Flasher Secure security (signed non-ST devices?)

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • Flasher Secure security (signed non-ST devices?)

      I am considering using Flasher Secure, but I haven't been able to learn enough to be convinced of its security. In the "UM08032 Flasher Secure User Guide & Reference Manual", it says that using it with ST devices, "The chip’s public key additionally is signed by ST, so the server can determine if the public key originates from a real device." This seems essential to protect the IP. Without it, a malicious custom device could do the necessary handshaking, provide a public key, accept the encrypted code, decrypt it, and make it available to the malicious user to load on other devices, decompile, etc.

      How is this device signing handled for non-ST devices (Nordic nRF52 in my case)?

      The post was edited 1 time, last by ErgoChris: grammar ().

    • New

      Hello Chris,

      Some ST devices support a secure firmware download interface.

      For devices without a secure firmware download interface, we use a different approach. We create a signature over a unique and unchangeable ID, so the firmware can verify
      that it is running on the device with exactly this ID. This will cause a signature failure on a cloned device, so the firmware can halt or react in another way. The system basically
      works as a clone protection.
    • New

      OK, it sounds like a sophisticated user could get access to our unencrypted binary, but they would only be able to load it on additional devices if they are knowledgeable enough to edit it to disable the code that checks the device ID. In other words: security through obscurity. Is that correct?