Month: January 2021

In previous blogs, the old math library implementations were discussed and wolfSSL‘s new SP Math All implementation was introduced. Also a comparison between the Integer and SP Math All implementations was discussed showing the improvements in the new library that make it a compelling replacement.

Let’s take a look at how much faster SP Math All is than TFM. (Note: SP Math All configured with –-enable-sp-math-all=huge, TFM configured with --enable-fasthugemath.)

	x64	Aarch64
RSA 2048 Sign	32.05%	44.69%
RSA 2048 Verify	21.30%	31.01%
DH 2048 Key Gen	10.90%	16.31%
DH 2048 Agree	6.56%	16.27%
ECC P-256 Key Gen	57.92%	56.95%
ECC P-256 Agree	54.38%	55.90%
ECC P-256 Sign	53.95%	49.95%
ECC P-256 Verify	41.35%	47.73%

The Elliptic Curve algorithms are consistently faster across the board – about 50% on x64 and Aarch64. The RSA and DH are variable but the RSA sign is significantly faster. This is all due to better multiplication and squaring operations that use better assembly code snippets.

Now for the code size:

x64 (bytes)	TFM	SP Math All
+RSA +DH +ECC	490866	136842	-72.12%
+RSA +DH -ECC	485785	126410	-73.98%
-RSA -DH +ECC	485210	136266	-71.92%

The TFM huge build includes Comba implementations of large bit sizes while the SP Math All uses significantly smaller Karatsuba implementations resulting in vast savings in size with increased speed.

Clearly SP Math All has all the features of TFM but does it better!

In the next blog, a comparison of the performance characteristics of SP Math All and OpenSSL. If you have any commentary or feedback please reach out to our team at facts@wolfssl.com or support@wolfssl.com!

We would like to personally invite you to a webinar presented by wolfSSL.

wolfSSL Engineer, Jacob, will talk about the top reasons why people migrate from OpenSSL to wolfSSL as well as how to get started. He will cover how to build with the compatibility layer as well as some examples of applications. Please come with any questions you may have!

When: Feb 4, 2021 08:00 AM Pacific Time (US and Canada)
Topic: Migrating from OpenSSL to wolfSSL

Register in advance for this webinar: https://us02web.zoom.us/webinar/register/WN_77LJw_fbQvWYl3gbiCaFRQ

After registering, you will receive a confirmation email containing information about joining the webinar.

See you there!

Additional Resources

Please contact us at facts@wolfssl.com with any questions about the webinar. For technical support, please contact support@wolfssl.com or view our FAQ page.

In the meanwhile, check out the wolfSSL embedded SSL/TLS library, star us on Github, and learn more about the latest TLS 1.3 is available in wolfSSL.

In our last blog, the multi-precision math implementations in wolfCrypt were discussed with a feature comparison. In this blog we compare the performance of the SP Math All and Integer implementations.

The SP Math All library can be compiled with WOLFSSL_SP_SMALL (--enable-sp-math-all=small) to be small in size, with lower performance, to suit embedded applications. The code is both smaller and faster than the Integer math library.

Let’s take a look at how much faster SP Math All is than Integer. (Note: SP Math All configured with –-enable-sp-math-all=small -–disable-asm C_EXTRA_FLAGS=-DWC_NO_HARDEN, Integer configured with –-disable-fastmath.)

	x64	Aarch64
RSA 2048 Sign	81.43%	50.46%
RSA 2048 Verify	993.81%	522.14%
DH 2048 Key Gen	48.55%	1.82%
DH 2048 Agree	65.16%	12.71%
ECC P-256 Key Gen	45.22%	112.74%
ECC P-256 Agree	43.74%	111.60%
ECC P-256 Sign	55.01%	118.90%
ECC P-256 Verify	62.54%	127.31%

The Elliptic Curve algorithms are consistently faster across the board – about 50% on x64 and 100% on Aarch64. The RSA and DH are variable but the RSA verify operation is much faster due to the optimized exponentiation implementation in SP Math All.

