Global Sources
EE Times-Asia
Stay in touch with EE Times Asia
EE Times-Asia > Controls/MCUs

Enhance MCU performance, security with hardware accelerated crypto

Posted: 25 Sep 2012 ?? ?Print Version ?Bookmark and Share

Keywords:identity theft? cryptographic processing? symmetric-key cryptography?

Hashing is particularly useful in certain cryptographic operations such as digital signatures, data integrity, non-repudiation, message authentication and other forms of authentication. Several hashing algorithms have been standardized and are in common use today, including the following:

* Message Digest Algorithm (MD5) C Although this hashing function has been widely deployed, it has certain vulnerabilities in some applications.

* Secure Hash Algorithm (SHA) C SHA has gone through several generations, the strongest of which is a 256bit function.

4. Random number generators. Another important aspect of many security applications is a random number generator. Random numbers are used by several of the functions which comprise a security subsystem, including encryption algorithms and hashing functions.

It should be noted that random numbers generated in software are not always true random numbers. Hardware-generated random numbers are more often truly random.

5. Hardware acceleration vs. software execution. How and where cryptographic algorithms are processed is another important consideration for developers. Saddling the system's main CPU with the burden of processing computationally-intense cryptographic code will siphon processing cycles away from the system's user applications and possibly detract from the user experience.

Some embedded processors, have been equipped with hardware-based accelerators dedicated to cryptographic processing.

These specialized accelerators offload the bulk of the cryptographic processing from the system's CPU so that the CPU's processing bandwidth is retained for end user application processing. As a result, the overall throughput of the system is optimized.

Move cryptography from software to hardware
Last year, manufacturers started to create processors that have hardware-based accelerators on it. These hardware accelerators operate separately from the ARM core so that when cryptographic security processing is required, it does not steal processing cycles away from the ARM core. Thus, almost all of the cryptographic processing is offloaded from the ARM to distinct security accelerators elsewhere in the hardware.

This offloads the processing of computationally-intense security algorithms from the ARM core, retaining processing cycles on the ARM for those tasks it is particularly well suited to perform, such as operating system housekeeping tasks, the user interface, graphics, the Wi-Fi wireless communications stack, control software and most application software (figure 3).

Figure 3: The Sitara AM335x ARM Cortex-A8 processor includes hardware-based security accelerators that offload cryptographic processing from the ARM core.

This shift to a more effective method of cryptographic processing has been accomplished seamlessly and in a manner that is transparent to developers. When executing security algorithms in the past, the ARM core would call a security API, and the required algorithm would be processed on the ARM.

Now, with separate hardware-based security accelerators, the ARM still calls the same security API, but the subsequent processing of the security algorithm now takes place on the distinct hardware accelerator module, not on the ARM.

Since the ARM acts in the same way with regards to the security API, shifting cryptographic processing from the ARM to a separate hardware module has limited effects on the rest of the system's software.

One approach to implementing hardware-based cryptographic acceleration is to use OCF-Linux. OCF-Linux is a Linux port of the OpenBSD/FreeBSD Cryptographic Framework (OCF) which brings hardware cryptographic acceleration to the Linux kernel and applications.

?First Page?Previous Page 1???2???3???4?Next Page?Last Page

Article Comments - Enhance MCU performance, security wi...
*? You can enter [0] more charecters.
*Verify code:


Visit Asia Webinars to learn about the latest in technology and get practical design tips.

Back to Top