Hello TI team,
What is the role of MPK and MEK in FEK pre-processing in x509 cert generation for HS-SE mode conversion?
Thanks,
Hong
This thread has been locked.
If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.
Hello TI team,
What is the role of MPK and MEK in FEK pre-processing in x509 cert generation for HS-SE mode conversion?
Thanks,
Hong
Hi Hong,
Since the experts on this matter is on holiday (11/14 - 11/15), the response may be delayed. Thank you for your patience.
Meanwhile, refer to
AM243x MCU+ SDK: Understanding the bootflow and bootloaders (ti.com)
for additional details
Best regards,
Ming
Hi Hong,
What is the role of MPK and MEK in FEK pre-processing in x509 cert generation for HS-SE mode conversion?
MEK plays no role in OTP Key Writer x509 cert generation. However, the MPK (private part) is used to sign the certificate.
Best Regards,
Aakash
Just to add more details.
Step 1 per user guide is to create a AES-key using RNG to be used to encrypt SMPK/SMEK and BMPK/BMEK.
Step 2 is actual encryption happening in your KMS system to add confidentiality aspect for SMPK/SMEK and BMPK/BMEK.
Step 3 is essentially binding the SMPK with AES-Key generated in step 1; and to RSA-encrypt AES-key from step 1 using FEK.
Hi I am not clear or couple of points
1. What is the purpose of the AES key? Is it to protect the confidentiality of customer SMEK and BMEK? If yes, I am not able to see how confidentiality is preserved as the AES key itself is encrypted by the FEK, which is managed by TI. This seems that the system which holds the FEK private could decrypt the SMEK and BMEK as it could decrypt the AES key.
2. For SMPK and BMPK, the AES key seems redundant as the private is held at customer and only the public key hash is being encrypted.
1. What is the purpose of the AES key? Is it to protect the confidentiality of customer SMEK and BMEK? If yes, I am not able to see how confidentiality is preserved as the AES key itself is encrypted by the FEK, which is managed by TI. This seems that the system which holds the FEK private could decrypt the SMEK and BMEK as it could decrypt the AES key.
AES Key is encrypted via FEK (public key) which is delivered as part of OTP Key Writer package. The FEK (private key) is available from TI on the target only for decryption of the AES Key. Then the AES key is used to decrypt the other keys "on-the-target".
AES Key is a 256-bit random number used for encryption. This reduces the attack surface and the risk of using single 256-bit symmetric key for this operation for every cycle.
Best Regards,
Aakash