• State Not Answered
  • Replies 3 replies
  • Subscribers 62 subscribers
  • Views 1376 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 221323
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

With nrf52 SDK15, how and where is the Diffie Hellman keys (for LESC just work session encryption) set?

JCShaun

Hi All,

As far as I understood, to complete a Diffie Hellman public key exchange the peer devices A and B needs to:

(1) A and B each generates two numbers, one as private the other as public keys

(2) A and B each let the other know its public_key

... etc etc to generate a shared secrete

Which function in the nrf52 DK is used to set the private-public key pair used for step (1)? I cant seem to find it. Or am I not understanding LESC correctly?

Thank you very much!

  • 0

    Hi.

    I suggest you take a look at this video if you want to understand Diffie-Hellman good.

    Here is a message sequence chart for the peripheral LESC pairing you can take a look at.

    Best regards,

    Andreas

  • 0 in reply to AndreasF

    Hi Andreas,

    Thank you for your prompt response.

    Yes I have a decent understanding of Deffie-Hellman and I have read this chart before. More specifically the reason I am asking is I would like to generate my own key pairs for the Deffie-Hellman. I have only seen a set_public_key function but not the private key. Is it possible? Can I fetch the private key generated at the application level?

    Best regards,

    JC

  • 0 in reply to JCShaun

    Hi.

    In nRF Crypto, the "shared secret" is calculated by calling nrf_crpyto_ecdh_compute().

    /** @brief Computes shared secret using ECC Diffie-Hellman.
 *
 *  @param[in]     p_context             Pointer to temporary structure holding context information.
 *                                       If it is NULL, necessary data will be allocated with
 *                                       @ref NRF_CRYPTO_ALLOC and freed at the end of the function.
 *  @param[in]     p_private_key         Pointer to structure holding a private key.
 *  @param[in]     p_public_key          Pointer to structure holding a public key received from the other party.
 *  @param[out]    p_shared_secret       Pointer to buffer where shared secret will be put.
 *  @param[in,out] p_shared_secret_size  Maximum number of bytes that @p p_shared_secret buffer can hold on input
 *                                       and the actual number of bytes used by the data on output.
 *                                       Actual size for selected curve is defined by
 *                                       the preprocessor definitions, e.g.
 *                                       @ref NRF_CRYPTO_ECDH_SECP256R1_SHARED_SECRET_SIZE.
 */
ret_code_t nrf_crypto_ecdh_compute(
    nrf_crypto_ecdh_context_t          * p_context,
    nrf_crypto_ecc_private_key_t const * p_private_key,
    nrf_crypto_ecc_public_key_t  const * p_public_key,
    uint8_t                            * p_shared_secret,
    size_t                             * p_shared_secret_size);

    You can see how this is done in the nRF5_SDK_15.2.0_9412b96\examples\crypto\nrf_crypto\ecdh example.

    Best regards,

    Andreas

Related

core_v2_widget.Hide()