https://devzone.nordicsemi.com/f/nordic-q-a/23364/typo-in-documentation-ecb-peripheral-doesn-t-decryptFor the nRF51822, the documentation for ECB mentions it being used to Encrypt/decrypt 16-byte data using current key. But it doesn&#39;t offer any methods to decrypt, and a couple of other forums posts indicate that it only performs the forwarden-USTelligent Community 13Sun, 09 Jul 2017 04:30:23 GMThttps://devzone.nordicsemi.com/thread/91848?ContentTypeID=1Sun, 09 Jul 2017 04:30:23 GMT137ad170-7792-4731-bb38-c0d22fbe4515:17fdc4ab-ad06-4f27-bccd-a18c18946703endnode<p>Yes Eric, <a href="http://infocenter.nordicsemi.com/topic/com.nordic.infocenter.nrf52832.ps.v1.1/ecb.html?cp=2_1_0_27#concept_vnj_kgy_xr"><em>&quot;encryption only, not decryption&quot;</em></a>.</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/91847?ContentTypeID=1Sun, 09 Jul 2017 03:42:12 GMT137ad170-7792-4731-bb38-c0d22fbe4515:4506e223-bb70-4dd2-91b9-bb2cd9a50d68BLE_lp<p>Thanks. I&#39;m using mbed, and I was able to use a modified version of the main mbed TLS library for software AES decryption. Initial results seem like it works pretty well as far as speed is concerned.</p> <p>It looks like both the nRF51822 and nRF82832 have the same ECB driver interface, so I&#39;m assuming the nRF82832 doesn&#39;t do hardware AES decryption either, right?</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/91846?ContentTypeID=1Sat, 08 Jul 2017 16:09:28 GMT137ad170-7792-4731-bb38-c0d22fbe4515:8d0a0f8d-ebb0-482f-a1ed-2a4367685365endnode<p>Hi,</p> <p>Yes that&#39;s type, HW &quot;accelerated&quot; AES encryption on nRF51 doesn&#39;t implement inverse decryption function. This is because Bluetooth doesn&#39;t need it (it uses CRT mode where AES encrypt function is combined with XOR stream cypher to perform both encrypt and decrypt) so there was no need to have it in HW. Indeed it makes it harder for application developers if they need it but the workarounds are easy: either use some modern methods such as AES-CRT which don&#39;t need it or implement it in SW (few hundred bytes in resulting binary if you know what you are doing...) There are <a href="https://devzone.nordicsemi.com/question/33513/how-to-decrypt-aes-ecb-nopadding-data/">numerous Q&amp;As</a> on this forum about this as well as <a href="https://devzone.nordicsemi.com/blogs/721/intro-to-application-level-security-using-the-ecb-/">nice blog post</a>.</p> <p>Cheers Jan</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/91845?ContentTypeID=1Sat, 08 Jul 2017 15:50:01 GMT137ad170-7792-4731-bb38-c0d22fbe4515:3498bc67-a2be-4c7e-a1cc-59318cd912acTurbo J<p>Yes this is a typo. Seems to be corrected only in the 13.x.y SDK, which is not available for NRF51x AFAIK.</p> <p>The ECB hardware as documented in the reference manual can only <em>encrypt</em> AES-128 - only this mode is used for BT LE. Note that you can still use this hardware in some AES modes - like AES CFB mode.</p><div style="clear:both;"></div>