What is the benefit from using ECC to encrypt the hash of authentication message?
Hacker can always calculate SHA1 of original message by analyzing the contents of external boot-flash (starting from the contents of ldr-file).
Then, it may be two situations:
1) Hacker knows, what to add to modified message the way, that its SHA1 hash will be the same as for original message. Then he doesn't need to know the private ECC key to re-encrypt hash in header of authentication message - it will be the same.
2) Hacker can not "force" the modified message to have the same SHA1 hash as the original one. Then it is quite enough for developer to write hash of original message in OTP memory. There is also no need for hash in header of message.
Please explain the benefit from using ECC to encrypt the hash of authentication message?