So that works for messages going from the MCU to the host. The firmware can use the hosts public key to encrypt and only the host can decrypt it. But what about going the other way. Doesn’t the host have to encrypt messages sent to the MCU using the MCU’s public key, necessitating the FW having the MCU’s private key hardcoded in order to decrypt it?
The problem with using public key encryption for all messages is that it is too slow. My MCU has an AES encryption engine, which we should use for performance reasons.