FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Is it possible to perform password authentication on STSAFE-A before any operations are executed?

pegvin
Associate

‎2026-05-09 12:45 AM - edited ‎2026-05-09 3:52 AM

Greetings,

I am working on a Hardware-based password manager. When the device is first setup, A 512-Bit key is created which is used to encrypt & decrypt the passwords. This key will be stored on STSAFE-A's Symmetric Key Table and the password can be encrypted/decrypted using this key on the STSAFE-A.

Now, I want to be able to set a user specified password on the STSAFE-A and then this password will be used by STSAFE-A to authenticate before performing any encryption/decryption/etc operations. After a set amount of wrong attempts, STSAFE-A should erase the key.

Is this achievable?

Regards,
Aditya M.

Labels:
0 Kudos
1 REPLY 1
Benjamin BARATTE
ST Employee

‎2026-06-08 8:57 AM

Hi @pegvin ,

Thanks for your interest to STSAFE-A solution.

With STSAFE-A120, you don't have a password on which you can apply a policy to delete key material.

You need to have a mixed between the MCU logic and the STSAFE-A usage.

That means the MCU logic shall be able to use the user password as a challenge for user authentication and then allow the decryption of wanted password stored in the device.

 

For instance you can use the Key store in the key table to encrypt the user password hash to generate a key to decrypt the wanted password.

Nevertheless, the limitation of 10 trials, shall be manage on MCU side.

 

Also, you mention the creation of 512 bits key, the STSAFE-A120 support AES 256 maximum.

 

Best Regards,

Benjamin

0 Kudos
Announcement

We’re moving the ST Community to a new platform to give you a better and more reliable community experience.

Top