Is it possible to perform password authentication on STSAFE-A before any operations are executed?

Forum|Forum|1 month ago
May 9, 2026
1 reply
159 views

Greetings,

I am working on a Hardware-based password manager. When the device is first setup, A 512-Bit key is created which is used to encrypt & decrypt the passwords. This key will be stored on STSAFE-A's Symmetric Key Table and the password can be encrypted/decrypted using this key on the STSAFE-A.

Now, I want to be able to set a user specified password on the STSAFE-A and then this password will be used by STSAFE-A to authenticate before performing any encryption/decryption/etc operations. After a set amount of wrong attempts, STSAFE-A should erase the key.

Is this achievable?

Regards,
Aditya M.

Best answer by Benjamin BARATTE

Hi @pegvin ,

With STSAFE-A120, you can store AES 256 bits key and you can secure the usage of the encrypt/decrypt function with the local secure channel. Nevertheless, you don’t have policy to ask password or user authentication before doing an operation.

For such use case, you need to use the MCU to manage the password verification and deletion of key material after a several wrong attempts.

Best Regards,

Benjamin

B

Benjamin BARATTEBest answer

ST Employee

Hi @pegvin ,

With STSAFE-A120, you can store AES 256 bits key and you can secure the usage of the encrypt/decrypt function with the local secure channel. Nevertheless, you don’t have policy to ask password or user authentication before doing an operation.

For such use case, you need to use the MCU to manage the password verification and deletion of key material after a several wrong attempts.

Best Regards,

Benjamin

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded