Secure AuthenticationのトピックRe: SE050E aead encryption maximum length

SE050E aead encryption maximum length

Zarein94 — Wed, 04 Oct 2023 11:59:41 GMT

Hi,

We have developed a crypto service using the secure element S050E. We use aead encryption (AES_GCM) algorithm. I already asked in about the low speed of this process. Right now we are also experiencing a maximum block size for the input data we can have encrypted/decrypted. It is around around 400 bytes. In the table below I see that this maximum is around 256 bytes. I have the following questions:

1. What is the exact maximum input data length?

2. Is there any work around?

3. Is there an algorithm as secure as this, so we the amount of data can be encrypted is larger and also much faster than aead (like in order of ms).

Re: SE050E aead encryption maximum length

Kan_Li — Mon, 16 Oct 2023 02:52:59 GMT

Hi @Zarein94 ,

Maybe you are looking at the method of AeadOneShot, which has length limitation due to the APDU command spec, so for length larger than 256 bytes input , you may use the method of AeadUpdate, and the data input may be divided into multiple AeadUpdate commands.

Hope that makes sense,

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

Re: SE050E aead encryption maximum length

Zarein94 — Wed, 25 Oct 2023 11:54:14 GMT

@Kan_Li As the AEAD encryption is quite slow in the secure element. Could you point me to some faster algorithm using secure element and It is as reliable and secure as AES_GCM for wifi cryptography.

Re: SE050E aead encryption maximum length

Kan_Li — Tue, 14 Nov 2023 02:42:00 GMT

Hi @Zarein94 ,

I expect AES GCM is in this case not needed directly for WiFi authentication but instead for some proprietary protocol transmitted over WiFi?

AEAD is just a mechanism to have data both encrypted and MACed. What are the alternatives depends on the goal to be reached. Just for encryption either AES-CBC or AES-CTR is as good as AES-GCM but much faster on the secure element. For MACing a CMAC/HMAC or a asymmetric signature could be used.

Have a great day,
Kan