[Gnuk-users] Flying Stone Bare Bone 48
NIIBE Yutaka
gniibe at fsij.org
Tue Jan 26 00:14:45 UTC 2016
On 01/26/2016 01:47 AM, NdK wrote:
> Urgh... That would allow an attacker to read device keys w/o being
> detected...
Yes. Let me explain the feature.
It is under control by a user of MCU (from the viewpoint of MCU
manufacturer), although it would not necessarily mean it's under
control by a user of a token.
By making the process (of manufacturing of Gnuk25519 Token)
transparent, I believe that users of Gnuk25519 Token will be
able to make sure it's under control by themselves.
The document is:
AN4507:
Using the Kinetis Security and Flash Protection Features
by: Melissa Hunter, Automotive and Industrial Solutions Group
http://cache.freescale.com/files/microcontrollers/doc/app_note/AN4507.pdf
To quote:
======================
2.1.1.2 Backdoor key enable
The second option in the FSEC register is a backdoor key enable option
controlled by FSEC[KEYEN]. When enabled, the backdoor key option
allows for a means of temporarily disabling flash security if the
correct 64-bit key value is provided when executing a flash verify
backdoor access key command.
======================
Very good, _if_ this means no hidden backdoor. Well, I don't know if
there is or not, actually.
> Well, As an engineer in a big company you wouldn't have full control of
> the docs given to the clients :(
In Japan and its culture, it is quite uncommon to have an author name
in such a document. I'd admire the culture having author names in
technical documents.
> PS: instead of a plain white led, why not a WS2812B one? RGB from a
> single pin (optionally more LEDS can be cascaded).
Thanks for your suggestion. Yes, I considered the option, because it
is common these days (we can find the example in original ST-Link/V2).
I agree that it is cool, convenient and cheap (for > 95% people, I
guess).
Once, I tried to use two/three color LED. However, I learned that one
of my friends has disability to recognize colors (I think we call it:
red-green color-blindness), and the interface of color LED is very
annoying for him. While I don't have ability to make FS-BB48
universally good for any people, I do make it less annoying to my
friends.
--
More information about the gnuk-users
mailing list