ESP32 Forum

ESP32 Official Forum
http://forum.esp32.com/

Secure Boot 2

http://forum.esp32.com/viewtopic.php?f=13&t=21527

Page 1 of 1

Secure Boot 2

Posted: Sat Jun 19, 2021 6:08 am
by Alberk
Hi,

May I know why RSA3072 is used instead of ECC considering the size of the keys for RSA is much larger?.

Re: Secure Boot 2

Posted: Mon Jun 21, 2021 2:20 am
by ESP_Angus
Hi AlberK,

Verifying RSA saves significant time during the boot process, especially because of the RSA accelerator hardware. Secure Boot V1 ECDSA signification verification adds a noticeable pause to the boot time (order of hundreds of milliseconds). RSA signature verification during boot is over ten times faster.

The key size is larger but as the key data is stored in flash (and we use the SHA of the key data stored in efuse to verify it), this doesn't cause a significant increase of resource use.

Angus

Re: Secure Boot 2

Posted: Mon Jun 21, 2021 3:56 am
by Alberk
Thank you for the explanation.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/