Hello we would like to upload to the cloud the nrfutil generated zip package, however we are worried about the application file security. As far as we know, nrfutils takes the unencrypted .hex file and generates signature in order to make a security check firmware side and guarantees authentication, integrity and non repudiation, but what about the application .bin file? Is it easy readable by unauthorized people? Does nrfutil provide the application data encryption during the conversion from .hex to .bin? If yes, what's the algorithm used? Is the data encrypted? Does it use the same Signer’s private key? We need to know that because we have the necessity to store the .zip packet on Cloud, thus the data should be encrypted.
In addition, we would like to know:
- Is microecc the most efficient tool available to make encryption of the application file (we are using nRF52832 chip)? We're afraid that the decryption process may be too slow for our needs.
- Since we have very few ram to receive the encrypted package, we are figuring out if splitting the firmware in chunks (size 1024 words) and encrypt the single chunk would be appropriate. In this way we were supposed to receive and decrypt a single chunk at a time. Once we have received every chunk, we are supposed to have the whole packet decrypted in order to calculate hash and make hash verification.
Thanks for your support
