Flasher Secure security (signed non-ST devices?)

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • Flasher Secure security (signed non-ST devices?)

      I am considering using Flasher Secure, but I haven't been able to learn enough to be convinced of its security. In the "UM08032 Flasher Secure User Guide & Reference Manual", it says that using it with ST devices, "The chip’s public key additionally is signed by ST, so the server can determine if the public key originates from a real device." This seems essential to protect the IP. Without it, a malicious custom device could do the necessary handshaking, provide a public key, accept the encrypted code, decrypt it, and make it available to the malicious user to load on other devices, decompile, etc.

      How is this device signing handled for non-ST devices (Nordic nRF52 in my case)?

      The post was edited 1 time, last by ErgoChris: grammar ().

    • Hello Chris,

      Some ST devices support a secure firmware download interface.

      For devices without a secure firmware download interface, we use a different approach. We create a signature over a unique and unchangeable ID, so the firmware can verify
      that it is running on the device with exactly this ID. This will cause a signature failure on a cloned device, so the firmware can halt or react in another way. The system basically
      works as a clone protection.
      Please read the forum rules before posting.

      Keep in mind, this is *not* a support forum.
      Our engineers will try to answer your questions between their projects if possible but this can be delayed by longer periods of time.
      Should you be entitled to support you can contact us via our support system: segger.com/ticket/

      Or you can contact us via e-mail.
    • OK, it sounds like a sophisticated user could get access to our unencrypted binary, but they would only be able to load it on additional devices if they are knowledgeable enough to edit it to disable the code that checks the device ID. In other words: security through obscurity. Is that correct?
    • Hello Chris,

      We can only do what is theoretically possible. If you are interested in an individual solution for your MCU, which would at least provide some basic protection for the binary, please contact us directly.

      segger.com/about-us/contact-us/ (Production)
      Please read the forum rules before posting.

      Keep in mind, this is *not* a support forum.
      Our engineers will try to answer your questions between their projects if possible but this can be delayed by longer periods of time.
      Should you be entitled to support you can contact us via our support system: segger.com/ticket/

      Or you can contact us via e-mail.