Hacker News new | past | comments | ask | show | jobs | submit login

Hmm, I have done some work in this field but obviously haven't seen all the board variations out there. The secure enclave (let's call it that because you did) will usually contain a master key that facilitates crypto operations on things in storage. This master key may be programmed using e-fuses. This is a one-time operation (and yes I have once accidentally written a key that I didn't want to write on a development board). You may only get secure storage and secure boot etc. once that is set up. So when the board already has e-fuses on the board it's not a big deal for the manufacturer (of the board) to include a couple or even a whole bunch extra for whatever the user (i.e. manufacturer of the device) has in mind. For example, you may be able to invalidate a master key and add a new one, up to n times.

Search for e.g. 'imx e-fuses' for details (or try this link https://imxdev.gitlab.io/tutorial/Burning_eFuses_on_i.MX/)




Ah I see, thanks for the insight. Didn’t realize they were like a storage primitive like that (obvious now..)




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: