I have a system where I have a microprocessor that has the ability to hold data
in PROM memory that is only accessible when the program running it has been
authenticated. (This is done using ECDSA.)
I would like to use this capability so that an authenticated program on the
microprocessor is used to decrypt an image that is downloaded to my system. Due
to code space and size limitations, my first thought is to use an AES symmetric
cipher where the key for the cipher is held in the space where only the
authenticated program has access.
The scenario would be as follows:
The AES key is programmed into the secure PROM during factory configuration
When operating in the field, an authenticated program would download an
encrypted module to the unit
The authenticated program would then decrypt the download using the key stored
in the secure PROM.
Are there any glaring flaws in this approach?
What is the best way to generate an AES key to use for this scenario?
Thanks for any help,
Doug Bailey
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
