Securing Your Factory Updates with Ed25519 Elliptic Curve

Photo of Volodymyr Khoroz

Posted on Mar 21, 2023 by Volodymyr Khoroz

5 min read

This blog post could be summarized with just one Fioctl® command to rotate all your Factory TUF keys. Read more to see why it is so important, and how it came to be a "one button" solution.

What is TUF and Why Ed25519?

Every time you run a new CI build for your Factory, it creates some artifacts for The Update Framework (TUF). Later on, FoundriesFactory® uses these artifacts to bring secure Over The Air (OTA) updates to your Factory devices. TUF uses a set of cryptographic keys to sign every update, protecting it from various cyber attacks.

You can find more information about how TUF and FoundriesFactory work together to secure your Factory updates here:

TUF specification allows the use of several key types (and signature algorithms) to sign its artifacts:

Ed25519 is a perfect choice for IoT security for several reasons:

  • It is one of the recommended Elliptic Curves (EC) for digital signing by the Federal Information Processing Standards (FIPS) publication FIPS 186–5 Section 7 since the 3rd of February 2023.
  • It provides a higher level of security compared to other choices from the above list. By January 2017, it is still one of the few Elliptic Curves which gained the Safe label in the SafeCurves listing by Daniel J. Bernstein and Tanja Lange.
  • It produces fast, deterministic signatures in constant time, and has a relatively small computing footprint.
  • Both Ed25519 public keys and signatures are rather short, minimizing the TUF related network traffic.

Note: Switching TUF keys from RSA to Ed25519 type reduces the root role size by ~70% (from 5.5 KB to 1.8 KB). The below example shows the difference in the public key and signature sizes for RSA versus Ed25519 keys:

# RSA public key:
-----END PUBLIC KEY-----

# RSA signature:

# Ed25519 public key:

# Ed25519 signature:

The FoundriesFactory One Button Solution to TUF Keys

Until recently, FoundriesFactory only supported the RSA key types end-to-end. Based on the previous paragraph we envisioned adding Ed25519 support to our OTA solution. However, it turned out to require changes to many product parts.

To start, there are currently 5 TUF keys in use by the majority of Factories:

  • the offline TUF root key, owned by the Factory admin, used as a root of trust in TUF.
  • the offline TUF targets key, owned by the Factory admin, used to sign production TUF targets.
  • the online TUF targets key, owned by™, used to sign both CI and production TUF targets.
  • the online TUF snapshot and timestamp keys, owned by, used to sign other TUF artifacts.

Next, we had to verify that the new key type is supported by all software pieces:

  • our cloud solution which serves OTA updates to your Factory devices;
  • Aktualizr-Lite™ which installs updates on your Factory devices.
  • Fioctl which allows you to rotate TUF keys for your Factory.
  • FoundriesFactory CI-Scripts™ which upload new TUF targets to your Factory.

We started to gradually add this support mid-2022, and by now all of the new factories already use Ed25519 by default. Still, old factories need to be migrated, which requires user action. This brings us to the user experience problem, as we have to ask every Factory owner to rotate each of their TUF keys.

A few times in my career I met software engineering teams working on "one button" products. These are highly elaborate solutions for a complex real life problem, visible to the end user as one button or check box. Those products have some inherent charm of taking the ease of use to its margin.

So, we decided to try this one button approach for TUF key rotation and came up with this command:

  fioctl keys tuf rotate-all-keys --key-type=ed25519 --keys=/path/to/root.keys.tgz [--targets-keys=/path/to/targets.keys.tgz]

This command rotates all TUF keys for your Factory to the Ed25519 key type in a safe and secure way. It also re-signs your Factory's CI and production targets using the new keys.

Note: the --targets-keys argument is optional. Still, we recommend to keep your Factory TUF targets key in a separate file. Please, see the corresponding blog post or user manual for details.

We have no plans to remove support of the RSA keys in the future. So, there is no immediate action required from you. However, we strongly recommend switching your Factory TUF metadata to use the Ed25519 key type.

If your Factory was created before the 1st of February 2023, we ask you for a small favor. Please, download the latest Fioctl, and run the above command. It will allow us to keep your OTA updates even more secure than before. This is a one time action; all subsequent TUF key rotations for your Factory will generate Ed25519 keys.


References to documentation, blog, or product pages:

External references:

Related posts