Castles Technology Co., Ltd.
Confidential • All Right Reserved.
Pg.
32
4.1.2. ULD User Key
ULD User Key are used to encrypt and sign the user/shared
applications. In addition, they are as goalkeepers to prevent the system
updating without user permission. This is done by the kernel CAPs
which are encrypted and signed by the manufacturer having to perform
the “signed’ action via ULD User Keys.
Notes: Applications are encrypted by a random-generated 3DES key,
which is retrieved from the Key Encryption Block of the CAP by ULD
User Key Encryption Key, not directly encrypted by ULD RSA Key.
4.1.3. Key Change
The ULD RSA Keys are able to be changed. The system uses a special
CAP file, KEY CAP, for the manufacturer and user to change their own
keys. The KEY CAP contains a new set of ULD keys (Key Encryption
Key and Signature Key). These new keys are encrypted and signed via
the original keys. In other words, if the user would like to change the
ULD User Keys, they have to use their original ULD User Keys with the
new ULD User Keys to generate a KEY CAP.