ying-css
commented
11 months ago Hi @KongLynn, I don't think so. using hardware(e.g. secure element) for secure storage is the most secure way. Thanks.
Open Dejavu610 opened 11 months ago
ying-css
commented
11 months ago Hi @KongLynn, I don't think so. using hardware(e.g. secure element) for secure storage is the most secure way. Thanks.
Dear author: I have a question about CLS Provison5.4-1: Hard-coded critical security parameters in device software source code shall not be used. It seems like sensitive security parameters such as (e.g., passwords, tokens, secret keys, etc.) must be stored in trustzones such as TEE,SE and so on. For some devices, the hardware requirements are relatively high. Are there any best practices for secure storage that are not dependent on hardware?