关于STM32 的 RSA + AES加密算法

pengjun334

请问一下各位  用STM32做1024位的RSA算法  是否可实现  
是应用在网络通讯上面的    密钥交互部分是用RSA算法  获取密钥OK之后用 AES加密算法   对所有网络通讯数据进行加密解密操作  并带有MD5校验

麻烦帮忙分析一下  谢谢

pengjun334

AES算法已经移植进去了  可以使用  
为什么我RSA算法 一加进去  程序都跑不起来呢。。。

pengjun334

麻烦有了解的帮忙回答一下  谢谢了

pengjun334

有人在知道怎么弄吗  谢谢了

zdhnh

同样的，我用STM32做2048位的RSA进行签名时，程序就跑不到了，根据log，一直在循环里，出不来了。

shangdawei

shangdawei

https://realtimelogic.com/products/sharkssl/Cortex-M3/

shangdawei

http://www.maojet.com.tw/product ... 0-8a7d-00e0814d9d67

       
The RSA Software Library IP is a library of embedded software optimized for maximum throughput and minimum memory utilization. The RSA Software Library IP include high-end software counter-measures against side-channel attacks and fault-injection attacks.

The RSA Software Library IP can run in stand-alone mode and can also run in conjunction with INVIA's Modular Exponentiation IP that provides hardware acceleration of  cryptographic calculations. It is recommanded to use the Modular Exponentiation IP with processors that do not have a 32x32 multiplier.

The cryptographic functions performed by the RSA Software Library IP are RSA  ciphering, deciphering, signature verification and signature generation. The RSA Software Library benefits from the Chinese Remainder Theorem（CRT）for maximum efficiency. Note that the countermeasures against fault-injection are very efficient even when the CRT is used during calculation.

The RSA Software Library is performance-optimized for the SPARC V8 LEON2 MCU and  for the ARM CORTEX M3 MCU. It is delivered as a binary or in assembly source code. It is structured as independent API modules

Highlights
　‧　Available on ARM CORTEX M3 and SPARC LEON2
　‧　RSA 2048-bit  deciphering：193ms on ARM Cortex M3 at 100 MHz in stand-alone mode
　‧　Stack size：RSA 2048-bit requires only 1kB on ARM Cortex M3
　‧　Code size：8kB on ARM Cortex M3

Security
　‧　Designed to resist the most advanced techniques of side-channel analysis and fault-injection attacks
　‧　Processing atomicity, data whitening, randomization(*) against side-channel attacks
　‧　CRT recombination and verification against fault-injection attacks

Deliverables
　‧　Binaries or Assembly source code for RSA functions
　‧　Binaries or Assembly source code for low-level API leaf functions
　‧　C source code examples of use of the libraries

shangdawei

STM32 Cryptographic Library UM0586 User manual

FireHe

谢谢 shangdawei

这个资料很详细呀，RSA真的好占用资源，太复杂复杂了。

shangdawei

RSA Cryptography Standard

shangdawei

The first processor is available in a low cost ST development system, the STM32-PerformanceStick.
This provides a Cortex-M3 CPU running at 72 MHz with 128 KB of Flash and 20 KB SRAM [12].

The second test device was a Qualcomm 7200 running at 400MHz, under the Windows Mobile 6.0 operating system.

The last test device was a standard PC with a XEON CPU running at 3.2 GHz under Windows XP.
It is clear  that the only platform of interest in the automotive eld is the ARM Cortex, which is widely used for embedded applications.

The results on the other two processors, which are mainly used in hand-held and desktop devices (for the Qualcomm 7220 and the Xeon, respectively),
are provided just as a reference.

albert.hu

shangdawei 发表于 2016-9-3 23:42
STM32 Cryptographic Library UM0586 User manual

也收到ST加密lib的邮件，没仔细看，不知道是不是免费的

xivisi

RSA的运算量 本来就巨大， 还用m3…………

ywlzh

我就简单的说一个吧

你用RSA算法加密一下200个字节的数据试试  返回一个错误，所以我就没有用这个RSA了

shangdawei

STM32 cryptographic firmware library software expansion for STM32Cube (UM1924)

