Security solutions are typically constructed from many different components. Some security features offer confidentiality and integrity protection, whilst others are there to make it harder for an attacker to launch an attack. Encrypted firmware is a security feature to make it harder for an attacker to reverse engineer the firmware, making it more difficult to identify exploitable bugs and to providing confidentiality protection for software IP.
This session will discuss various aspects of firmware encryption like: Who should own the secret key? What should be the key type either device unique or class wide key? How firmware encryption plays nicely with authentication? Along with this we will discuss my recent work to add support for loading encrypted payloads in TF-A and OP-TEE.
Software Engineer (Linaro Ltd.)
Currently working as part of Support and Solutions team, Linaro. Responsible for activities related to platform security like OP-TEE, trusted firmware, boot-loaders etc. Also responsible for tool-chain support activities.<br /> <br /> Contributed in various open source projects like OP-TEE, TF-A, u-boot, edk2, Linux etc.<br /> <br /> Apart form technical stuff, I have keen interest in sports like badminton, table tennis, chess etc.