From: Ayush Gupta <a-gupta4@ti.com>
To: Jan Kiszka <jan.kiszka@siemens.com>,
"cip-dev@lists.cip-project.org" <cip-dev@lists.cip-project.org>
Cc: "Raghavendra, Vignesh" <vigneshr@ti.com>,
"Adivi, Sai Sree Kartheek" <s-adivi@ti.com>
Subject: Re: Secure Data Encryption on board without TPM support ( AM62P)
Date: Thu, 5 Jun 2025 07:38:30 -0400 [thread overview]
Message-ID: <1f4b588e-25b8-435a-8ae4-cdfd18b86b9b@ti.com> (raw)
In-Reply-To: <fc47ba94-4f48-496f-be17-577742db6598@siemens.com>
On 6/3/25 07:16, Jan Kiszka wrote:
> Hi Ayush,
>
> On 02.06.25 20:03, Gupta, Ayush wrote:
>> Dear CIP Development Team,
>>
>> I am currently working on enabling encrypted storage for the TI’s AM62P
>> platform, which, as per current hardware capabilities, does not include
>> TPM support.
>>
>> To address this, I have implemented a working initramfs-crypt-hook-
>> nontpm (link provided at the end) solution that removes TPM
>> dependencies. It utilizes a keyfile embedded directly into the initramfs
>> for unlocking encrypted partitions during boot. The initramfs itself is
>> considered secure as it is protected by verified boot (Secure Boot is
>> enabled on the platform).
> That should be integrity protected but no longer secret, no? Physical
> attackers should then be able to retrieve the initramfs from the device
> and, thus, also read out the data encryption key. From there on...
You are absolutely right- the keyfile can be extracted by a physical
attackers as it is not encrypted.
We should find a more secure key. Thanks for highlighting the issue.
>
>> I would like to know if this is an acceptable and secure approach from
>> the CIP security perspective for boards without TPM support.
>> Additionally, are there any recommended alternatives or best practices
>> for strengthening this method in scenarios where TPM support is not
>> available?
>>
>> Looking forward to your guidance.
>>
> Did you already study how we are exploiting fTPM on the AM65x?
> https://github.com/siemens/meta-iot2050/
>
> Jan
>
Not explored this fully - but will check this out also. Me and the team
are also trying something more on that.
We will reach out to you if we need any further clarifications.
Again thanks for suggesting this repo!
Ayush
prev parent reply other threads:[~2025-06-05 11:38 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-02 18:03 Secure Data Encryption on board without TPM support ( AM62P) Gupta, Ayush
2025-06-02 18:37 ` [cip-dev] " Heinisch, Alexander
2025-06-03 11:16 ` Jan Kiszka
2025-06-05 11:38 ` Ayush Gupta [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1f4b588e-25b8-435a-8ae4-cdfd18b86b9b@ti.com \
--to=a-gupta4@ti.com \
--cc=cip-dev@lists.cip-project.org \
--cc=jan.kiszka@siemens.com \
--cc=s-adivi@ti.com \
--cc=vigneshr@ti.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox