Cryptographic scheme selection

Forum|Forum|7 years ago
February 20, 2019
1 reply
817 views

Could someone elaborate on the tradeoffs of cryptographic scheme selection, especially between Asymmetric with AES encryption and Symmetric (AES GCM) ?

While it is the default choice, it is not clear to me why SECBOOT_ECCDSA_WITH_AES128_CBC_SHA256 would be preferable over SECBOOT_AES128_GCM_AES128_GCM_AES128_GCM since according to Table 3 of UM2262 (getting started), storing a private AES key is required in both cases. What are the benefits of the default approach?

This topic has been closed for replies.

Jocelyn RICARD

ST Employee

Hello Jean-Hugues,

I'm sorry for this late answer.

The main advantage of asymmetric crypto is that device will embed only the public key to authenticate the firmware.

This means that even if a hacker is able to open the chip to see all data inside, he will not be able to generate a fake firmware because he needs the private key.

On the other hand, using a symetric key, a hacker would could retreive the key using differential power analysis for instance, would be able to create a fake firmware that would be authenticated by the secureboot.

The drawback of the asymetric key usage is the memory footprint used. So, if you have enough place, asymmetric scheme is the best.

The symmetric key is necessary for confidentiality of your data. It is used to encrypt the firmware.

I hope this answers your question

Best regards

Jocelyn

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded