By removing this prefix, you're instructing the system to use standard keys while still leveraging hardware acceleration where available.

This approach will allow you to create an encrypted partition that can be moved to another machine and decrypted using the same key.

Regards

在原帖中查看解决方案

Bio_TICFSL

Hello,

When using CAAM for hardware encryption, there are two approaches:

1. Using CAAM-generated black keys (device-specific):
- The black keys are encrypted with the device's OPTMK (One-Time Programmable Master Key)
- These keys cannot be transferred between devices
- This is what your current implementation uses

2. Using regular keys with hardware acceleration:
- For your requirement to decrypt data on another machine, you need to use regular keys
- The difference is in the cipher specification with dmsetup

For regular key hardware encryption, modify your dmsetup command by removing the "capi:tk" prefix:

```
dmsetup -v create encrypted --table "0 $(blockdev --getsz /dev/loop0) crypt cbc(aes)-plain :36:logon:logkey: 0 /dev/loop0 0 1 sector_size:512"
```

The key difference is:
- With CAAM black keys: `capi:tk(cbc(aes))-plain`
- With regular keys: `cbc(aes)-plain`

The "tk" in "capi:tk" stands for "tagged key" which indicates CAAM black key usage. By removing this prefix, you're instructing the system to use standard keys while still leveraging hardware acceleration where available.

This approach will allow you to create an encrypted partition that can be moved to another machine and decrypted using the same key.

Regards

flobro

I did a compare between TK encryption, no TK HW encryption, and software encryption, and to my surprise - writing a 20GB file to the partition with no caching only resulted in a 1 second difference: TK wins, then no tk next, followed by software encryption.

Not real impressive for acceleration

Hardware encryption without black keys

Hardware encryption without black keys

i.MX 8 Family | i.MX 8QuadMax (8QM) | 8QuadPlus

Linux