Global Sources
EE Times-Asia
Stay in touch with EE Times Asia
EE Times-Asia > Controls/MCUs

Enhance MCU performance, security with hardware accelerated crypto

Posted: 25 Sep 2012 ?? ?Print Version ?Bookmark and Share

Keywords:identity theft? cryptographic processing? symmetric-key cryptography?

Asymmetric-key cryptography, on the other hand, uses a pair of keys that are mathematically related in such a way that information can be encrypted with a key and decrypted with the other. However, one key cannot be created from the other. The key pair consists of a private key that must be kept secret and a "public" key that can be distributed widely.

There are two main uses of asymmetric key cryptography, Encryption (figure 2, top) and Authentication (figure 2, bottom). With public encryption a message can be encrypted with a public key and transmitted over to the owner of the private key. Only the holder of the private key will be able to decrypt the original message. Authentication can be achieved by encrypting a message with a sender's private key.

Receivers who possess the corresponding sender's public key will be able to decrypt the message and therefore know that the message is authentic because only the owner of the private key could have encrypted. Encryption and Authentication can even be combined. The sender can encrypt a message first with the receiver's public key and then with the sender's private key.

The receiver will use the sender's public key to authenticate the message first, and then the receiver's private key to decrypt the message. It is worth mentioning that public keys can be verified by a trusted third party to assure the user of the key that it is from the intended owner. A verified public key is called a "certificate." Verisign is the best known certificate authority.

In contemporary computer and communication systems, cryptography is employed to secure data and achieve four purposes:

1. Confidentiality: Data is protected by hiding its meaning, often within nonsensical data.

2. Authentication: The person or party providing the data, document or content has been verified.

3. Data integrity: When data is received, the receiver is assured that the data has not been tampered with or changed.

4. Non-repudiation: When an individual takes responsibility for an action, such as a commitment to purchase something, that commitment cannot be denied or repudiated at a later time.

These different purposes for data security figure prominently in a wide variety of end user applications deployed extensively all over the world, including Web browsing, e-commerce, secure wireless communication links, virtual private networks (VPN) and many others.

Building on security
Many embedded systems are based on the Linux open source operating system and there are a number of specialized security frameworks that can be implemented in Linux systems. In addition, several open source cryptographic algorithms will plug into these security frameworks and provide them with cryptographic capabilities. Here are a few:

1. Specialized security frameworks. Some of the most prevalent open source security frameworks include the following:

* OpenSSL 每 Implements two secure communications protocols, the Transport Layer Security (TLS) and Secure Socket Layer (SSL) protocols.

* WPA Supplicant 每 Implements the IEEE 802.11i security mechanisms for wireless local area networks (Wi-Fi).

* Dropbear 每 Implements a secure server and client.

* OpenSSH 每 Implements a secure server, client and file transfer protocol (FTP) server.

* OCF-Linux 每 Implements a cryptographic framework and an application programming interface (API) that eases development with high-level cryptographic software.

2. Cryptographic algorithms. Some of the common cryptographic algorithms which are integrated into security applications are the following:

* Data Encryption Standard (DES) 每 The DES encryption algorithm was developed in the 1970s. Although it has been widely deployed over the years, it has subsequently been superseded by other algorithms.

* 3Data Encryption Standard (3DES) 每 3DES performs DES encryption three times to strengthen the protection of the encrypted data and overcome some of vulnerabilities of the DES algorithm.

* Advanced Encryption Standard (AES) 每 AES is one of the most advanced cryptographic algorithms in widespread use today.

3. Hashing functions. Another type of cryptographic algorithm is known as "hashing" or a "hash function." A hash function is applied to data to create a hash value or "digest". Surreptitious or accidental changes to the data will change the hash value.

?First Page?Previous Page 1???2???3???4?Next Page?Last Page

Article Comments - Enhance MCU performance, security wi...
*? You can enter [0] more charecters.
*Verify code:


Visit Asia Webinars to learn about the latest in technology and get practical design tips.

Back to Top