Asymmetric encryption library for Arduino Uno

I wonder if there is a implementation of any kind of asymmetric encryption library for Arduino Uno. Will it be so hard to code? Is the the atmega328 capable of handling this kind of algorithms?

public keys + certificates are likely to be too big to even fit in an Uno's RAM (2k), not to
say glacial to process.

Some sort of restricted RSA or DH might be doable, or even ECC, but what problem
are you trying to address?

Nick Gammon has ported a bignum library to AVR, The forum search function will find that.
Also check out http://avrcryptolib.das-labor.org/trac
Ask Google about AVR crypto as well. I've seen referenced to elliptic-curve for AVR.

The AVR is actually reasonably fast -- something like 2 MIPS. The main issue is the limited RAM.

EDIT: Yeah, that's it:
http://www.cmmsigma.eu/products/crypto/crs_avr010x.en.html
https://code.google.com/p/opencryptotoken/

gardner:
The AVR is actually reasonably fast -- something like 2 MIPS. The main issue is the limited RAM.

Datasheet sez...

Up to 20 MIPS Throughput at 20MHz

...that's based on "most" instructions being single-cycle. Basically 1 MIPS/MHz (I guess if a person can manage to only use the single-cycle instructions, haha; obviously the marketing guys got into that one). So practically, an Uno for example might average somewhere between 8 and 16 MIPS.

Of course we used to say that MIPS meant "Meaningless Indication of Processor Speed" :smiley:

I think you could get AES onto the processor without too many problems (of course, that is symmetrical).

You will probably have issues with RAM size for an asymmetric encryption implementations.

Yes I also think that for the Arduino that kind of encryption will be heavy. Basically what I need is to generate a token on the Arduino that have to "come" from a seed. So lets suppose I set a name/seed on the arduino: Test1, the token needs to come from that variable, be always different and needs to be a way to from the token get the name/seed. Any ideas?

If that's all you want to do then I think you can use the idea of hashing a challenge.

Say there is a known "key" that both ends know. The server sends a randomly-generated challenge to the Arduino. That concatenates that with the key giving challenge-key. Then that is hashed, say with MD5 or SHA. The result is returned to the server. The server, which also knows the challenge and the key also hashes them, and if the result is the same the client is authenticated.

Anyone intercepting the message only knows the hash, but not the key that, when concatenated with the challenge, produces that hash.

Thanks, the problem is I have no communication from the server to arduino, in other words the token needs to be generated on the arduino and then send it back to the server, being as I said always different.

I've recently started looking into how to achieve secure wireless communication with Arduino.
My own project will likely use nRF24L01+ chips for the wireless data transfer.

I believe I can reach sufficient security with a pre-shared key used for AES encryption, if I also use a randomly generated Initialization Vector and Cipher Block Chaining. I also plan to use Message Authentication Code to sign and verify encrypted data if I have room.
Even if the unencrypted data you send is always identical, the IV ensures the encrypted data will scrambled differently.

I hope this helps anyone looking to implement secure data transfer using Arduino.

Hi,

In case of anybody is interested i have recently started on the development of ECDH (Elliptic curve Diffie–Hellman) which basically will you allow you to get a shared key you can then use with AES.

I am doing this for the OpenEnergyMonitor, find the development thread in their forum: Asymmetric encryption implementation in nodes, emonHub and emonCMS | Archived Forum

Cheers,

Carlos