• State TI Thinks Resolved
  • Locked Locked
  • Replies 15 replies
  • Answers 3 answers
  • Subscribers 31 subscribers
  • Views 387 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

AM2632-Q1: Missing symmetric key in HSM Runtime

HS FAE Germany
Mastermind 32210 points
Part Number: AM2632-Q1

Tool/software:

Hi,

customer has found that the symmetric key for decrypting the data from the ROM bootloader is not provided to the HSM Runtime.

In the generated function KEYRING_Init() in the file TIFs_modules_config.c, the key from the gAssetInfo.derivedKey is copied to the gKeyringSymKey array.
However, the information gAssetInfo.derivedKey is 0. GAssetInfo is described by the ROM loader according to the information from the linker file.

How do they get to the symmetric key? Do they need to access the OTP data directly?

Regards, Holger

  • 0
    TI__Guru* 84766 points

    Hi Holger,

    Let me check this and get back to you by tomorrow.

    Regards,

    Nikhil 

  • 0 in reply to Nikhil Dasan
    TI__Guru* 84766 points

    Hi Holger,

    Sorry for the delay in response

    You would see the gAssetInfo.derivedKey is 0 when the SBL and HSMRt are not encrypted. This parameter is filled by ROM and as SBL and HSMRt are not encrypted, this is filled as 0.

    In the SDK you could make ENC_SBL_ENABLED = yes to encrypt the SBL binary and in TIFS you could make ENC_ENABLED = yes to encrypt the HSM binary. 

    After this, you should this derived key populated.

    No Encryption on SBL and TIFS images

    Encrypted SBL and TIFS images

    Hope this answers your query

    Regards,

    Nikhil

  • 0 in reply to Nikhil Dasan
    TI__Mastermind 32210 points

    Hi Nikhil,
    that didn't work for the customer. How was the iteration count set in the CA? Did you use a Salt in the test?

    Regards, Holger

  • 0 in reply to HS FAE Germany
    TI__Guru* 84766 points

    Hi Holger,

    I used the default SDK offering.

    i.e. To encrypt the SBL images, below is the command used 

    $(BOOTIMAGE_CERT_GEN_CMD) --sbl-enc --enc-key $(APP_ENCRYPTION_KEY) --image-bin $(BOOTIMAGE_PATH)/$(BOOTIMAGE_BIN_NAME) --core R5 --swrv 1 --loadaddr $(SBL_RUN_ADDRESS) --sign-key $(BOOTIMAGE_CERT_KEY) --kd-salt $(KD_SALT) --out-image $(BOOTIMAGE_PATH)/$(BOOTIMAGE_NAME) --device am263x

    BOOTIMAGE_CERT_GEN_CMD=$(PYTHON) $(MCU_PLUS_SDK_PATH)/source/security/security_common/tools/boot/signing/mcu_rom_image_gen.py

    APP_ENCRYPTION_KEY =$(MCU_PLUS_SDK_PATH)/source/security/security_common/tools/boot/signing/mcu_custMek.key

    BOOTIMAGE_BIN_NAME:= sbl_qspi.debug.bin

    SBL_RUN_ADDRESS=0x70002000

    BOOTIMAGE_CERT_KEY = $(MCU_PLUS_SDK_PATH)/source/security/security_common/tools/boot/signing/mcu_custMpk.pem

    KD_SALT = $(MCU_PLUS_SDK_PATH)/source/security/security_common/tools/boot/signing/kd_salt.txt

    BOOTIMAGE_NAME = sbl_qspi.debug.hs.tiimage

    enc_iter_count is set to 1 by the python script mcu_rom_image_gen.py when a salt is provided.

    Regards,

    Nikhil Dasan

  • 0 in reply to Nikhil Dasan
    TI__Mastermind 32210 points

    Hi Nikhil,
    what happens if you set the iteration count to 0 and don't use Salt?
    Which AM263x have you used?

    Regards, Holger

  • 0 in reply to HS FAE Germany
    TI__Guru* 84766 points

    Hi Holger,

    When there is no Salt provided and iter count is 0, then ROM does not put the derived keys in the asset info.

    I am using PROC110E2A(001) AM263x 

    Regards,

    Nikhil

  • 0 in reply to Nikhil Dasan
    TI__Mastermind 32210 points

    Hi Nikhil,

    does this mean that when using the SMEK or BMEK, you always have to encrypt the data with a salt so that you can use the HSM RT to encrypt the image with the SMEK or can decrypt BMEK?
    Or there is a possibility that they can contact the SMEK or from OTP memory?

