帮助
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

AES-GCM performance on SE05x

取消
开启建议
自动建议可通过在您键入时建议可能的匹配,而快速缩小您的搜索结果范围。
显示结果 
显示  仅  | 搜索替代 
您的意思是: 

AES-GCM performance on SE05x

2 周之前
341 次查看
Viktro0929
Contributor II

I am testing the capabilities of the SE050 on an OM-SE050X development board, and I have a question about the speed of the AES-GCM operation. It seems that when running a one-shot AES-GCM encryption with AAD, followed by decryption, the process takes around 8 to 9 seconds, even with small inputs in one-shot mode

I found a similar thread here discussing the same issue:

https://community.nxp.com/t5/Secure-Authentication/Re-SE050E-aead-encryption/m-p/1694085#M1317

The response there indicated that this is indeed expected, since the GCM part is not hardware-accelerated.

 

My questions are:

  • Can you please confirm whether this speed is normal, and whether there is any way to improve performance, or if software-based GCM will remain at this speed regardless?
  • Regarding the SE051 (or SE052), do these chips provide hardware acceleration for GCM, or any improvements in the speed of this operation?

 

Thank you in advance!

SE050
SE050
Authentication
到店浏览
OM-SE050X
OM-SE050X
Authentication
到店浏览
SE051
SE051
Authentication
到店浏览
标签 (1)
0 项奖励
回复
6 回复数

2 周之前
322 次查看
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @Viktro0929 ,

 

Was it AES GCM 128 or 256? What about the data/AAD/IV length? From the test cases we have run, 8 to 9 seconds is little longer, what is the host controller you are using? Please kindly clarify.

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

0 项奖励
回复

2 周之前
292 次查看
Viktro0929
Contributor II

I am using test vectors from Test Case 3 of the following document:
https://csrc.nist.rip/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf 

 

Configuration details:

  • AES-GCM 128-bit (16-byte key length)

  • Data length: 60 bytes

  • AAD length: 20 bytes

  • IV length: 12 bytes

 

My OM-SE050X is connected to an ATSAMV71Q21 via I²C running at 100 kHz.

I have attached a screenshot of a typical encryption. As shown, after the initial setup, the host sends the plaintext and AAD, and the SE subsequently requests 5 WTXs. The WTX time was calculated based on the ATR response and the WTX message itself (as described in UM11225.pdf).

In total, the encryption process (including setup) took just under 7 seconds, of which about 1 second was spent in setup.

se050-aesgcm-logicanalyzer.PNG

 

Thank you!

 

Best regards,

Viktor

OM-SE050X
OM-SE050X
Authentication
到店浏览
0 项奖励
回复

1 周之前
275 次查看
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @Viktro0929 ,

 

Actually our test case is a little bit different from yours, please kindly refer to the following for details.

  • AES-GCM 128-bit (16-byte key length)

  • Data length: 64 bytes

  • AAD length: 16 bytes

  • IV length: 16 bytes

Both encrypt and decrypt took around 5.4 second. You may try the same on your side .

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

 

0 项奖励
回复

1 周之前
270 次查看
Viktro0929
Contributor II

Thank you, I will try this out when I have some free time.

Beforehand, could you please clarify the second part of my original question? Specifically:

  • Regarding the SE051 (or SE052), do these chips provide hardware acceleration for GCM, or any improvements in the speed of this operation compared to the SE050?
  • If yes, how much faster is the performance compared to SE050 for similar message sizes, such as your test case?
0 项奖励
回复

星期一
125 次查看
Viktro0929
Contributor II

Hi @Kan_Li ,

Just following up on my earlier message about the SE051/SE052. Could you please clarify whether these devices have any hardware acceleration for GCM, or performance improvements over the SE050? If so, by how much?

Thank you!

0 项奖励
回复

6 小时之前
7 次查看
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @Viktro0929 ,

 

No, just as I mentioned before, for AES-GCM performance on SE05x, only the AES operation is HW-accelerated, the Galois-Counter is not accelerated. and the performance of AES GCM scales mainly with the size of data to be processed and not with the size of the key
(data to be encrypted and additional authentication data (AAD))

 

Hope that makes sense,

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

0 项奖励
回复