On Fri Dec 15, 2023 at 1:06 PM EET, David Gstir wrote: > DCP is capable of performing AES with two hardware-bound keys: > > - The one-time programmable (OTP) key which is burnt via on-chip fuses > - The unique key (UK) which is derived from the OTP key This is somewhat cryptic explanation for the commmon and reoccuring theme of having a fused random seed and a key derivation function. I'd just write it is all about. "DCP is able to derive private keys for a fused random seed, which can be referenced by handle but not accessed by the CPU. These keys can be used to perform AES encryption." My explanation neither includes acronyms OTP and UK and still delivers the message so much better. That actually further makes it better because less crappy standard consortium terminology is always better :-) BR, Jarkko