This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Usage of RTL and Device root key in Cryptocell

Hello,

While an attempt to develop solid security mode bulded around Root of Trust starting from RTL and Device root key we found that unfortunately, it is mentioned in ssi_aes.h of latest 15.0.0 SDK:

SASI_AES_USER_KEY = 0, /*!< user key.* /
SASI_AES_PLATFORM_KEY = 1, /*!< Kplt hardware key.* / - is it K(RTL)?
SASI_AES_CUSTOMER_KEY = 2, /*!< Kcst hardware key.* / - is it K(DR)?

         /* Currently only SASI_AES_USER_KEY is supported - the key is plaintext and provided in the pKeyData parameter. */

Are there planned dates to implement hardware keys functionality? It provides the good way to build the whole security model with the connection to Root of Trust. Currently used User key is much more less securely stored as I see

Parents Reply Children
Related