Encoding using keys is a widely accepted method of cryptography. Key algorithms are based on a secret key assigned to each communication device or entity. Each device may use their secret key to encrypt and/or decrypt data sent and received to the device. A key may also be used to identify an entity as well as provide proof of authentication for that entity.
An example of key algorithm is a symmetric key algorithm. In this algorithm a secret key is shared between two communicating devices. The devices exchange data encrypted with the secret key. The data encrypted with the secret key can only be decrypted by a device with knowledge of the secret key and in this manner the encrypted data is as secure as the key itself.
A secret key is generally stored by a device in non-volatile memory such as a fuse bank. Due to the risk of the key being read from the memory by an unauthorized third party, the key itself is scrambled before being stored. In this manner any data read from the non-volatile memory will not result in the key being compromised. A communicating device will descramble data read from its non-volatile memory on power up and recover the secret key.
The key may also be comprised of corrupting the key in the non-volatile memory. For example in a fuse memory, hackers may systematically blow the fuses to a value of one. A scrambled key corrupted as such cannot be descrambled to recover the unscrambled value of the key.
In order to check the integrity of data stored in the non-volatile memory (to determine whether the scrambled key has been corrupted) a hash key algorithm can be used. A hash key algorithm creates a hash of the scrambled key before the scrambled key is stored in the non-volatile memory. The hash itself is then stored with the scrambled key in the memory.
The integrity of the scrambled key stored in the non-volatile memory can then be confirmed by recalculating the hash when the scrambled key is read from the memory and comparing the recalculated hash to the original hash stored in the non-volatile memory.
A hash value should be such that it is not feasible to determine a message from which the hash has been calculated based on the hash value. It should also not be feasible for two different messages to generate the same hash. Therefore the generation of a hash value can be complex and requires additional memory resources.
Calculation of a hash value may require significant hardware and software capabilities of a device. Storage of the hash requires non-volatile storage space in addition to the non-volatile storage space provided for the scrambled key. It is not always possible to provide the hardware, software and additional memory required in order to calculate and store a hash function.