Security is the most important requirement for the modern day embedded products. To implement security in the product, it can be done by the firmware or security can be built into the hardware. While the security in firmware is understood, security built into hardware is via an existing processor or an additional co-processor shall be used. The advantages of used co-processor is that there shall be less burden on the main processor from the execution perspective. There shall be a trade-off always between costs, complexity, data recovery based on which the Hardware Encryption or the Software Encryption shall be chosen.
- Hardware Encryption is costly but extremely secure.
- Hardware Encryption is faster. Encryption is the method used to secure the application whether it be in hardware or firmware.
- Hardware Encryption is less prone to contamination unlike the Software Encryption
To simply explain what happens during encryption, data or code we have shall be converted into a code called "Cipher Text" and to extract the actual data out of this, we need keys which are part of encryption algorithm. Some of the encryption methods are,
- Rivest–Shamir–Adleman standard (RSA)
- Data Encryption Standard (DES)
- Elliptic-curve cryptography (ECC), ECDH (Elliptic Curve Diffie–Hellman)
- Advance Encryption Standard (AES)
In the end, all the encryption we talk here are algorithms. If we take an example of STM32WB35 microcontroller, there is hardware encryption for the application code and the radio stacks. Advance encryption standard (AES) hardware accelerators are used in STM32WB35. AES-256 encryption is used in STM32WB35 which means it has 256-bits of security. AES-128 is also used which uses 128-bits.
Which Encryption standards are several, which one to prefer is based on the level of security required. For most of the embedded products AES mechanism is used for encryption. Chips have Random Number Generators (RNG) on their hardware which helps to generate keys. The keys can be private as well as public. Public can be something which is open and can be used by anyone to decrypt the message.
]]>
0 Comments