Is a CRC check on the decrypted firmware sufficient for validating its integrity?
Hey guys @Middleware & OS I’m developing firmware for an embedded system with a bootloader that updates the firmware. The firmware is encrypted and decrypted by the bootloader before being programmed into flash memory. To prevent manipulation, is a CRC check on the decrypted firmware sufficient for validating its integrity, or should I implement additional security measures?
3 Replies
What kind of additional measures?
I was thinking of adding digital signatures (like ECDSA) to ensure authenticity and integrity. This way, the bootloader can verify the firmware's origin and check for any tampering. Would this be a good approach, or are there other measures I should consider?
Well that can work, its almost up to what your implementation needs.