...need cryptographic functions....RSA ...need a really good cryptography function...
Does it have to be public key? Are the programs at both ends of the network connection running in Arduino boards or is one end an Arduino and the other some workstation on a network? Or what? Are there any specific requirements for encryption and/or decryption speed?
I would be really interested (and pleasantly surprised) to learn that any significant RSA functionality can be implemented (at what speed) on any kind of Arduino. The "lot of stuff" in the various RSA libraries that I have glanced at (including C code in libtomcrypt and C++ code in cryptoplusplus) involve multiple-precision (in some cases arbitrary-precision) integer arithmetic. The libraries that I have glanced at make frequent and copious use of dynamic memory allocation so, just looking at the code, I can't get a feel for how much RAM would be involved. See Footnote :
Other algorithms (symmetric-key block ciphers like AES) are definitely implementable on small processors. I haven't tried AES (or any other serious kind of encryption) on any of my "toy" Arduino projects, but I have
used the public-domain XTEA
algorithm in wireless network applications using rather modest (small, cheap) processors like the Renesas RF211B4 with 16 K Bytes of Program Memory and 1 K Bytes of RAM. The encryption/decryption part of the program represented a very small percentage of the time and memory requirements of the application code. It's really small. What, exactly
, are your requirements?
So: Instead of claiming that any approach that I might consider is "really good," I might ask , "How good is "good enough?" In particular (and in addition to robustness of the cipher itself) a major consideration is key management. That's where many schemes break down. How do the different network elements learn what key to use in order to join the network? If they can be configured off-line (maybe when they are programmed, but in any case not over the network), it might not be a problem. If, on the other hand, you have to convey a key to a remote element when it first wants to join the network, then...
[/begin Editorial Comment
I am very leery of the use of dynamic memory allocation of any kind in C (or C++) based embedded applications like Arduino stuff because of the ever-present possibility of unrecoverable heap memory fragmentation after an unpredictable amount of operation. That's where there is actually enough unallocated memory on the heap but not enough contiguous
memory to grant a request.
[/end Editorial Comment
That's just an opinion. My opinion. It's worth exactly as much as you want it to be worth.
When it comes to encryption, there are two important security rules:
1. Don't tell everything you know.