[PATCH v5 1/6] crypto: mxs-dcp: Add support for hardware-bound keys
Jarkko Sakkinen
jarkko at kernel.org
Mon Mar 4 22:15:55 UTC 2024
On Fri Dec 15, 2023 at 1:06 PM EET, David Gstir wrote:
> DCP is capable of performing AES with two hardware-bound keys:
>
> - The one-time programmable (OTP) key which is burnt via on-chip fuses
> - The unique key (UK) which is derived from the OTP key
This is somewhat cryptic explanation for the commmon and reoccuring
theme of having a fused random seed and a key derivation function.
I'd just write it is all about.
"DCP is able to derive private keys for a fused random seed, which
can be referenced by handle but not accessed by the CPU. These keys
can be used to perform AES encryption."
My explanation neither includes acronyms OTP and UK and still
delivers the message so much better. That actually further makes
it better because less crappy standard consortium terminology is
always better :-)
BR, Jarkko
More information about the Linux-security-module-archive
mailing list