• State Not Answered
  • Replies 3 replies
  • Subscribers 87 subscribers
  • Views 1073 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 279001
Options

Config for AES-128 ECB crypto only

pmguy

Hello,

I am looking for some help or example code that describes minimum set of the files and #defines required to enable AES 128bit encryption and decryption using ECB mode only. The only example I have found in the sdk examples is in '\crypto\nrf_crypto\aes\aes_all_cli' but this pulls in a lot of unwanted code and takes more ram than is available together with my existing code and SoftDevice.

I have written the encrypt and decrypt functions I need based on the code in function nrf_cli_cmd_crypt_ecb() in the above example main.c but cannot find the right combination of #includes and #defines to build the solution.

An example emProject file would be great or even the required entries for include dirs, preprocessor directives, files/folders etc.

  • 0

    Hi,

    You are right that there are a large number of files needed for nrf_crypto. It should not add much overhead in the resulting binary though, as most of what you don't use is removed by the preprocessor. When it comes to RAM usage that depends on both configuration and which crypto backend you use.

    There are a number of other ways to include AES-128 ECB in your application:

    • The obvious which you have tried is to use nrf_crypto, and optimize it's memory usage by for instance not reserving more memory than you need for it (specifically because mbedTLS use heap).
    • Alternatively, use a different crypto library directly. In that case, you can refer to the nrf_crypto implementation for how to use it. If we limit this to what is already available in the SDK and works on nRF528810 the only option for  AES ECB is mbed TLS. You could use that directly, but it would not give you a significant advantage over using nrf_crypto.
    • You could use another AES ECB library of your choice.
    • You could use the AES ECB peripheral, as explained in this post.
  • 0

    Thanks very much for the reply, Einar.

    Being new to the sdk, my biggest problem is understanding exactly what must be defined so that the preprocessor will indeed omit all the unneeded code but include the needed code for ECB and which frontends/backends I should use to minimise memory usage. I will look at the links you included to see if those yield any fruit!

  • 0

    I was attracted to the AES ECB peripheral you mentioned in the last link but having fought with it for many hours yesterday I realised it would not work as I had understood, as there is no decrypt function (I had wrongly thought that the ECB cipher was symmetrical meaning that the crypt function could be used for both encryption and decryption). So it is back to wrestling nrf_crypto Slight frown

Related
Terms of service