0

Can someone give me an indication on the performance (time) of ECDH executed on the STM32F4 board. The STM32F4 has hardware acceleration for ECC (http://www.st.com/st-web-ui/static/active/cn/resource/technical/document/user_manual/CD00208802.pdf) but I can't find any benchmarks.

[background] I want to setup a secure channel between a smartphone and an embedded device. The embedded device will use the STM32F4 MCU. The communication link will be established over NFC. NFC has an inherent protection against man-in-the-middle attacks so we can use a standard ECDH to establish a symmetric key and encrypt further data exchange. To make sure that ECDH is feasible on the STM32F4 I am searching for some benchmarks.

Timothy
  • 3
  • 2

1 Answers1

0

NFC has an inherent protection against man-in-the-middle attacks

This is not true. There is absolutely nothing in NFC that would protect you from man in the middle attacks in any way.

Regarding your main question: doing ECDH on any modern microcontroller is much faster than your NFC link can transfer the data, so don't worry about performance here.

Nils Pipenbrinck
  • 5,087
  • 1
  • 19
  • 28
  • Thanks for your answer. Regarding the mitm attack: this paper http://ece.wpi.edu/~dchasaki/papers/Security%20in%20NFC.pdf) clearly states and explains why a mitm attack is infeasible when using NFC (see section 3.5). – Timothy Nov 26 '15 at 15:05
  • @Timothy Oh, be aware that the paper was written by two phillips (now NXP) employees. NXP is the main driver behind NFC, so it's heavily biased. MITM attacks against DH are a real thing these days. RF can be shielded easily with a ferrite plate. – Nils Pipenbrinck Nov 26 '15 at 18:52
  • The article might be biased but I still think that pulling off a successful MITM attack versus NFC is quite hard. Considering that two communicating devices/users will always be in a short range of each other, I don't think an attacker can shield the RF field unnoticed. – Timothy Nov 27 '15 at 14:31