Closed YUSMLE closed 5 years ago
ayushev
commented
5 years ago Hi @YUSMLE
thanks for trying out the Trust X. The AES on-chip is possible only if the on-chip DTLS feature is used (DTLS channel is established between the Trust X DTLS Client and a remote DTLS Server).
hosseinmsvz
commented
5 years ago Hi @ayushev I was wondering how can we use trust X to encrypt/decrypt data on trust X chip? I am using NRF52840 and wanted to encrypt my data before store it. but can't find any function in API to simply encrypt/decrypt data with trust X.
YUSMLE
commented
5 years ago Hi @ayushev. We are wondering too, that how we can use Trust X to encrypt/decrypt data? We're using NRF52840 and wanted to encrypt our data before store it, but can't find any function in API to simply encrypt/decrypt data with Trust X.
ayushev
commented
5 years ago Hi @ayushev I was wondering how can we use trust X to encrypt/decrypt data on trust X chip? I am using NRF52840 and wanted to encrypt my data before store it. but can't find any function in API to simply encrypt/decrypt data with trust X.
Hi @ayushev. We was wondering too, that how we can use Trust X to encrypt/decrypt data? We're using NRF52840 and wanted to encrypt our data before store it, but can't find any function in API to simply encrypt/decrypt data with Trust X.
this issue can help you to find a suggestion (just an idea to try out)
hosseinmsvz
commented
5 years ago Hi @ayushev I was wondering how can we use trust X to encrypt/decrypt data on trust X chip? I am using NRF52840 and wanted to encrypt my data before store it. but can't find any function in API to simply encrypt/decrypt data with trust X.
Hi @ayushev. We was wondering too, that how we can use Trust X to encrypt/decrypt data? We're using NRF52840 and wanted to encrypt our data before store it, but can't find any function in API to simply encrypt/decrypt data with Trust X.
this issue can help you to find a suggestion (just an idea to try out)
Hi again, What issue? Do you have a link? Thanks
ayushev
commented
5 years ago Sorry, forgot to paste https://github.com/Infineon/optiga-trust-x/issues/13
hosseinmsvz
commented
5 years ago Thank you I read the issue and I have 2 questions.
Is this true for other protocols too? (Can't other protocols like RSA or ECC or ... perform encrypt/decrypt commands neither ??)
I may not getting your solution, but can't someone find symmetric key by sniffing I2C communication??
ayushev
commented
5 years ago I may not getting your solution, but can't someone find symmetric key by sniffing I2C communication??
Please, understand, that working with AES is possible only using the DTLS connection as a context, all other solutions have some some limitations which you have to evaluate carefully and take them on your own risk. Basically, the AES key is a random number, you can generate a random number and export it on the host, take it as you AES key. If you want to do this confidentially (exporting data on to the host) you can consider using the OPTIGA(TM) Trust M the Shield 2Go will become available soon, in the same way you can take the random number from the Trust X as a seed for the PRNG and generate an AES key on your Host system. Then use this key in combination with user provided pin as a symmetric key to store data on Trust X.
Is this true for other protocols too? (Can't other protocols like RSA or ECC or ... perform encrypt/decrypt commands neither ??)
RSA encryption/decryption in the form provided from the secure element (RSAES PKCS#1 v1.5) is available from the aforementioned [OPTIGA(TM) Trust M](https://github.com/Infineon/optiga-trust
I am using optiga-trust-x with Nordic's NRF52840 microcontrolller and want to use optiga to perform AES encryption. I searched your API but didn't find any straight way to perform AES. Does your API really support AES? If so can you explain how to use it?