 Next, we talk about former authenticity. Former authenticity is to ensure the code running from the device is actually the generating former that you want. For some application, it is very important that the embedded former cannot be replaced by a non-authentic one. The way to ensure that a former is authentic is to use a signature. Of course, the private key which will be used to sign the former must be kept secret at OEM site so that only the OEM can sign the former. And then after that, the device can check whether the signature is correct or not using the corresponding public key. Authentication uses asymmetric cryptography, typically RSA or ECC. The signature creation is performed with the private key and the signature verification is performed with the public key. The private key remains at OEM to secure place and the public key will be embedded in the chip. Of course, since this is a public key, it's not secret. But still, we need to ensure the integrity of the public key, which means the public key should be immutable. So it should be right protected on the chip. There could be another approach using symmetric cryptography for the same purpose, which is less robust comparing to the public key approach. For instance, we can use ASGCN for the same purpose. ASGCN can generate a tag which could be used as a signature as well. However, the drawback of this approach is that the same key is used for signature creation and verification. So this key must also be kept secret on the chip. Now we know that for former authentication, a signature need to be generated. Then what should be signed exactly? As the main purpose is to make sure that the former is authentic, the signature is done on the former digest. In this way, if signature is verified, integrity and authenticity of the former is also checked. The basic principle of a signature is the signing of a hash with a private key. The signature verification consists in verifying this signature with a public key and computed former digest. Let's take a look at the signature generation flow. The first step is to create a public key pair using either RSA or ECC algorithm. And then the public part of the key will be embedded in the former, so that the former can use this public key to do signature verification later on. And then the whole former binary will be used to generate the digest. And then the digest data will be signed using RSA or ECC signing algorithm. Then the signature will be attached to the former binary. The whole binary including both the former and the signature will then be programmed to the flash of the chipset. In the signature verification flow, the first step is to do SHA-256 digest computation using the whole former binary data. Then the second step is to run the ECC or RSA signature verification algorithm using the computed digest. The public key embedded in the former as well as the former signature data from the flash. Then further action could be taken depending on the signature verification result. The application procedure can start if the signature verification is okay. The protection related to integrity check applies in the same way on the protection of the authentication check. The public key must be protected so that it cannot be modified in any way. In case there is no former update required, actually, the authentication used in this way does not bring much more comparing to integrity check. The integrity check is already enough as long as former cannot be replaced by another one. Of course, in case former update capability is really required, then the authentication check has its added value. Now we know how to authenticate a code. What we have here is a former data is authenticating itself. So there is some limitation of this setup. The problem is that the part of code doing the signature check is not yet authenticated while it is running. One solution is to use the secure boots that will do this authentication before launching the application code. Now let's do a hands-on on a former authentication. The goal of this hands-on is to show the different steps to develop the code and create a former binary, generate a key pair to be used for authentication, insert a public part of the key inside the firmware, compute a hash of the former, sign a hash using the private key, and concatenate the signature with a former binary. Program the full binary and run the device and check the former signature verification procedure. Thank you for watching.