http://www.st.com/content/st_com ... cube-cryptolib.html

The STM32 cryptographic library package (X-CUBE-CRYPTOLIB) includes all the major security algorithms for encryption, hashing, message authentication, and digital signing, enabling developers to satisfy application requirements for any combination of data integrity, confidentiality, identification/authentication, and nonrepudiation.
The library includes firmware as well as hardware-acceleration functions for STM32 families. For more details refer to STM32 crypto library User manual (UM1924) at the www.st.com website.This firmware is classified ECCN 5D002.
Most of the well-used algorithms are certified according to the US Cryptographic Algorithm Validation Program (CAVP), helping customers to prove quickly and cost-effectively the security of their new products.The certified algorithms are: AES (3971), RSA (2036), ECDSA (874), SHS (3275), DRBG (1165) and HMAC (2589). Full details are available online at the NIST CSRC Algorithm Validation Lists website http://csrc.nist.gov, selecting the Cryptographic Algorithm Validation Program web page.
In this package there are examples for each algorithm and template projects for popular development tools including Keil®MDK-ARM™, IAR®EWARM (IAR Embedded Workbench®) and GCC -based IDEs such as Ac6 SW4STM32 and Atollic®TrueSTUDIO®.
Key Features
Supported NIST CAVP certified crypto algorithms:
AES-128, AES-192, AES-256 bits:
ECB (Electronic Codebook Mode)
CBC (Cipher-Block Chaining) with support for cipher text stealing
CTR (Counter Mode)
CFB (Cipher Feedback)
OFB (Output Feedback)
CCM (Counter with CBC-MAC)
GCM (Galois Counter Mode)
CMAC
KEY WRAP
XTS (XEX-based tweaked-codebook mode with cipher text stealing
HASH functions with HMAC support:
SHA-1
SHA-224
SHA-256
SHA-384
SHA-512
Random engine based on DRBG-AES-128
RSA with PKCS#1v1.5:
Encryption/decryption
Signature
ECC (Elliptic Curve Cryptography)
Key generation
Scalar multiplication (the base for ECDH)
ECDSA
Supported, but not certified, crypto algorithms included in the library:
ARC4
DES, TripleDES:
ECB (Electronic Codebook Mode)
CBC (Cipher-Block Chaining)
HASH:
MD5
HKDF-SHA-512
ChaCha20
Poly1305
CHaCHA20-POLY1305
ED25519
Curve25519

shangdawei

STM32 cryptographic library (UM0586)

http://www.st.com/en/embedded-software/stm32-cryp-lib.html

看起来有两个版本的加密库。

shangdawei

emSecure-RSA

https://www.segger.com/emlib-emsecure-rsa.html

emSecure-RSA is a fast solution to verify data on a microcontroller.

Data can be verified in less than 30 ms using a default key.

With smaller keys verification can even be done in less than 10 ms without using additional hardware.

Once a signature is generated, the signed data can be verified by its signature in an embedded application
or on an external application communicating with the device.

Verifying data takes less than 40 ms on a Cortex-M4, running at 200 MHz,
which is not significantly more time for a bootloader to start firmware.

shangdawei

armstrong

可以实现的，参考mbedTLS或者wolfSSL

shangdawei

flea – Embedded Cryptographic Libray

http://cryptosource.de/product_flea_en.html

flexible, leightweight, and efficient algorithms

Our cryptographic software library flea (flexible leightweigt efficient algorithms) is tailored to the use in resource constrained devices.

Its main feature is a set of highly efficient implementations of public-key algorithms.

It is our aim to enable you to efficiently use cryptographic algorithms based on software implementations on low-cost 32-, 16-, and 8-bit standard platforms.

To this end, flea is available to you under two different licences: under the well known GPL v3 license and under the flea license ,
which allows you to use flea in your commercial closed-source applications without any licensing cost or other restrictions.

In order to reach this goal, the library is designed for flexibility.

It enables extensive configuration options in order to offer the optimal performance under all requirements.

To facilitate the seamless integration into your software framework, flea supports stack as well as heap memory allocations.

flea features high performance implementations especially of the public-key algorithms.

A 2048-Bit RSA signature generation or decryption on an ARM-Cortex-M3 @ 84MHz takes one second.

shangdawei

shangdawei

What is mbed TLS?

mbed TLS is an open source and commercial SSL library licensed by ARM Limited..

mbed TLS used to be called PolarSSL, which started as the official continuation of another project, called XySSL, in 2008 and has been developed further ever since.

mbed TLS is supported by ARM with a young dynamic team which aims to keep customers happy with its straightforward and easygoing philosophy.

Download mbed TLS and PolarSSL

https://tls.mbed.org/download



mbed TLS supports a number of different cryptographic algorithms:

Ciphers

AES, Camellia, DES, RC4, RC5, Triple DES, XTEA, Blowfish

Cryptographic hash functions

MD5, MD2, MD4, SHA-1, SHA-2

Public-key cryptography

RSA, Diffie-Hellman key exchange,
Elliptic curve cryptography (ECC),
Elliptic curve Diffie–Hellman (ECDH),
Elliptic Curve DSA (ECDSA)

runapp

shangdawei 发表于 2016-9-4 14:57
flea – Embedded Cryptographic Libray

http://cryptosource.de/product_flea_en.html

给力！！收了，感谢！

gzhua20088ssj

看起来还不错，多谢了

thxlp

不错，收藏一下

ycping

收藏了。。

leiyitan

417有硬件加密的

zwjiang8212

收藏了  

wanming2009

leiyitan 发表于 2016-9-16 14:40
417有硬件加密的

只有AES和DES的加密，并没有RSA

jjj

顶一下，准备使用RSA加密 。

xld826

MARK  RSA加密

enthier

MARK  RSA加密

xjavr

RSA   收藏

haigerl

收藏备用，RSA

alts115

做个标记，关于STM32 的 RSA + AES加密算法

o0pingu0o1

这是个好东西，找了好久。

Embedtech

rsa非对称，没内置hsm模块，很难跑起来