I have a security concern about private key storage for SSL. According to documentation, AT+KPRIVKSTORE? can be used to read back the private key for the client certificate. Isn’t this a security problem? Like anyone who gets his hands on the module (or its UART lines, to be more specific) could read back the private key. Shouldn’t the private key be write-only? Or am I missing something?
Hi jakub.polonsky,
That’s the behavior on the HL78xx. AT+KPRIVKSTORE? can be used to read back the private key for the client certificate. I don’t find any command or option to private key be write-only.
OK, thank you for confirmation. It does not feel very secure. If we ship the product, then with some not-so-hard reverse engineering, the private key can be obtained. I know we should generate unique key for every device so only one can become compromised at a time but still…
Can I propose a feature that would prevent readout of the private key? For example a separate AT command that will block the readout until the key is overwritten or erased. Similar to a readout protection of a typical MCU.
Hi jakub.polonsky ,
Please contact your distributor directly to propose a feature.