Public-Key Cryptography

Public Key Cryptography relies on a public and private key pair, allowing the manufacturer to sign a boot loader and BCT with its private key, never needing to disclose the private key at any time during the manufacturing process. The public key, which is used to verify the digital signature of the boot loader and BCT, gets stored on the secondary boot device or embedded into the boot loader and BCT images. Using PKC allows devices to be manufactured at facilities that are not secure.