Mbed forum

How to perform mbedtls_rsa_public operation in block?


(mattia settin) #1

Dear all
My embedded device run mbedtls on a stm32F4 microcontroller (without a OS, only one process).
The device perform a signature verification of a 1024-bit rsa key (so signature is 128 byte length).
In order to perform this operation the device take more or less 30ms.
In case the of a 2048-bit rsa key (signature 256 byte length), the devise takes more or less 100ms, that is to much for my application.
Even if the signautre in completly available, it is possible perform the rsa operation split in more time ?
Dose mbedtls allow this feature ?
e.g. the computation of message digiest allow perform the operation in block (sha256_update).
Thank you
best regards

(Ron Eldor) #2

Dear @mattiasettin
Thank you for your question.
Mbed TLS does not support such operation. We are working on a feature for ECC based operations, for splitting to several segments. ( restarable ECC ), however it is not merged yet.
When you mention that 100ms is too much for your application, am I right to assume you mean that the watchdog is triggered?

I suggest you look at this article so you could see tradeoffs between memory and performance.
Do you have MBEDTLS_HAVE_ASM defined in your configuration?
Mbed TLS Team member