https://devzone.nordicsemi.com/f/nordic-q-a/31216/cryptocell-cc310-aes-ccm-arbitrary-nonceHello all, Nordic Team i&#39;ve a question regarding the format of the nonce used within CryptoCell Library v0.9.0.a What i&#39;ve learned so far is, that CRYS_AESCCMstar requires a nonce where the length of authentication tag can be derived. I don&#39;t finden-USTelligent Community 13Thu, 31 May 2018 12:38:13 GMThttps://devzone.nordicsemi.com/thread/134177?ContentTypeID=1Thu, 31 May 2018 12:38:13 GMT137ad170-7792-4731-bb38-c0d22fbe4515:2c2d76ba-3d55-41e1-b658-5f82a18890f3chris-ho<p>Hi <a href="https://devzone.nordicsemi.com/members/eith">Einar Thorsrud</a>,</p> <p>the test vectors mentioned from <a href="https://devzone.nordicsemi.com/members/holmgren">Rune Holmgren</a> are working but if you modify the nonce in those vectors, especially last byte <strong>CRYS_AESCCMStar </strong> returns error code 0x00F0150C which resolves in CRYS_AESCCM_ILLEGAL_PARAMETER_SIZE_ERROR</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/134173?ContentTypeID=1Thu, 31 May 2018 12:31:20 GMT137ad170-7792-4731-bb38-c0d22fbe4515:de5571d7-0a49-45c8-819f-a716b278dee2Einar Thorsrud<p>Hi,</p> <p>You are right that&nbsp;TSCH mode it not supported in the CryptoCell library in SDK 15 (0.9.9). We are looking into this so&nbsp;we may add support in a future SDK release.</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/134133?ContentTypeID=1Thu, 31 May 2018 08:04:34 GMT137ad170-7792-4731-bb38-c0d22fbe4515:39cf20e4-603a-4399-b011-2facb88e23b5chris-ho<p>Hi <a href="https://devzone.nordicsemi.com/members/holmgren">Rune Holmgren</a></p> <p>I figured out that the updated SDK v 15.0 seems only support the nonce format described in Chapter 9.3.2.1 of 802.15.4 -2015 (see Attachements) can you confirm that? Are there any plans to support the TSCH mode also with a future release? or is there a chance to get a patch or quick fix for that?</p> <p><img src="https://devzone.nordicsemi.com/resized-image/__size/320x240/__key/communityserver-discussions-components-files/4/pastedimage1527753547599v1.png" alt=" " /></p> <p><img src="https://devzone.nordicsemi.com/resized-image/__size/320x240/__key/communityserver-discussions-components-files/4/pastedimage1527753560510v2.png" alt=" " /></p> <p>Best regards</p> <p>Chris</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/125803?ContentTypeID=1Fri, 23 Mar 2018 16:41:56 GMT137ad170-7792-4731-bb38-c0d22fbe4515:2c10b45d-5b5b-44d7-bdbe-de7ce6c7bb16Rune Holmgren<p>Version 0.9.9 of the nrf_cc310 runtime library now supports all security levels described in the chapter <strong>7.3.4.2 c data output</strong> in the <strong>IEEE Std 802.15.4<span class="emoticon" data-url="https://devzone.nordicsemi.com/cfs-file/__key/system/emoji/2122.svg" title="Tm">&#x2122;</span>-2011 Low-Rate Wireless Personal Area Networks (LR-WPANs)</strong> standard. This version of the nrf_cc310 runtime library will be part of the upcoming nRF5 SDK 15.0.0 release.</p> <p>&nbsp;</p> <p>Please refer to table in the spec<strong>: &nbsp;Table 56 c data for all security levels</strong></p> <p>&nbsp;<img src="https://devzone.nordicsemi.com/resized-image/__size/357x291/__key/support-attachments/beef5d1b77644c448dabff31668f3a47-d74a28f88a36471db6afadf88d0885ea/fig1.png" alt=" " /></p> <p>&nbsp;</p> <p>Previously the nrf_cc310 runtime library only supported security level 4-7, but with version &nbsp;0.9.9 of the nrf_cc310 runtime library security levels 0-3 is also supported. This includes the security levels <strong>None</strong>, <strong>MIC-32</strong>, <strong>MIC-64</strong> and <strong>MIC-128</strong>.</p> <p>&nbsp;</p> <p>Note that the nrf_cc310 runtime library and nrf_crypto_aead APIs still supports the <strong>deprecated security level 4</strong> according to <strong>IEEE Std 802.15.4<span class="emoticon" data-url="https://devzone.nordicsemi.com/cfs-file/__key/system/emoji/2122.svg" title="Tm">&#x2122;</span>-2015: IEEE Standard for Low-Rate Wireless Networks</strong>. This mode has been deprecated according to the standard</p> <p>&nbsp;</p> <p>Please refer to <strong>Table 9-4 – c data for all security levels</strong> where mode 4 is removed</p> <p>&nbsp;<img src="https://devzone.nordicsemi.com/resized-image/__size/368x282/__key/support-attachments/beef5d1b77644c448dabff31668f3a47-d74a28f88a36471db6afadf88d0885ea/fig2.jpg" alt=" " /></p> <p>&nbsp;</p> <p>For reference (from the standard):</p> <p><strong><em>In previous version of the standard, security level 4 was a level which provided only data confidentiality but without data authenticity. This security level is deprecated and shall not be used in implementation compliant with this standard.</em></strong></p> <p>&nbsp;</p> <p><strong><em>Security level 4 has NOT been explicitly removed from the nrf_cc310 runtime library or the nrf_crypto_aead APIs</em></strong></p> <p>&nbsp;</p> <p>&nbsp;</p> <p><strong>Examples and verification</strong></p> <p>Examples of usage of the AES CCM* mode can be seen in the nrf_crypto_aead APIs which is added in the upcoming nRF5 SDK 15.0.0 release. These APIs use the nrf_cc310 runtime library as a portable cryptographic backend.</p> <p>&nbsp;</p> <p>We have also provide added AES CCM* mode verification using standardized test vectors from <strong>IEEE P802.15-4/0537r2: Formal Specification of the CCM* Mode of Operation</strong> &nbsp;as well as custom vectors in an tailor made verification application that is using the &nbsp;nrf_crypto_aead APIs.</p><div style="clear:both;"></div>