Bluetooth Firmware AES implementation and replacement possibility

RE: Bluetooth Firmware AES implementation and replacement possibility

Emil Lenngren — Tue, 24 Dec 2024 21:24:44 GMT

The ECB functions are used for more infrequent operations, such as in the pairing protocol (SMP) as well as when the session key for the link layer encryption setup is derived (typically at the beginning of encrypted connection setup).

RE: Bluetooth Firmware AES implementation and replacement possibility

night1rider — Tue, 24 Dec 2024 21:18:08 GMT

Hello,

I am just simply researching the potential of doing such a thing, whether or not it is practical is not for me to determine currently.

From my understanding you are saying that upon a request to send, the packet I send is automatically encrypted via the AES-CCM hardware component as described in this section as "On the Fly".

It does look possible to disable that hardware component.

Thank you for this information!

Do you happen to know what the ECB functions in crypto.c are used for specifically?

RE: Bluetooth Firmware AES implementation and replacement possibility

Emil Lenngren — Tue, 24 Dec 2024 20:25:12 GMT

Why would you want to do that? The AES implementation in MPSL uses the ECB hardware peripheral. MPSL's job is to make sure that the hardware resources are not used by several pieces of code at the same time.

A custom software replacement would possibly be too slow so it's nothing I would recommend.

Note that the normal Link Layer encryption (encryption of radio packets) is performed by the CCM peripheral in sync with receiving/sending radio packets on the air, initiated by the hardware automatically using PPI.