Changes

713 bytes added ,  14:10, 23 January 2018
Some updates
Line 49: Line 49:  
   
 
   
 
== Falcon coprocessor ==
 
== Falcon coprocessor ==
The falcon processor (TSEC) stores a special console-unique key (that will be referred to as the "tsec key").
+
The falcon processor (TSEC) generates a special console-unique key (that will be referred to as the "tsec key").
   −
This is presumably stored in fuses that only microcode authenticated by NVidia has access to.
+
This is presumably using data stored in fuses that only microcode authenticated by NVidia has access to.
 
  −
The tsec key is the source of all per-console entropy, because SSK is not used on retail.
      
== Package1 ==
 
== Package1 ==
Line 109: Line 107:  
|}
 
|}
   −
=== [4.0.0]+ Key table after package1 ===
+
=== [4.0.0]+ Key table after package1 (Secure Monitor boot) ===
    
{| class="wikitable" border="1"
 
{| class="wikitable" border="1"
Line 126: Line 124:  
|-
 
|-
 
| 13
 
| 13
| PerConsoleKey_40
+
| PerConsoleKeyForNewPerConsoleKeyGen
 
| [[Package1]]
 
| [[Package1]]
 
| Yes
 
| Yes
Line 132: Line 130:  
|-
 
|-
 
| 14
 
| 14
| MasterKey_40
+
| StaticKeyForNewPerConsoleKeyGen
 +
| [[Package1]]
 +
| No
 +
| Yes, on security updates
 +
|-
 +
| 15
 +
| PerConsoleKey
 +
| [[Package1]]
 +
| Yes
 +
| No
 +
|}
 +
 
 +
=== [4.0.0]+ Key table after package1 (Secure Monitor runtime) ===
 +
 
 +
{| class="wikitable" border="1"
 +
|-
 +
! Keyslot
 +
! Name
 +
! Set by
 +
! Per-console
 +
! Per-firmware
 +
|-
 +
| 12
 +
| MasterKey
 
| [[Package1]]
 
| [[Package1]]
 
| No
 
| No
 +
| Yes, on security updates
 +
|-
 +
| 13
 +
| NewPerConsoleKey
 +
| Secure Monitor init
 +
| Yes
 
| Yes, on security updates
 
| Yes, on security updates
 
|-
 
|-
Line 270: Line 297:  
|}
 
|}
   −
== Bootloader stage 1 ==
+
== Secure Monitor Init ==
It is currently unknown what key generation the stage 2 bootloader does.
+
On all versions, the key to decrypt [[Package2]] is generated by decrypting a constant seed with the master key. The key is erased after use. 
 +
 
 +
Additionally, starting from 4.0.0, the Secure Monitor init will decrypt another constant seed successively with a special per console key and a special static key passed by package1loader, to generate a new per-console key. The operation will erase these special keys passed by package1loader.  
    
== Secure Monitor ==
 
== Secure Monitor ==
 
The secure monitor performs some runtime cryptographic operations. See [[SMC]] for what operations it provides.
 
The secure monitor performs some runtime cryptographic operations. See [[SMC]] for what operations it provides.
26

edits