Typical bootloaders only provide data integrity checks using a Cyclic Redundancy Check (known as a CRC) to ensure that the software to be installed was not corrupted while being downloaded. Although improbable, it is possible for two different applications to generate an identical CRC.

To address the issue of security a different method was devised. To create a unique “fingerprint” for an application the MD5 algorithm is used.

MD5 Fingerprint

MD5 was developed by Professor Ronald L. Rivest of MIT. What it does, to quote the executive summary of rfc1321, is:

"[The MD5 algorithm] takes as input a message of arbitrary length and produces as output a 128-bit "fingerprint" or "message digest" of the input. It is conjectured that it is computationally infeasible to produce two messages having the same message digest, or to produce any message having a given pre-specified target message digest. The MD5 algorithm is intended for digital signature applications, where a large file must be "compressed" in a secure manner before being encrypted with a private (secret) key under a public-key cryptosystem such as RSA."

An MD5 “fingerprint” of the application is generated as part of the application build process using public domain source code. This source code is also embedded within the bootloader application to generate a digest for verification.

RSA Algorithm

To sign the fingerprint the RSA public key cryptosystem is used. The term “public key” refers to the fact that knowing how to send a message in code does not help you decrypt the message. When using public key encryption, only the decryption keys are kept secret while the encryption keys are shared freely. The RSA algorithm was chosen due simplicity of implementation and effectiveness. In the case of RSA, security is assured through the assertion that large prime numbers are very difficult to factor.