ヘルプ
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

PKI HABv4 CA flag set

キャンセル
提案をオンにする
自動提案では、入力時に可能な一致が提案されるので検索結果を素早く絞り込むことができます。
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 
解決済み
ソリューションへジャンプ

PKI HABv4 CA flag set

ソリューションへジャンプ
‎06-14-2021 07:20 AM
1,506件の閲覧回数
antonio_santagi
Contributor IV

Hello,

 regarding HABv4 on imx8M-mini, 

we read on 

https://www.nxp.com/docs/en/application-note/AN4581.pdf 

at paragraph "5.1.1 Generating PKI tree for fast authentication"

that 

“Unless boot time is critical, it is recommended that the SRK have the CA flag, and the CSF and IMG keys used to validate their respective data. The fast authentication feature supplies the user with a faster boot time, at the cost of a less robust signature.”

why the signature is less robust when not using CSF and IMG keys ( when in fast authentication mode ) ?

could you explain this comment ? we can't find a real reason why using fast authentication mode would lead to a less robust signature , does this mean less secure for some reason or in some cases ?

 

thank you 

 

0 件の賞賛
返信
1 解決策

ソリューションへジャンプ
‎06-15-2021 08:28 PM
1,466件の閲覧回数
Yuri
NXP Employee
NXP Employee

@antonio_santagi 
Hello,

    It is possible to use new IMG and CSF keys instead of compromised and
sign image again without revoking the SRK.

Regards,
Yuri.

元の投稿で解決策を見る

0 件の賞賛
返信
4 返答(返信)

ソリューションへジャンプ
‎06-15-2021 12:21 AM
1,494件の閲覧回数
antonio_santagi
Contributor IV

Yes, but if then you want to revoke compromised keys you need to revoke the correspondent SRK key, you can't revoke the IMG and CSF keys.

0 件の賞賛
返信

ソリューションへジャンプ
‎06-15-2021 08:28 PM
1,467件の閲覧回数
Yuri
NXP Employee
NXP Employee

@antonio_santagi 
Hello,

    It is possible to use new IMG and CSF keys instead of compromised and
sign image again without revoking the SRK.

Regards,
Yuri.

0 件の賞賛
返信

ソリューションへジャンプ
‎08-01-2023 11:36 AM
816件の閲覧回数
leonardoveiga
Contributor I

It is possible to use new IMG and CSF keys instead of compromised and
sign image again without revoking the SRK.

I don't understand what is the value of using new IMG and CSF keys in this case, since the old compromised IMG and CSF keys will still be able to sign valid software, as they are (both old and new IMG and CSF) generated from the same SRK.

And in this case - due to the fact that only SRK hashes are burned to eFuses, while IMG and CSF fuses are not - to revoke the old compromised IMG and CSF keys, one would need to revoke the SRK, thus also revoking any new IMG and CSF keys as well.

0 件の賞賛
返信

ソリューションへジャンプ
‎06-14-2021 10:58 PM
1,498件の閲覧回数
Yuri
NXP Employee
NXP Employee

@antonio_santagi
Hello,

   for standard scheme the SRK is stored by one person / organization, but  the CSF and IMG
keys may be used by other person / organization. Under such approach even if the CSF and IMG
keys are compromised - the SRK does not.

 

Regards,
Yuri.

 

0 件の賞賛
返信