    Is that one of the reasons why the keyrings were introduced? Resp. Decrypting in MCU+ SDK version 9 didn't work?

    Regards, Holger

  • 0 in reply to HS FAE Germany
    TI__Guru* 84766 points

    The ROM would write the keys to the asset info, only when we provide the salt and iter count. If not provided, then the symmetric key would be in the raw form (i.e. not derived) and putting the same into the asset info is a risk to the security.

    So, salt and iter count is a must for this.

    Even the keyring uses this derived key to decrypt the keys passed via keyring.

    So without salt and iter count, the derived key is not written and the decryption by TIFS cannot happen

    Regards,

    Nikhil

  • 0 in reply to Nikhil Dasan
    TI__Mastermind 32210 points

    Hi Nikhil,

    he was able to understand the process. The SMEK or the BMEK are useless for them, unless you always prefer to use the same salt over all images (SBL, HSM RT and APP). But this does not correspond to the principle of salt.

    You you provide an example of how they can use the HSM RT to the SMEK or BMEK?!

    Regards, Holger

  • 0 in reply to HS FAE Germany
    TI__Guru* 84766 points

    Hi Holger,

    Just to confirm their flow, are they encyrpting SBL and APP with the same keys (i.e. SMEK / BMEK) which is efused to the device? 

    Or are they encrypting the SBL with SMEK/BMEK and the app using the additional keys using keyring?

    Regards,
    Nikhil Dasan

  • 0 in reply to Nikhil Dasan
    TI__Mastermind 32210 points

    Hi Nikhil,

    is this correctly, if they want to download a key asymmetrical or symmetrical by means of a keyring, for the encryption the SMEK resp. Need to use BMEK?
    If so, they would always have to use the same salt used to encrypt the SBL.May be a salt does not make sense because it is intended to prevent symmetries in the data so that the data to be protected cannot be identified. In their opinion, the salt must always be chosen randomly so that exactly such symmetries can be excluded. Is the assumption correct, that the salt does not offer any additional protection in this case.

    Regards, Holger

  • 0 in reply to HS FAE Germany
    TI__Mastermind 32210 points

    Hi,

    > Just to confirm their flow, are they encyrpting SBL and APP with the same keys (i.e. SMEK / BMEK) which is efused to the device?
    yes

    > Or are they encrypting the SBL with SMEK/BMEK and the app using the additional keys using keyring?
    No. This does not correspond to the concept they specified with the customer.
    In addition, the customer would have to provide them with several keys. This makes handling even more complex.

    Regards, Holger

  • 0 in reply to HS FAE Germany
    TI__Guru* 84766 points

    Hi,

    HS FAE Germany said:
    > Just to confirm their flow, are they encyrpting SBL and APP with the same keys (i.e. SMEK / BMEK) which is efused to the device?
    yes

    > Or are they encrypting the SBL with SMEK/BMEK and the app using the additional keys using keyring?
    No. This does not correspond to the concept they specified with the customer.
    In addition, the customer would have to provide them with several keys. This makes handling even more complex.

    ok..understood,
    So to keep it straight and simple,

    If customer is not using auxiliary keys (i.e. keys imported via keyring) to encrypt the application, then they would have to encrypt the application with the same derived keys (i.e. same SMEK / BMEK + salt) used to encrypt SBL image.

    This is because, ROM populates the gAssetInfo.derivedKeys upon decrypting the SBL and the TIFS uses this gAssetInfo.derivedKeys to decrypt the encrypted application.

    Regards,

    Nikhil Dasan

  • 0 in reply to Nikhil Dasan
    TI__Mastermind 32210 points

    Hi,
    now customer has rewritten the HSM RT and all functions have been implemented. The only downside is that they cannot use the salt as it is intended.

    Regards, Holger

  • 0 in reply to HS FAE Germany
    TI__Guru* 84766 points

    Hi Holger,

    HS FAE Germany said:
    The only downside is that they cannot use the salt as it is intended.

    Sorry, could you elaborate that? 

    What is the current limitation on HSMRT? What is the issue that customer is facing currently?

    Are they encrypting the SBL using derived key (SMEK/BMEK + salt) ?

    Is there a concern using the same derived key to encrypt the application images?

    Regards,

    Nikhil Dasan