2392867_en-US

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

2392867_en-US

2392867_en-US

ELEMU vs. LTC on KW47: Are There Any Advantages of LTC Beyond Performance?

Hi.

I would like to ask about the differences in usage between ELEMU (EdgeLock Messaging Unit Driver) and LTC (LP Trusted Cryptography) on the KW47 platform.
My current understanding is as follows:

ELEMU
・Cryptographic operations are performed by requesting the dedicated Security Core, providing strong tamper resistance because keys can be stored in an isolated secure environment.
・Since communication with the Security Core is required, it may not be suitable for applications with very strict latency requirements.
・It supports all cryptographic algorithms available through LTC, and additionally supports algorithms that LTC cannot handle, such as ECDH.
・Security-related services such as secure boot integration can also be utilized.

Therefore, my understanding is that ELEMU is better suited for cryptographic operations that require a high level of security.


LTC
・Cryptographic operations are executed by directly controlling the LTC hardware accelerator registers, resulting in very low overhead and high performance.
・Supported algorithms are limited to hardware-accelerated functions such as AES, DES, HASH, etc.
・Keys cannot be stored in a secure isolated environment, so the level of tamper resistance is lower than that provided by the Security Core.

Therefore, my understanding is that LTC is better suited for latency-sensitive processing or use cases involving temporary keys such as session keys.

If the above understanding is correct, is it fair to say that the primary advantage of LTC over ELEMU is performance/latency, and that if timing requirements can be met, everything that can be accomplished with LTC can also be accomplished through ELEMU?
Or are there any functional limitations, supported algorithms, hardware access restrictions, or other considerations that would make LTC the preferred or required choice in certain scenarios?
Thank you in advance for your guidance.

Re: ELEMU vs. LTC on KW47: Are There Any Advantages of LTC Beyond Performance?

Hello,
Hope you are doing well.

 

The ELE Messaging Unit (ELE_MU) is a communication mechanism between the application core and the EdgeLock Enclave (ELE) security core. Through this interface, the host processor can request cryptographic and security-related services from ELE. In addition to cryptographic operations, ELE provides secure key management capabilities, including key generation, import/export, secure key storage, and encrypted key blob generation for non-volatile storage.

More detailed information can be found in KW47 Security Reference Manual Chapter 9.


The LTC (LP Trusted Cryptography) driver provides direct access to the KW47 hardware cryptographic accelerator. This path offers lower software overhead because the application interacts directly with the hardware accelerator APIs rather than communicating through the security core like ELE_MU. The LTC hardware supports acceleration for algorithms such as AES, DES, HASH, and PKHA. (See KW47 API Reference Manual)


So your understanding is generally correct, it will ultimately depend on your implementation requirements. If low latency and minimal software overhead are your primary goals, LTC would be the preferred option. But if security boundaries and key lifecycle management are important considerations, ELE_MU is generally the better choice.


Best regards,
Sofia.

Re: ELEMU vs. LTC on KW47: Are There Any Advantages of LTC Beyond Performance?

Hi Sofia,


Thank you for your reply.
I am glad to know that my understanding is generally correct.


I have one additional question regarding the latency difference between LTC and ELE_MU.


I understand that the actual performance difference depends on factors such as the cryptographic algorithm being used, the number of interactions with the Security Core, and the size of the data being processed. Since I am not able to provide detailed conditions for a specific use case, I would appreciate even a rough guideline or general characterization of the expected latency difference.


For example, is the overhead of communicating with the Security Core typically much larger than the actual cryptographic processing time, resulting in latency that is several times or even tens of times higher than LTC?
Or, in most practical use cases, does the cryptographic processing time itself dominate the overall execution time, making the additional overhead introduced by ELE_MU relatively small when viewed as a percentage of the total processing time?


Even a high-level guideline or qualitative comparison would be very helpful for understanding when the performance impact of ELE_MU becomes significant.
Thank you in advance for your guidance.

Re: ELEMU vs. LTC on KW47: Are There Any Advantages of LTC Beyond Performance?

Hello,

I apologize for the inconveniences, currently there is no available documentation that provides a comparison or qualitative guideline characterizing the latency difference between ELE_MU and LTC.

While the ELE cryptographic engines are optimized for secure execution rather than speed, for specific performance metrics, direct measurement on KW47 hardware under the specific target conditions would be recommended.

Regarding ELE functionality or cryptographic operations on KW47, the most relevant guidance is provided in the KW47 Security Reference Manual.


Best regards,
Ana Sofia.

Re: ELEMU vs. LTC on KW47: Are There Any Advantages of LTC Beyond Performance?

Hi Sofia,


Thank you for your response.

I understand that there is no available documentation that compares the latency of ELE_MU and LTC or describes their latency characteristics qualitatively.

In that case, I will evaluate the performance on actual KW47 hardware and measure the latency directly to gain a better understanding of the differences between the two implementations.


Thank you again for your help.
Best regards,

Tags (1)
No ratings
Version history
Last update:
2 hours ago
Updated by: