Encrypting OTA software updates files for embedded devices
I need to encrypt and send update files of the order of 100K from a server, through a mobile app, to low power wireless embedded devices (32 bit). The file transfers will be infrequent. The mobile to device communications are slow (BLE) and can carry 16 bytes of data per message. The device has limited additional memory beyond the 100K so the decryption would need to be in place. Code space is also fairly limited on the device.
The server and the devices can have common secrets and the device can create a sequence of nonces that does not repeat after a power cycle. The files already include CRC32s for data integrity validation.
Is the following a valid approach?
Each device has its own key the server has a table of device keys The device sends its id and nonce to the server. The file is encrypted with authentication as a whole at the server. The encrypted file is sent to the mobile app, broken into 16 byte chunks, sent to the device. The device reassembles the encrypted file, decrypts and checks authenticity.
Would salsa20 + umac be a good choice for encryption/authentication?
