This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

The difference between CEK to KEK on secure OMAl138

Other Parts Discussed in Thread: OMAPL138

Hello,

I got quite confused after reading the omapL138 security Guide, please tell me if what I state is right or not:

The CEK is 128 bit number called the custKey, and which appears under the "encryptionKey" value of the secureAIS ,ini file.

The KEK is a value special for each secure omap manufactured.

may question are:

1. Is the above true?

2. Does the CEK must equal the KEK on each device? (Theoretically I would like to use the sane CEK for all device).

3. I have a dozen or so secure OMAPL138. How can I find what their KEK values are?

4. Can you link me to an updated omapL138 security Guide? I currently have only the prelimenary information edition.

Many Thanks,

Roee

  • Hi Roee,

    The CEK is 128 bit number called the custKey, and which appears under the "encryptionKey" value of the secureAIS ,ini file.

    The KEK is a value special for each secure omap manufactured.

    Yes, you are right.


    2. Does the CEK must equal the KEK on each device? (Theoretically I would like to use the sane CEK for all device).
    3. I have a dozen or so secure OMAPL138. How can I find what their KEK values are?

    Actually no one knows about the KEK except OMAP SoC and revealing the KEK is not safe too.


    4. Can you link me to an updated omapL138 security Guide? I currently have only the prelimenary information edition.


    Did you ever contact your local TI FAE for security collateral ?
  • Hi Roee,
    I've sent a friend request to you. Please accept and will discuss it in private chat.