A story of secret handshakes, triple-locked boxes, and missions that arrive through thin air
The Fleet Owner calls the Key Factory: "New profile for Robot #8721!" The Key Factory asks the Commander about the robot (checks its records in the EIS database). The Commander radios the robot: "Build a new ISD-P room!" The room is created: empty, waiting, in SELECTABLE state.
Now comes the cleverest part. The Key Factory sends its ID badge; the robot checks it traces to the CI. The robot generates a random challenge: the Factory must sign it, proving it's the real deal. Then both sides each compute the same Shared Secret using ECKA-EG math: without ever sending it!
The profile is a triple-locked encrypted package containing network keys (NAA), an operator mini-office (MNO-SD), file system, apps, and a POL1 rulebook. It's wrapped in SCP03t encryption and sent in chunks through the Commander's radio. The Commander relays the chunks but sees only scrambled data!
At every phase, the Key Factory checks: is the robot genuine? Enough memory? Certificate valid? If any check fails, the download stops immediately. If a connection drops mid-download, a cleanup routine deletes the half-built room and starts fresh: unless the POL1 rulebook says "never delete me!"
The random challenge in Phase 2 is a clever anti-replay trick. Every time, the robot generates a fresh random number. The Key Factory must sign it. Even if an attacker recorded yesterday's entire conversation, they can't replay it: yesterday's challenge won't match today's! That's forward secrecy in action.