Asymmetric Cryptography in STM

Forum|Forum|1 year ago
December 19, 2024
1 reply
791 views

Hello,

I’m working on a project using the STM32WLxx MCU and need guidance on implementing asymmetric cryptography (encryption, decryption, and key management). The MCU supports AES for symmetric encryption, but I’m looking for a solution for asymmetric cryptography.

Additionally, how can I ensure the private key remains secure? If this is not feasible on the MCU, are there external crypto chips that support direct asymmetric encryption and key generation?

Thanks in advance for any advice!

Best regards,

Anubrata.

Cryptography

Tesla DeLorean

Guru

Some support PKA in hardware, otherwise you can do it in software. Check the libraries you want to use will fit in an MCU, or need an MPU for speed/size.

https://www.st.com/content/ccc/resource/training/technical/product_training/group1/b8/bc/a1/3e/75/66/46/00/STM32L5-Security-PublicKeyAccelerator_HW_Accelerator_PKA/files/STM32L5-Security-PublicKeyAccelerator_HW_Accelerator_PKA.pdf/_jcr_content/translations/en.STM32L5-Security-PublicKeyAccelerator_HW_Accelerator_PKA.pdf

ST has ST-SAFE parts

https://www.st.com/en/secure-mcus/stsafe-a110.html

ATMEL/MICROCHIP has ATECC parts

https://www.microchip.com/en-us/product/atecc608a

You can hide keys in those, and have them confirm/verify signing, do the signing

>>Additionally, how can I ensure the private key remains secure?

Don't have it on the device? For validating signing you typically don't need it.

Have it in a secure area that's not accessible unless runing signed code.

For some of the AES implementations the keying into the HW is write-only, although there's some quite efficient attacks against that.

Tips, Buy me a coffee, or three.. PayPal VenmoUp vote any posts that you find helpful, it shows what's working..

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded