Topics

DevHeads IoT Integration Server•2w ago

Is a CRC check on the decrypted firmware sufficient for validating its integrity?

Hey guys @Middleware & OS I’m developing firmware for an embedded system with a bootloader that updates the firmware. The firmware is encrypted and decrypted by the bootloader before being programmed into flash memory. To prevent manipulation, is a CRC check on the decrypted firmware sufficient for validating its integrity, or should I implement additional security measures?

3 Replies

ZacckOsiemo•2w ago

What kind of additional measures?

Daniel kalu•2w ago

I was thinking of adding digital signatures (like ECDSA) to ensure authenticity and integrity. This way, the bootloader can verify the firmware's origin and check for any tampering. Would this be a good approach, or are there other measures I should consider?

ZacckOsiemo•2w ago

Well that can work, its almost up to what your implementation needs.

DevHeads IoT Integration Server Join

The DevHeads IoT Integration Server accelerates technology engineering by helping pro devs learn, share and collaborate.

1.4KMembers

View on Discord

Want results from more Discord servers?

Add your server

More Posts

I'm looking for a simple, programmable module to control APA102 LED strips remotely.@Middleware & OS Hi Devs, I'm looking for a simple, programmable module to control APA102 LED st Can you give me good snippet of code for AT commands resender?Hello, Can you give me good snippet of code for AT commands resender? Like I am sending to my UART i Can you give me good snippet of code for AT commands resender?Hello, Can you give me good snippet of code for AT commands resender? Like I am sending to my UART i How can I achieve deletion of StringWriter objects?Hey everyone, I am using avr-g++ compiler on Windows for an AVR chip . I need to delete a `StringWr connect and control a smart LED strip device running on NodeMCU (ESP8266) with Google Cloud IoTHow can I connect and control a smart LED strip device running on NodeMCU (ESP8266) with Google Clou Any suggestions for troubleshooting missed interrupts?Hey guys, a friend of mine is currently working on AT91SAM9M10-EKES. The Code registers IRQ for 2 GP What’s the best option if I need a GUI? Anything for IPad?@Middleware & OS So I’m hacking my path to embedded world and have a big project (big to my size an how can i implement secure communication between IoT devices using Transport Layer Security (TLS)Good day guys how can i implement secure communication between IoT devices using Transport Layer Sec