My company is in the process of developing a product based on the Raspberry Pi. I have concerns over how simple the copying of the code we develop would be, given that the “product” is solely software in nature.
The Zymkey appears to be the perfect solution to this issue!
I have been trying to gather as much information about how Zymkey works to see if I can find any reasons the Zymkey may not be suitable for our purposes. As far as I can understand the security is based on encrypting the RFS of the RPi, so as no one malicious can log into the system, the code would be secure and removing the SD card would do them no good.
In encrypting the RFS, in brief, it seems as though the Zymkey generates a random key in plain text, the partition to be encrypted is created and dm-crypt is used to encrypt it using the plain text key. The Zymkey then encrypts and locks the key. The RFS to be encrypted is then copied over. When booting, the crypttab is supplied with the key via a keyscript (which I assume passes the locked key to the Zymkey for decryption).
My background in not in security or encryption and I only have a very weak understanding of the topics. I am assuming the the keyscript is kept unencrypted in the boot partition? So would it be possible for the attacker to simply modify the keyscript to have it output the result of the Zymkey decryption? My feeling is that we have the locked key, and the Zymkey which is able to decrypt it, what is to stop attackers supplying the locked key to the Zymkey and getting the result?
What am I missing?