Connectivity AND security with limited RAM

I'm currently developping an application based on the Zephyr OS with its BLE protocol stack using the nRF52805 SoC.
Due to security specifications, some cryptographical features of the built-in mbedTLS library shall be used.
Since the nRF52805 does only have 24 kB of RAM, I'm currently not able to fit the build into the available memory, even after a lot of optimizations via prj.conf.
Is the nRF52805 as a promoted IoT Soc actually intended to be able to run Zephyr applications including mbedTLS or is it only useful for simple beaconing without any cryptographical support?

Top Replies

Manuel over 4 years ago in reply to Sigurd Hellesvik +1

Thank you very much, the manually added entry in CMakeLists.txt did the trick! Now it's working with the following added terms: prj.conf CONFIG_NRF_OBERON=y CMakeLists.txt zephyr_link_libraries(nrfxlib_crypto…

Parents

0 Kenneth over 4 years ago

From my understanding the mbedtls is the largest crypto library, maybe you can look into using the oberon or tinycrypt instead?
https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/zephyr/guides/crypto/tinycrypt.html
https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/nrfxlib/crypto/doc/nrf_oberon.html
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Manuel over 4 years ago in reply to Kenneth

Thank you for your reply!

Yes it is indeed not very ressource friendly. One main reason to go with mbedTLS as a first try is that it's already integrated into Zephyr and thus easy to embed into the project. However, I think this does not match with our device choice.
Oberon has already been in scope but requires to make some compromises regarding our intended security concept and thus was not the first choice so far. I will check if this could actually be a viable alternative.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 Manuel over 4 years ago in reply to Kenneth

Thank you for your reply!

Yes it is indeed not very ressource friendly. One main reason to go with mbedTLS as a first try is that it's already integrated into Zephyr and thus easy to embed into the project. However, I think this does not match with our device choice.
Oberon has already been in scope but requires to make some compromises regarding our intended security concept and thus was not the first choice so far. I will check if this could actually be a viable alternative.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data