nRF5 SDK v17.1.0
mbed TLS backend

The mbed TLS backend provides functionality to use the selected cryptographic algorithms from mbed TLS in nrf_crypto.

Note
All APIs in this backend are intended to be internal to nrf_crypto.

Configuration

See Configuring nrf_crypto frontend and backends for details on enabling this backend.

Available frontend API

See Cryptography library - nrf_crypto for information about which nrf_crypto APIs can use this backend.

Memory management in mbed TLS

The mbed TLS library assumes that memory is allocated on the heap or a structure that behaves similarly. Allocation on the stack is not possible if this backend is enabled. Therefore, NRF_CRYPTO_ALLOCATOR must be configured accordingly.

The mbed TLS library only allocates memory for AEAD and ECC:

The following tables show estimates of the minimal memory configuration, assuming that the nRF5 SDK Memory Manager is used.

Note
The values in the tables are minimal. The application sets higher values to make space for additional allocations.

Curves standardized by NIST:

  NIST and Koblitz curves up to ...
192 bits 224 bits 256 bits 384 bits 521 bits
Block size Required number of blocks Block size Required number of blocks Block size Required number of blocks Block size Required number of blocks Block size Required number of blocks
Key pair generation and public key computation 4 7 4 7 4 7 4 6 4 7
24 58 28 50 32 58 48 105 68 106
48 19 32 30 64 19 96 35 136 35
180 1 56 19 180 1 372 1 372 1
576 1 180 1 576 1 1152 1 1152 1
576 1
ECDH 4 6 4 7 4 7 4 7 4 7
24 33 28 27 32 33 48 57 68 57
48 11 32 15 64 11 96 19 136 19
84 1 56 11 84 1 180 1 180 1
288 1 84 1 288 1 576 1 576 1
288 1
ECDSA 4 7 4 7 4 8 4 8 4 8
24 65 28 53 32 65 48 113 68 113
48 11 32 40 64 11 96 27 136 31
52 3 56 11 68 3 100 3 144 1
56 1 60 3 72 1 104 1 200 1
72 1 64 1 96 1 144 1 264 4
96 2 84 1 128 2 192 2 576 1
100 3 112 2 132 3 196 3 1152 1
288 1 116 3 288 1 576 1
576 1 288 1 576 1 1152 1
576 1
Private key 24 1 28 1 32 1 48 1 68 1
Public key 48 3 56 3 64 3 96 3 72 1
136 1



Other curves:

  Curve25519 Brainpool curves up to ...
256 bits 384 bits 512 bits
Block size Required number of blocks Block size Required number of blocks Block size Required number of blocks Block size Required number of blocks
Key pair generation and public key computation 4 9 4 6 4 7 4 7
32 7 32 58 48 106 64 105
36 4 64 20 96 36 128 36
64 8 68 3 100 3 132 3
72 1 104 1 136 1
180 1 372 1 372 1
576 1 1152 1 1152 1
ECDH 4 9 4 7 4 7 4 7
32 7 32 31 48 57 64 56
36 2 64 12 96 20 128 20
64 8 68 3 100 3 132 3
72 1 104 1 136 1
84 1 180 1 180 1
288 1 576 1 576 1
ECDSA N/A N/A 4 8 4 8 4 8
32 63 48 113 64 112
64 16 96 32 128 32
68 3 100 3 132 3
72 1 104 1 136 1
96 1 144 1 192 1
128 2 192 2 256 2
132 3 196 3 260 3
288 1 576 1 576 1
576 1 1152 1 1152 1
Private key 32 1 32 1 48 1 64 1
Public key 64 2 64 3 96 3 68 1
128 2

Documentation feedback | Developer Zone | Subscribe | Updated