Skip to main content
Information Security

You are not logged in. Your edit will be placed in a queue until it is peer reviewed.

We welcome edits that make the post easier to understand and more valuable for readers. Because community members review edits, please try to make the post substantially better than how you found it, for example, by fixing grammar or adding additional resources and hyperlinks.

Required fields*

8
  • 1
    Thank you for reply, You are right about firmware file and firmware update. whatever I read on internet suggests that asymmetric encryption is slower so its best to encrypt big file using symmetric key and encrypt symmetric key using asymmetric key. So We went ahead with that approach. Commented Jun 17, 2016 at 16:10
  • 2
    I'm not sure that using asymmetric encryption for bulk data is really appropriate. Commented Jun 17, 2016 at 16:13
  • If the file is big then you can go with your first option, but you need to make sure that no one could get to know your private key. Commented Jun 17, 2016 at 16:21
  • @P4cK3tHuNt3R: I agree with you. We have to keep private key secure. Thank you. Commented Jun 17, 2016 at 16:25
  • @P4cK3tHuNt3R Just to clarify, in option2, I am using private key to sign the symmetric key, I don't understand what is wrong with that. It should still be okay, isn't it ? Symmetric key encryption of firmware has nothing to do with digital signing right ? Commented Jun 20, 2016 at 8:55