CC1352R: Using AESGCM Driver in Chunks

Stuart Baker

Part Number: CC1352R

I have a customer that is trying to use AESGCM with TI Drivers to decrypt/authenticate a 300K firmware image residing in external FLASH. There is no possible way that the entire image can fit into on-chip RAM for a "one-step" operation.

Is there any way using the TI Driver to support breaking up the AESGCM operation into smaller chunks?

Thanks,

Stuart

over 4 years ago

0 Marie H over 4 years ago

TI__Guru* 83221 points

Hi Stuart,

I'm not sure. Let me check with the RnD team if they have any good ideas.

Cheers,

Marie

+1 Marie H over 4 years ago

TI__Guru* 83221 points

Hi Stuart,

Here is the feed-back:

Unfortunately, the accelerator in the CC1352R does not support segmented operations for AES GCM or AES CCM. This is why the CC13x2 drivers do not support that.

I see the following options:

They can break the image up into individually encrypted chunks. Each chunk will have its own MAC/TAG. They could save space on the nonce/IV by only storing a nonce/IV for the first chunk and then calculating a the nonce/IV for the next chunk by adding the chunk size in bytes to the current chunk’s nonce/IV.
Since CCM is a combination of CBC and CBC-MAC operations they could build their own segmented CCM encryption mode using our CBC and CMAC drivers. Note that the CMAC driver supports CBC-MAC. Also, both the CBC and CMAC drivers support segmented operations.. The RFC is here: https://datatracker.ietf.org/doc/html/rfc3610
1. Note: it is not as simple as running CBC and CBC-MAC over their data. There are encodings of the lengths and padding that must happen to the blocks input to the drivers. The RFC covers this.

Let me know if either is a viable option.

Cheers,

Marie H.

Bluetooth®︎

Bluetooth forum

CC1352R: Using AESGCM Driver in Chunks