Is it possible to read decrypted key?

CristianM · September 28, 2018, 10:13am

Hello! As I understood:

initramfs presents the locked LUKS key to Zymkey
Zymkey validates the signature and decrypts the key
The decrypted key is presented to LUKS and the root file system is then decrypted

Isn’t it possible to read the decrypted key by using a logic analyzer on the I2C lines between the Zymkey and Raspberry Pi? Is there any protection implemented against this type of attack?

Scott_of_Zymbit · September 28, 2018, 8:24pm

Hi @CristianM,

All traffic on the i2c bus between the RPi and the Zymkey is encrypted and signed. So, the decrypted key can’t be read out from the i2c bus. The key exchange is carried out with ECDH within sessions that are finite in duration.

Topic		Replies	Views
Both encrypted and not? ZYMKEY4	3	911	May 23, 2018
Ask for block cipher AES ZYMKEY4	3	721	June 5, 2020
Obtain Key ZYMKEY4	1	983	October 13, 2017
Rpi compute module NOOB question about LUKS ZYMKEY4	0	127	August 21, 2023
Decryption on zymkey ZYMKEY4	2	334	January 20, 2023

Is it possible to read decrypted key?

Related Topics