We are considering enabling the Secure Boot V2 for our devices and one of the considerations is whether signing the second-stage bootloader with multiple keys makes sense at all.
I understand that the way this works is that multiple keys (actually their hash) are stored in the eFuse and the ROM bootloader can use any of those to verify the second-stage bootloader (and then the application image).
That is good of course, because in case the primary key is compromised for any reason, we can then revoke it and start using one of the other two (assuming there are three in total).
However, I believe that having this mechanism enabled results in a serious security risk. Because if the attacker gets access to the updating mechanism of the product (e.g., OTA or even through serial, if it's not disabled) and gets hold of one of the keys stored in the eFuse, then a malicious application can be flashed that goes ahead and revokes all other keys, therefore essentially invalidating all the product fleet.
What are people thinking about this? Am I missing something or this is something that can indeed happen? There's nothing preventing this type of attack, isn't it? Of course it assumes that the OTA interface is compromised, together with the key. But still, this has the potential of a big loss.
Secure Boot V2 - Security risk of key revoking mechanism?
Who is online
Users browsing this forum: Google [Bot], klaatu2, ShreyAcharya and 58 guests