|
|
|
|
|
|
by sdl
3641 days ago
|
|
|
So if I understood correctly, there are 5 requirements for such a system to be secure: 1: secure/unmodifiable cryptographic processor
2: with unremovable rate limiting
3: and exclusive access to a hardware key
4: cryptographic processor has the only function of encrypting user data based on
5: hardware key and a user supplied pin/key
Errors done by Qualcomm: Violated 3: Hardware key not exclusivly readable by cryptographic processor
Violated 5: Encryption based on derived key
Anything I overlooked?(edited: formatting) |
|
|