This sounds exciting but the answer is always "it depends". In some cases such cryptographic protection can be circumvented. Example: Flir E4 thermal cameras (this forum has a couple threads on it).
I'll have to examine those threads. Sounds interesting.
Secondly, hard coding the encryption keys is a poor practice. Keys can be compromised and require replacement, or may be other factors that may dictate key rotation.
While that's true in some cases, in this case you have to choose between hardcoding the keys (and suffering through the problems that might arise in the event your private key is compromised -- this is why you treat them like crown jewels) versus putting the keys in a writable medium and thus compromising the entire point of using them in the first place. Since private key compromise is
extremely rare when the private key is properly taken care of (how often have you heard of a major signing authority's signing key being compromised? It's happened but it's
rare -- the internet's entire security infrastructure would be worthless otherwise), and since the entire
point of the exercise is to prevent people from being able to circumvent the signature verification mechanism, it's obvious that in this case, hardcoding the public keys in ROM is the way to go.
One other thing: when you hear of a CA certificate being renewed, it's the
signature that's renewed. The public and private key bits remain the same.
Thirdly, different encryption keys may need to be used for different firmware types for devices that utilize the same hardware platform. Example: Keysight 1000x series Linux-based oscilloscopes.
This doesn't make any sense to me at all. A cryptographic signature is a cryptographic signature. It's the same irrespective of the platform it's generated on or verified on, or the operating system it's using, or anything else. It's even independent of word length, endianness, and every other attribute of a processor. And that goes for the keys, too. They're just blobs of data in well-understood encapsulating formats. The algorithms in use today are public and widely used, and the methods for using the keys are widely known and exactly specified. This is so because they are intended to be universally used.
Now, you'd obviously have to write your bootstrap loader to target the CPU you're using, and the same is true of the firmware upgrader, but that's a very different problem from the keys themselves.
Remember, too, that there is a huge difference between the key material itself and its representation. The latter can change while the former remains the same. What
would change the key material is a change to a new encryption algorithm. But this, too, is an old and well-understood problem with well-understood solutions. And see below. For this use case, the company probably doesn't have to worry itself too much about it.
And once the public keys are in the flash memory, they can be found and substituted with the attacker's own public key, then the attacker can upload the altered firmware signed with the corresponding private key, Job done.
Which is
exactly why you hardcode them in ROM.
Engineering is all about compromises. Here, the proper compromise is obvious.
These devices have a limited period of time during which the company's going to care about this problem anyway. After that, it doesn't matter if the device ends up being "hackable" or not. This means the company can change up their key material from time to time without any real consequence, and if an old key gets compromised the company doesn't have to care, as long as its used
only for this particular type of purpose.
The company could even use a different key for each device model line, thus greatly limiting the damage that a key compromise would do. There are lots of possibilities here as to how the company could manage its keys. And none of them require that the keys be stored in rewritable form.