[RFC 3/4] FIT: add FIT image support
Marc Kleine-Budde
mkl at pengutronix.de
Fri Mar 13 04:33:41 PDT 2015
On 03/13/2015 11:05 AM, Jean-Christophe PLAGNIOL-VILLARD wrote:
> On 10:28 Fri 13 Mar , Jan Lübbe wrote:
>> On Do, 2015-03-12 at 19:19 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote:
>>> please do not send a new version except for fix
>>>
>>> I'm going to re-integrate it with the keystore & co
>>
>> Could you describe your keystore design?
>
> I'll send the patch series soon
>
> code is better than 1000s of words
>
> with DER support and the fit
>>
>>> and sha1,rsa2048 is considered weak in term of security
>>> and worse md4/md5
>>>
>>> for barebox I would only use
>>> at least sha256 with rs2048 or sha512 with rsa4096
>>
>> Yes, of course. These were only used as an example and it's trivial to
>> switch to other hash algos or RSA key sizes. Also, the FIT format can
>> easily be extended to support ECC/Curve25519.
>
> very slow vs rsa, but as we will use a generic framework we will just need to
> add the algo
>
> if you can break rsa4096, the chance you can break ECC are high too
If you want to open the box, today you would probably not break
rsa2048/sha1 (unless you have huge calculation power) but look for
implementation weaknesses, like bugs or side channel attacks.
>> In some cases, where the SoC's ROM code only supports RSA2048 with SHA1,
>> using stronger settings in Barebox doesn't increase security. So there
>> we want to use the same settings as the ROM code.
>
> agreed but I refuse to allow it unless we have no choice
> and emit a warning
>
> and even I'll prefer to use stonger, yes this will increase the security.
> As a secure boot is as strong as it's weak link
>
> but this will not reduce it either
Adding unneeded complexity might not the best move here.
Marc
--
Pengutronix e.K. | Marc Kleine-Budde |
Industrial Linux Solutions | Phone: +49-231-2826-924 |
Vertretung West/Dortmund | Fax: +49-5121-206917-5555 |
Amtsgericht Hildesheim, HRA 2686 | http://www.pengutronix.de |
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.infradead.org/pipermail/barebox/attachments/20150313/41e82087/attachment.sig>
More information about the barebox
mailing list