Re: [PATCH v5 1/6] crypto: mxs-dcp: Add support for hardware-bound keys

From: Jarkko Sakkinen
Date: Mon Mar 04 2024 - 17:16:37 EST

Next message: Eric Biggers: "Re: [PATCH 3/4] xattr: Use dedicated slab buckets for setxattr()"
Previous message: Dave Chinner: "Re: [PATCH v2 02/14] fs: xfs: Don't use low-space allocator for alignment > 1"
Next in thread: Jarkko Sakkinen: "Re: [PATCH v5 1/6] crypto: mxs-dcp: Add support for hardware-bound keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri Dec 15, 2023 at 1:06 PM EET, David Gstir wrote:
> DCP is capable of performing AES with two hardware-bound keys:
>
> - The one-time programmable (OTP) key which is burnt via on-chip fuses
> - The unique key (UK) which is derived from the OTP key

This is somewhat cryptic explanation for the commmon and reoccuring
theme of having a fused random seed and a key derivation function.

I'd just write it is all about.

"DCP is able to derive private keys for a fused random seed, which
can be referenced by handle but not accessed by the CPU. These keys
can be used to perform AES encryption."

My explanation neither includes acronyms OTP and UK and still
delivers the message so much better. That actually further makes
it better because less crappy standard consortium terminology is
always better :-)

BR, Jarkko

Next message: Eric Biggers: "Re: [PATCH 3/4] xattr: Use dedicated slab buckets for setxattr()"
Previous message: Dave Chinner: "Re: [PATCH v2 02/14] fs: xfs: Don't use low-space allocator for alignment > 1"
Next in thread: Jarkko Sakkinen: "Re: [PATCH v5 1/6] crypto: mxs-dcp: Add support for hardware-bound keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]