RSA Or ECC Library

Hello All,

I'm new to the development world of Arduino and quite excited to start developing. Right now, I am given a project that requires me to look into the feasibility of private key crypto on Arduino. More specifically, looking for an RSA or Elliptic Curve Arduino library that will run on an Arduino Mega 2560. I've done my fair share of searching for these specific algorithms. I've found one, but cannot trust that its implemented correctly. I've looked on the the avr crypto site with no luck. Additionally I've looked through these forums as well as google. The forums I come across, some state that its not possible to implement any of these two algorithms in there entirety on this board. I'm not sold on that. So, if anyone has one (or both) of these libraries I would appreciate the help, and the source. Thank you all!

How much memory do you need for an application like that ?

Well, I'm using the Arduino 2560 Mega, so I have 256 KB for code (minus 8 for bootloader), 8KB SRAM and 4 KB EEPROM. So even using the minimum standardized key length of 2048 bits, takes up quite a bit a space. Then the data that it must operate on needs to be handled in very small chunks. Given my time frame, I can't really try to develop (if I even could) this for Arduino so an RSA or ECC library would really be helpful

ketteringce:
Hello All,

I'm new to the development world of Arduino and quite excited to start developing. Right now, I am given a project that requires me to look into the feasibility of private key crypto on Arduino. More specifically, looking for an RSA or Elliptic Curve Arduino library that will run on an Arduino Mega 2560. I've done my fair share of searching for these specific algorithms. I've found one, but cannot trust that its implemented correctly. I've looked on the the avr crypto site with no luck. Additionally I've looked through these forums as well as google. The forums I come across, some state that its not possible to implement any of these two algorithms in there entirety on this board. I'm not sold on that. So, if anyone has one (or both) of these libraries I would appreciate the help, and the source. Thank you all!

So always the first question: what is your threat model?

Well for now I'm only looking into it for educational purposes. That's not to say In the future it couldnt be used in production. So a passable implementation would be nice in the event that there's a security audit. Anyway, it would most likely be used for key exchange or even for signing purposes.

Well its a tight fit for RAM I think - certainly for RSA with secure keylengths being
what they are now.

ECC takes less space but you'll have to implement discrete elliptic curve operations
over at least one of the NIST curves, which I doubt anyone trusts any more with
the Snowden revelations.

That was a very interesting read, and the ECC implementation still seems to be in question. Even with that said I still would not mind if there was a supported Arduino library for it. Also even for RSA, I'd be willing to look at smaller key sized implementations. If anyone knows if there is any for either algorithms, the source would be greatly appreciated.

Anyone have some sort of RSA/ECC library for Arduino? Any other asymmetric crypto algorithms out there?

Bump*

Quick (and possibly silly) question. Can I use the AVR-Crypto Lib for an Arduino Board (Mega 2560)? I do see an RSA implementation but it looks like it's been implemented in C not CPP. I ran across this before but didn't think I could just drop it in as is. Unfortunately I don't have the time to debug/modify it now so if anyone know that it is just usable as is, that would help. Thank you!

Bump

There's no problem with the AVR-crypto lib being in C but, after a brief look at the code, I'd say it won't be a matter of dropping it in as it is.

Pete

If you are interested in doing some security for Arduino boards like the mega using RSA and ECC, you would find these links to be very useful. I also used these during my research:

http://www.researchgate.net/profile/Mohit_Sethi/publication/261334004_End-to-end_Security_for_Sleepy_Smart_Object_Networks/links/00b49533e6c566943b000000.pdf

http://www.diva-portal.org/smash/get/diva2:563280/FULLTEXT02

This library is also useful:
https://code.google.com/p/relic-toolkit/