ATAES132A Session Key

1 post / 0 new
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I now have my C code working and can EncRead/EncWrite/Auth etc..

I'm trying to design a sensible session key scheme to use.
The VolatileKey register can't be used to access User Zones, so I'm
thinking about using a Master Key to generate a Session Key every power up.


Does anyone have any comments on this?


Key Slot 0 : Master Key (MK)
Key Slot 1 : Session Key (SK), Authorised with MK

User zones configured with Read/Write/Auth keys = SK


So on power up:


1) Receive a nonce from the host
2) Host Auths with the MK to allow access to the SK
3) Host sends KeyCreate to generate a new SK.
4) Host Auths with this new SK
5) User zone R/W accesses now permitted using SK.


On a power cycle, an old SK can't be accessed until you Re-Auth with the MK,
and if you can do this you clearly know the MK which means you probably aren't a baddie.