SE050E aead encryption maximum length

キャンセル
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 

SE050E aead encryption maximum length

645件の閲覧回数
Zarein94
Contributor II

Hi,

We have developed a crypto service using the secure element S050E. We use aead encryption (AES_GCM) algorithm. I already asked in Re: SE050E aead encryption  about the low speed of this process. Right now we are also experiencing a maximum block size for the input data we can have encrypted/decrypted. It is around around 400 bytes. In the table below I see that this maximum is around 256 bytes. I have the following questions:

1. What is the exact maximum input data length? 

2. Is there any work around? 

3. Is there an algorithm as secure as this, so we the amount of data can be encrypted is larger and also much faster than aead (like in order of ms). 

Zarein94_0-1696420587026.png

 

ラベル(1)
0 件の賞賛
返信
3 返答(返信)

589件の閲覧回数
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @Zarein94 ,

 

Maybe you are looking at the method of AeadOneShot, which has length limitation due to the APDU command spec, so for length larger than 256 bytes input , you may use the method of AeadUpdate, and the data input may be divided into multiple AeadUpdate commands.

 

Hope that makes sense,

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

0 件の賞賛
返信

570件の閲覧回数
Zarein94
Contributor II

@Kan_Li  As the AEAD encryption is quite slow in the secure element. Could you point me to some faster algorithm using secure element and It is as reliable and secure as AES_GCM for wifi cryptography. 

430件の閲覧回数
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @Zarein94 ,

 

I expect AES GCM is in this case not needed directly for WiFi authentication but instead for some proprietary protocol transmitted over WiFi?

AEAD is just a mechanism to have data both encrypted and MACed. What are the alternatives depends on the goal to be reached. Just for encryption either AES-CBC or AES-CTR is as good as AES-GCM but much faster on the secure element. For MACing a CMAC/HMAC or a asymmetric signature could be used.

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

0 件の賞賛
返信