Hi,
Is there a way to decrypt a 16 byte block using CC1200? I see the option to encrypt (CBC) but I don't see how to decrypt.
Thx
This thread has been locked.
If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.
Hi
The CC1200 does only have a CBC encryption module, it is not possible to do CBC decryption. The reason why the chip only has the CBC encryption module is because the intended AES mode to be used are Counter Mode (CTR), which only requires the CBC encryption module for both CTR encryption and decryption. See:
Thx for the answer.
I am not encryption expert and maybe this is not the forum for my question but I will try :-)
I need to encrypt small blocks of 8 bytes / 16 bytes (I don't want to encrypt / decrypt the whole message only part of it). Can I use the AES CTR mode to encrypt /decrypt only part of the message (e.g., the message length is 24 bytes and I want to encrypt / decrypt only bytes 8 to 15)? Do you have an example code for this case?
Thx
Hi
These small code snippets will uses the CBC encryption module of the CC1200 to encrypt and decrypt 16 byte blocks of data:
/****************************************************************************** * @fn runAesCtrBlockEncryption * * @brief performs AES CTR encryption on 128 bit block of data * * @param chiperData - pointer to array for encrypted data * nonce - pointer to 128 bit nonce or initialization vector * aesKey - pointer to 128 bit aes encryption key * plainData - pointer to array containing data to be encrypted * * @return none */ #define AES_BLOCK_SIZE 16 void runAesCtrBlockEncryption(uint8* chipherData,uint8* nonce, uint8* aesKey, uint8* plainData){ static uint8 chipherBlock[AES_BLOCK_SIZE] = {0}; // Write 128 bit nonce into plain data memory input cc120xSpiWriteReg(CC120X_AES_BUFFER, nonce, AES_BLOCK_SIZE); // Write 128 bit aes key into key memory input cc120xSpiWriteReg(CC120X_AES_KEY, aesKey, AES_BLOCK_SIZE); // Execute aes run writeByte = 0x01; cc120xSpiWriteReg(CC120X_AES, &writeByte, 1); // Wait for AES operation to finish while((writeByte & 0x01)== 0x01 ){ cc120xSpiReadReg(CC120X_AES, &writeByte, 1); } // Read chipher block cc120xSpiReadReg(CC120X_AES_BUFFER, chipherBlock, AES_BLOCK_SIZE); // XOR chipher block with plain data for (uint8 i = 0; i < AES_BLOCK_SIZE; i++) { chipherData[i] = (plainData[i] ^ chipherBlock[i]); } }
/****************************************************************************** * @fn runAesCtrBlockDecryption * * @brief performs AES CTR encryption on 128 bit block of data * * @param chiperData - pointer to array containing encrypted data * nonce - pointer to 128 bit nonce or initialization vector * aesKey - pointer to 128 bit aes encryption key * plainData - pointer to array for decrypted data * * @return none */ #define AES_BLOCK_SIZE 16 void runAesCtrBlockDecryption(uint8* chipherData,uint8* nonce, uint8* aesKey, uint8* plainData){ static uint8 chipherBlock[AES_BLOCK_SIZE] = {0}; // Write 128 bit nonce into plain data memory input cc120xSpiWriteReg(CC120X_AES_BUFFER, nonce, AES_BLOCK_SIZE); // Write 128 bit aes key into key memory input cc120xSpiWriteReg(CC120X_AES_KEY, aesKey, AES_BLOCK_SIZE); // Execute aes run writeByte = 0x01; cc120xSpiWriteReg(CC120X_AES, &writeByte, 1); // Wait for AES operation to finish while((writeByte & 0x01)== 0x01 ){ cc120xSpiReadReg(CC120X_AES, &writeByte, 1); } // Read chipher block cc120xSpiReadReg(CC120X_AES_BUFFER, chipherBlock, AES_BLOCK_SIZE); // XOR chipher block with chipher data for (uint8 i = 0; i < AES_BLOCK_SIZE; i++) { plainData[i]= (chipherData[i] ^ chipherBlock[i]); } }
The CC1200 usermanual doesn't mention anywhere about xor function about encryption. For CBC AES encryption it doesn't even mention anything about initializing vector. Also for CTR encryption the usermanual has more spesifications and actions required. So, can you explain a bit what are you doing in your code? My thought for CBC encryption when reading the usermanual was to write my content for encryption at AES_BUFFER and then when encryption is done (checking AES register just like you) to read the data that are overwriten at this buffer. I thought the encryption was performed by HW only, isn't that correct?
thanks for the reply and your time. So, if i m correct, if i want to perform cbc encryption i have to XOR plain data with the IV and then load the result to aes_buffer to make the encryption? After this, at the decryption part, i must use the same key to perform the procedure on receiver aes module? Then read data from aes_buffer and perform XOR with the same IV? Or should i perform XOR the incoming data with the IV and then run the aes procedure to have the correct data? Last thing, what about the IV in CBC? Do they have to change with every block encrypted? thaks a lot again.
Hi Chris
You are partly right. To encrypt in CBC mode you XOR the IV with the first plain data block before writing it to the aes_buffer, perform the encryption and then read out the ciphered block. The next data block needs to be XOR'ed with the cipher block from the first run and so on. See illustration below:
however, the CC1200 only has a encryption module so it will not be able to decrypt any CBC encrypted data.
For the CC1200 to be able to both encrypt and decrypt you need to use AES Counter (CTR) mode. This mode uses the encryption module both for encryption and decryption.
The code snippets posted in the earlier posts shows how CTR block operations are done with the CC1200.
Ok, so, since i go for CTR encryption to use CC1200, should i use those snippets? There are some instructions in datasheet for CTR encryption(commands, parameters etc) for both encryption on TXFIFO and decryption on RXFIFO. Are these snippets equivalent to that? I mean is it still CTR encryption if i use them and is it the exact same result as the one given by the procedure described in the datasheet? Thanks a lot again.