AnsweredAssumed Answered

Secure a private key when tamper detection occurs 

Question asked by sankar salla on Oct 8, 2018
Latest reply on Oct 15, 2018 by igorpadykov

Hi All,

 

We are working on tamper detection in i.MX6UL-G3.

 

We have some doubts regarding tamper detection.


We read the zmk register in driver,once external tamper detects zmk value automatically goes to zero.

 

We set zmk value is 0x11223344, before tampering zmk value is 11223344 and after tampered zmk value is zero.

 

Please find before and after tamper detect status of registers in bootlog.


Before tampering:


status.lptdsr=0 (means no tamper is detected)

status.hp=80009b00
(hp command register say it is non-secure state)


zmk=11223344


After tampered:


tamper detected!

status.lptdsr=4 (means external tamper 3 is detected)

status.hp=80009b00 (hp command register say it is non-secure state)

zmk=0


So,based on i.MX6UL SRM ,we feel tamper detection working fine.


Our question is how to protect/secure  a private key (part of the blob) from user-space ?


Can you please help us, where we have to keep that private key and how to secure private key using blobs, once tamper occurs ?

 

Our  project dead lines are very near to the date,can you please help us to solve this issue.

 

Thanks & Regards,

Sankar. 

Outcomes