This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Question about asymmetric encryption DFU

We have created a firmware and encrypted it with a private key and made it public. When we download it to the chip it's decrypted with a public key stored in the chip. Right? What adnventages does it offer vs. standart symmetric encryption?

Parents

0 Wojtek over 9 years ago

If you are using signing tools from newest SDK, it doesn't encrypt your firmware! If I understand correctly, there is only a checksum (sha-256) of the firmware, that is signed (by your private key) and verified on the chip (by verification - public key). there is no encryption there. So if you are worrying about decompilation of firmware, that is not the solution. It only protects your chip from unauthorized DFU updates (which may brick your device or something)
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 Wojtek over 9 years ago

If you are using signing tools from newest SDK, it doesn't encrypt your firmware! If I understand correctly, there is only a checksum (sha-256) of the firmware, that is signed (by your private key) and verified on the chip (by verification - public key). there is no encryption there. So if you are worrying about decompilation of firmware, that is not the solution. It only protects your chip from unauthorized DFU updates (which may brick your device or something)
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data