-
Notifications
You must be signed in to change notification settings - Fork 78
Encryption keys
The encryption keys make use of a key derivation scheme, which is executed in the U-Boot bootloader. Only 2 AES encryption keys are saved in EFUSES, namely the UREK and CREK. Where the CREK is common between all devices and the UREK is unique for each chip. Below is an overview of the different encryption keys and from which key they are derived.
- UREK (User dependent and encrypts personal key partition, EFUSED)
- DAAK (Debug Application Authentication Key)
- DAEK (Debug Application Encryption Key? Not used)
- WAEK (Wireless PSK key)
- CREK (Common, EFUSED)
- DRAK (auth)
- SAAK (sdr_auth, actually Authentication key)
- PUEK (Used for upgrades, but sometimes replaced with a whitebox crypto key)
- PREK (Used to encrypt key partition)
- RREK (DEV, similar to PREK)
- IAEK (Used to encrypt certain partitions and is saved in the
bootarea) - RIEK (DEV, similar to IAEK)
- RUEK (DEV)
Note that the SAAK and DAAK are actually Authentication Keys, but are described here because of the key derivation scheme
This page is created by drone enthusiasts for drone enthusiasts and thus the information might be incorrect.
If you see a mistake, or you know more about specific subject, or you see an area for improvement for the wiki - create an issue in this project and attach your patch (or describe the change you propose).