FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Does X-CUBE-CRYPTOLIB support hardware acceleration?

FNin.1
Associate

‎2023-03-22 11:41 AM

Hi,

I've been exploring cryptography support on the STM32 uCs, especially on the L4 series. I'm able to run the X-CUBE-CRYPTOLIB code to perform AES-GCM, but it's very slow. It takes roughly 4ms to encrypt and tag 80 bytes, with a master clock of 8MHz.

From looking at the debugger, it seems like the AES hardware peripheral is not being used, so it makes sense it's performing so poorly. I couldn't find any define in the .h files to configure it to use hardware support and I'm seeing conflicting statements from differents pieces of documentation.

The Reference Manual for the L4 family states that "The AES peripheral provides hardware acceleration to AES cryptographic algorithms packaged in STM32 cryptographic library.".

This version of the library documentation (from 2015) states that: "For dedicated devices some algorithms are supported with hardware acceleration, to optimize the performance and the footprint usage"

However, the more recent version states that: "To benefit from STM32 cryptographic accelerators, refer to the STM32Cube MCU and MPU package hardware abstraction layer (HAL) functions and examples."

So it would seem like it was supported at some point, but then it was dropped and the reference manual failed to update that claim. However, it makes no sense to me. Why drop support for such a useful feature. I understand the HAL may be as good or even better, but having the same library with different backends is always easier to maintain across many products. Especially if you're already including the X-CUBE-CRYPTOLIB to have ECDH (which the HAL doesn't have).

Anyway, most of this is conjecture on my part, I may be entirely wrong. Does the  X-CUBE-CRYPTOLIB support hardware acceleration? Can it use the AES peripheral for AES-GCM?

Thank you!

Labels:
4 REPLIES 4
KDJEM.1
ST Employee

‎2023-04-12 05:44 AM

Hello @FNin.1​ and welcome to the Community 🙂 ;

For efficiently supporting, confidentiality, integrity, and authentication of data or code, most STM32 series include products with hardware cryptography peripherals. These peripherals allow cryptographic computations to be accelerated.

For devices with no such specific hardware acceleration, the STM32 cryptographic firmware library (CryptoLib) provides a software implementation of a large set of cryptographic algorithms.

Besides, the Hardware accelerators supports AES accelerator several modes of operation (such as ECB, CBC, CTR, or GCM)  and CryptoLib software library supports  AES with ECB, CBC, OFB, CCM, GCM, CMAC, KEY wrap, XTS.

For more explanation, I advise you to take a look at AN5156 "Introduction to STM32 microcontrollers security" and precisely 6.18 Cryptography Section.

When your question is answered, please close this topic by choosing Select as Best. This will help other users find that answer faster.

Kaouthar

To give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.

anotherandrew
Senior
In response to KDJEM.1

‎2023-08-09 05:44 PM

Your reply does not answer the questions posed.

Does X-CUBE-CRYPTOLIB utilize the hardware acceleration features of the respective STM32 processors? Where do we find documentation on this? AN5156 is just a general overview of what hardware acceleration features are supported, not whether they are used by X-CUBE-CRYPTOLIB.

0 Kudos
KDJEM.1
ST Employee

‎2023-09-05 12:28 AM

Hello @anotherandrew ,

I apologize for the ambiguity of my answer.
For clarification, the STM32 X-CUBE-CRYPTOLIB is a software library solution doesn't support hardware acceleration features.

Thank you for your contribution in the STCommunity 🙂.

Kaouthar

To give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.

0 Kudos
Bubbles
ST Employee

‎2023-09-07 06:48 AM

Basically best is to primarily try to use the HW solution where available and only supplement with CryptoLib when necessary. I understand it would be more convenient for the user to have the Crypto library hide the fact if HW of SW implementation is used and switch automatically depending on availability, but that abstraction is left for the user code to do.

To give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.

0 Kudos
Top