• State TI Thinks Resolved
  • Locked Locked
  • Replies 6 replies
  • Answers 3 answers
  • Subscribers 40 subscribers
  • Views 304 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

CC3220MODA: Dummy certificate from playground

Joseph Kralicky
Intellectual 660 points
Part Number: CC3220MODA
Other Parts Discussed in Thread: UNIFLASH

Hi,

Are there any issues with using the default TI dummy certificate from the SDK playground on a device that will be in the hands of a consumer?  The device will be returned after a period of time so it is not likely that it will be tampered with. 

If this is not encouraged, is there a quick, free way to secure things up a little better?

Thanks!

Joe K.

  • 0
    Intellectual 660 points
    p.s. OTA update is not configured for this device.
  • 0 in reply to Joseph Kralicky
    TI__Mastermind 30810 points
    Hi Joseph,

    I think it is up to you whether this is considered risky or not. It sounds like you expect it to be low since the unit will be returned. Just be aware that this means the device will be in development mode and some files (like non-secure files or files with public read access) on the file system could be read using development tools.

    Best Regards,
    Ben M
  • 0 in reply to Benjamin Moore
    Intellectual 660 points
    Hi Ben,
    Thanks for the reply!
    I'm using "Production" in the Image Mode section of Uniflash. You mention that it will be in development mode - is that just to say that someone could use the same certificate and download the image? I'm writing the image to the SPI flash on our board.

    Is there a low/no cost solution to making it more secure? Could you point me in the right direction here?

    Thanks,
    Joe K.
  • 0 in reply to Joseph Kralicky
    TI__Mastermind 30810 points
    Hi Joe,

    Yes, I should correct my previous statement. You can put the device in production mode still which will lock the file-by-file access through the UART and the JTAG interface. The main risk would be having the image replaced by another that is signed by the same chain which will appear valid. Though this would be a tougher to do without an OTA mechanism. The cloning protection for the device would still make it so the encryption of the image would be unique and it wouldn't be directly readable. There are relatively low-cost options for purchasing a code-signing cert if needed, but I can't really recommend one to use.

    Best,
    Ben M
  • 0 in reply to Benjamin Moore
    Intellectual 660 points
    Hi Ben,
    Thanks! So it sounds like the only risk here is that someone could overwrite the existing app, if they had the proper hardware, etc.
    Can the image be pulled off the device and decrypted?
    Could I self-sign a certificate?
    Thanks again,
    Joe
  • 0 in reply to Joseph Kralicky
    TI__Mastermind 30810 points

    Hi Joe,

    The certificate used does not impact the encryption of the image. Please refer to the Security App Note for details.

    http://www.ti.com/lit/swra509

    The root certificate for the chain must be one of the ones listed in our trusted root certificate catalog (refer to the readme.html in the certificate-catalog folder of the SDK). The only way to use a self-signed certificate is through a little more complex solution that involves a secondary bootloader. See a description of this here:

    http://www.ti.com/lit/swru547

    Best,

    Ben M