[i.MX6ULL] dcp: UNIQUE_KEY

cancel
Showing results for 
Search instead for 
Did you mean: 

[i.MX6ULL] dcp: UNIQUE_KEY

260 Views
ceggers
Contributor III

IMX6ULLSRM.pdf, page 162, 5.3.2.2 AES OTP key

The DCP receives a 64-bit UNIQUE KEY and a 128-bit CRYPTO KEY.

...

To use the OTP key, the descriptor packet must set the OTP_KEY field in the Control1
register (see Control1 field).

  1. As the UNIQUE_KEY is only 64-bit, it is not useful for AES-128 operation, right?

IMX6ULLSRM.pdf, page 165, 5.3.4 One-Time Programmable (OTP) key

The OTP key (CRYPTO KEY) can be selected using the DCP_Control1[OTP_KEY] bit
in the control field of the packet descriptor or by using the key select 0xFF in the CTRL1
field of the descriptor. The DCP also supports a second hardware key called the UNIQUE
KEY which is generated from the OTP KEY and the key modifier bits from other OTP
fuse fields. This key is unique to the device and can be used to encrypt the private data
stored on the NAND. This key can be selected by writing 0xFE to the KEY_SELECT
field in the CTRL1 packet data.

  1. Does the UNIQUE_KEY contain real entropy, or is it directly created from the UNIQUE_ID fuses?
  2. What are the applications for using UNIQUE_KEY instead of CRYPTO_KEY?
  3. How do I select UNIQUE_KEY. Do I only have to select 0xFE for KEY_SELECT, or do I also need to set DCP_Control1[OTP_KEY]? Can you fill the table for me:
    KeyDCP_CONTROL1[OTP_KEY]KEY_SELECT
    CRYPTO_KEY
    UNIQUE_KEY
Labels (1)
Tags (3)
0 Kudos
2 Replies

156 Views
Yuri
NXP TechSupport
NXP TechSupport

Hello,

  I've sent You some comments directly.

Regards,

Yuri.

0 Kudos

156 Views
changbaoma
Contributor III

Dear Yuri Muhin,please also sent me your comments directly

0 Kudos