Profile

|

bluetoothsteve

Profile Data

Screen Name: bluetoothsteve

Screen Name*

Title

First Name

Address:

Last Name

URL (i.e. Company, Github, LinkedIn)

Email

LinkedIn account

Company

Phone number

Country

Bio

Indicates required field*

My Activities
Following

Member	Action	Date
bluetoothsteve	Replied to BLE121LR FIPS compliant Hi Vala, Yes, this module is qualified for Bluetooth 4.0 so it complies with all the FIPS standards required by the specification which includes FIPS 140-2 for random number generation. Steve Show more	19 days ago
bluetoothsteve	Replied to Using RSA with psa-crypto on Thunderboard EFR32GB22 Hi Daniel, I'm afraid not. Bluetooth uses CCM, so that would be my recommendation. You can perform a key exchange, at the application layer if you don't want to use the built-in Bluetooth encryption, perform some sort of key derivation (like SHA-256) and encrypt the data the resulting key. This is a fairly common practice. Steve Show more	44 days ago
bluetoothsteve	Replied to Using RSA with psa-crypto on Thunderboard EFR32GB22 Hi Daniel, Sure. You can use CCM (or GCM for that matter). These ciphers support authentication of data as well as encryption which allows you to detect tampering as well as protect the confidentiality of the data. We have an example in our latest SDK "platform PSA Crypto AEAD" to help you get started. EFR32BG22 provides hardware acceleration for both of these ciphers. Steve Show more	46 days ago
bluetoothsteve	Replied to Using RSA with psa-crypto on Thunderboard EFR32GB22 Hi, This error means PSA_ERROR_NOT_SUPPORTED. You can find the error codes in crypto_values.h. Our EFR32 parts do not provide hardware acceleration for RSA so we don't have a convenient way to enable RSA. You can still enable RSA by adding the following definition to config\mbedtls_config.h in your project MBEDTLS_RSA_C The next challenge you come to is the following definition #define MBEDTLS_MPI_MAX_SIZE 32 you can change this to make it large enough to hold your RSA key, 256 in your case. Once you make those changes you should have a running example. A couple of points to notice though are 1. No hardware acceleration means that this operation is going to be slow 2. A 2048 bit RSA is not particularly strong as this only gives you 112 bits of security. Steve Show more	47 days ago
bluetoothsteve	Replied to How to use mbedTLS encrypt an arrary? To use AES-CCM, you should do the following 1. #include "ccm.h" (from the mbedtls folder) 2. call mbedtls_ccm_init(), this requires a pointer to mbedtls_ccm_context. 3. call mbedtls_ccm_setkey() . In addition to the pointer to mbedtls_ccm_context from the previous step, you also need to pass parameters for the cipher to use, a pointer to the key and the length of the key in bits. I recommend making the key a random value. However, you need some secure way to get the key to the remote party. See our "platform mbedTLS ECDH" for details on key exchange. 4. to encrypt and tag some data call mbedtls_ccm_encrypt_and_tag(). The description of the function in ccm.h details all of the parameters and their uses. It is important to use the same combination of IV and key only once. 5. to decrypt and authenticate some data that was encrypted and tagged as in #4, call mbedtls_ccm_auth_decrypt(). Similarly, the header file has descriptions of all the parameters. The key and IV must be the same as those used to encrypt and tag. I suggest checking the return values of all the mbedtls APIs, at least during the initial development of your application. Steve Show more	Feb 19 2021, 1:47 PM
bluetoothsteve	Replied to How to use mbedTLS encrypt an arrary? Hi, We have a sample app in our SDK, ""Platform mbedTLS AES" that demonstrates how to encrypt a block of data using electronic code book (ECB) mode, this is is the simplest encryption mode available in mbedTLS. Steve Show more	Jan 29 2021, 1:35 PM
bluetoothsteve	Replied to Setup Mbedtls for EFR32BG22 Serge, We don't recommend accessing the CRYTPOACC peripherals directly, it's better to use mbed TLS. mbedtls_ctr_drbg_random() is a good way to get random data and it uses the TRNG. Steve Show more	Jan 12 2021, 9:44 PM
bluetoothsteve	Replied to Setup Mbedtls for EFR32BG22 Hi Tomas, If you're just getting started on your project, it would be much easier to work SimlicityStudio version 5. That version of our IDE provides a graphical configuration tool for mbed TLS where you can simply enable the parts of the library that you need. If you do need to work with the older SDK(s), then you can just add the files from SimplicityStudio\v4\developer\sdks\gecko_sdk_suite\v2.7\util\third_party\mbedtls\sl_crypto\src\cryptoacc I didn't make a working example for the BG22 in that article because the configuration tool was almost ready at the time. Steve Show more	Jan 11 2021, 6:20 PM
bluetoothsteve	Replied to AMNESIA:33 Hi, This module runs ZentriOS which does not include any of the TCP/IP stacks mentioned in AMNESIA:33. An official security advisory will be published shortly. We suggest that everyone subscribes to security advisories to be sure to get all the latest information. We have a video here, https://www.silabs.com/security, which shows you how to do that. Steve Show more	Dec 15 2020, 5:54 PM
bluetoothsteve	Replied to Identifying cause for SE System Reset (using TRNG) Hi Jeff, I was able to reproduce this behaviour as you describe. Please try updating the SE firmware to v1.2.6. That's what fixed the issue for me. Steve Show more	Nov 20 2020, 1:34 AM

Level 6

Level 5

Following 0

Followers 0