• State Verified Answer
  • Replies 3 replies
  • Subscribers 74 subscribers
  • Views 663 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 318171
Options

mcuboot AES-256 + ECDSA P256

jmv

Hi,

We are using a custom nrf9160 board on nrf-sdk 2.4.2. We would like to use AES-256 encryption in mcuboot in combination with ECDSA P256 signing.

From my understanding, AES encryption requires either tinycrypt or mbedtls backends, but tinycrypt only supports AES-128. We could then use mbedtls backend, but it seems that ECDSA P256 is not supported for the mbedtls v1.10.0-ncs1 fork in nrf-sdk 2.4.2, even though it has been supported in mcuboot upstream.

Do you have any recommendations on how we can combine AES-256 encryption with ECDSA P256 signing in mcuboot on nrf-sdk 2.4.2 or later?

Thanks

Parents Reply Children
  • 0 in reply to Charlie

    Thanks for the link, but we are targeting AES-256 encryption. I don't think this is supported by your sample, although it does use ECDSA P256 signatures and tinycrypt.

    Do you have any recommendations on how we can combine AES-256 encryption with ECDSA P256 signing in mcuboot on nrf-sdk 2.4.2 or later?

    (I could also mention that we are successfully using 128-bit AES-KW for encryption with ECDSA P256 for signing after patching mcuboot. What we are missing is the specific combination of 256-bit AES support with ECDSA P256.) 

  • +1 in reply to jmv

    Hi Johathan,

    Sorry for the late reply.

    I checked with our development team and we currently do not have a solution for your request. I will let you know if there are any updates.

    Best regards,

    Charlie

Related
Terms of service