1. Manuals
  2. Brands
  3. ST Manuals
  4. Microcontrollers
  5. STM32C0 Series
  6. Application note

On-The-Fly Decryption Engine (Otfdec); Figure 14. Typical Otfdec Configuration - ST STM32C0 Series Application Note

Hide thumbs Also See for STM32C0 Series:
Table of Contents

Advertisement

The X-CUBE-CRYPTOLIB supports the following algorithms:
DES, 3DES with ECB and CBC
AES with ECB, CBC, OFB, CCM, GCM, CMAC, KEY wrap, XTS
Hash functions: MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512
Other: ARC4, ChaCha20, Poly1305, Chacha20-Poly1305
RSA signature with PKCS#1v1.5
ECC with key generation, scalar multiplication (basis of ECDH) and ECDSA + ED25519 and Curve 25519
6.19

On-the-fly decryption engine (OTFDEC)

The external memory content (code and data) cannot be protected with traditional read/write protections. The way
to protect the content is to encrypt and decrypt it inside the device before using it.
One solution is to download the external memory content inside the SRAM, to decrypt it, to execute the code,
and/or to use data. There are two drawbacks with this method: it introduces a delay that may not be acceptable,
and it uses a large amount of SRAM, depending on the content.
The OTFDEC peripheral offers the possibility to decrypt the content directly with a low-latency penalty, and
without the need for SRAM allocation. The OTFDEC decrypts the on-the-fly bus traffic based on the read-request
address information. It is used with the Octo-SPI interface (see the figure below).
The OTFDEC uses the AES-128 CTR mode, with a 128-bit key to achieve a latency below 12 system bus
cycles. Up to four independent and nonoverlapping encrypted regions can be defined (4-Kbyte granularity),
each with its own key.
When to use the OTFDEC
The OTFDEC is used when an external memory is used by the system. For TrustZone® capable MCUs, the
decryption keys can only be made accessible through the secure mode. See the application note How to use
OTFDEC for encryption/decryption in trusted environment on STM32H73/H7B MCUs (AN5281) for more details.
Note:
The OTFDEC is available on STM32H5, STM35H7, STM32L5, and STM32U5 devices only.
AN5156 - Rev 8
Figure 14.
Typical OTFDEC configuration
Instruction
data/system
cache
cache
Device boundary
On-the-fly decryption engine (OTFDEC)
OCTOSPI
SPI NOR
flash memory
AN5156
page 41/56

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the STM32C0 Series and is the answer not in the manual?

Questions and answers

Related Manuals for ST STM32C0 Series

Related Products for ST STM32C0 Series

This manual is also suitable for:

Stm32f0 seriesStm32f1 seriesStm32f2 seriesStm32f3 seriesStm32f4 seriesStm32f7 series ... Show all

Table of Contents