• State Verified Answer
  • Replies 1 reply
  • Subscribers 62 subscribers
  • Views 3169 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 119130
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

DFU Signing\Encryption Security

cp52

I can see in the latest SDK 12.2 that signing of the dfu firmware files is possible.

Am I right in thinking that this signing verifies the source of the firmware files and does not encrypt them?

And if we want to protect against reverse engineering of the bin files then we need encryption as well.

  • 0

    You are correct, the signing feature is only used to verify that the firmware image has been generated by a trusted source. The firmware image itself is not encrypted and is sent in plain text unless you add additional encryption at the application layer or use the build-in Link Layer encryption of BLE. However, you have to take into account that the image must be sent securely to a mobile device( Android or iOS), so I would recommend the first option as this allows you to implement end-to-end encryption.

    Best regards

    Bjørn

Related

core_v2_widget.Hide()