Now, code size is just as important if not more so! Let’s take ARM Cortex M4 as an example.

ARM Cortex-M4 (bytes)	Integer	SP Math All
+RSA +DH +ECC	23625	18672	-20.97%
+RSA +DH -ECC	22492	16836	-25.15%
-RSA -DH +ECC	21149	18232	-13.79%

All builds are smaller with a saving of up to 25% and the code is faster! Similar reductions are seen across all CPUs.

In the next blog, a comparison of the performance characteristics of sp_int.c and tfm.c. If you have any commentary or feedback please reach out to our team at facts@wolfssl.com or support@wolfssl.com!

wolfSSL has a new implementation of the multi-precision math library that is an improvement in every way. The code is in sp_int.c and can be turned on with WOLFSSL_SP_MATH_ALL or -–enable-sp-math-all. Previously the choice was between the implementations in integer.c and tfm.c.

The small or Integer implementation (--disable-fastmath) was written to be simple, to have small code size, and use small amounts of memory. And it does a great job! By using simple, small algorithms and dynamically resizing the memory holding the number the code is perfect for embedded applications. Certain industries have specific coding standards that require no dynamic memory allocation and therefore this implementation is not suitable without the static memory allocator. Also the implementation is not hardened against side-channel attacks. This will not matter for embedded applications that have no cryptographic operations that are externally measurable.

The fast or TFM implementation --enable-fastmath (USE_FAST_MATH), --enable-fasthugemath (USE_FAST_MATH, TFM_SMALL_SET, TFM_HUGE_SET), is based on TomsFastMath – a public domain, large integer arithmetic library. The code was written to be fast. This means the code is more complicated and larger with case specific implementations. Also, the size of data for a number is fixed. Therefore, no dynamic reallocations. The code is hardened against side-channels (TFM_TIMING_RESISTANT) which makes it suitable for wider use. This implementation is perfect for embedded applications with more memory or mobile apps! Basing the implementation on an external code base does have its disadvantages though. Every time we update our code, we drift away from the original and bringing back the external changes takes longer and longer.

So why a new implementation? An implementation that has the best of both worlds – able to be small or fast – and is written from scratch, by us, and maintained, by us, means that we have everything we need in one place. Oh, and did we mention it can be compiled to be smaller and faster than integer.c, or to be smaller and faster than tfm.c?

The new SP Math All (sp_int.c) implementation can be compiled to be small, fast. or very fast and huge. Like the fast implementation, the size of data for a number is fixed and therefore there are no dynamic reallocations. When compiled for small code size, only the simple algorithms for basic operations are included but far less speed is sacrificed! There is also fast implementations that are included with the huge option which include code specifically for larger numbers like 1024-bits and above. To get the code running as fast as possible, snippets of assembly code are used. A wide range of platforms are supported including: x64, x86, Aarch64, ARM32, Cortex-M4, PPC64, PPC, MIPS64, MIPS, RISCV64, RISCV32 and S390X. SP Math All code will use implementations hardened against side-channels by default.

A brief summary of the implementations is below:

	Integer	TFM	SP Math All
Number Data	Dynamic	Fixed	Fixed
Memory Usage	Small	Large/Huge	Small/Large/Huge
Speed	Slow	Fast/Very Fast	Slow/Fast/Very Fast
Assembly Code	None	Few Platforms	Many Platforms
Hardened Impls	No	Yes	Yes

In the next blog, we will take a look at the comparison of performance characteristics of SP Math All and Integer implementations. If you have any commentary or feedback, or have questions about using the wolfSSL embedded SSL/TLS library in your project, please reach out to our team at facts@wolfssl.com or support@wolfssl.com!

Starting with version 4.6, wolfCrypt includes full implementations of the XChaCha stream cipher and the XChaCha20-Poly1305 AEAD. This new AEAD supports messages with 64 bit size and immense 192 bit nonces, removing all practical limitations on size and number of messages within a cryptographic session or context. It is ideal for applications such as VPN transports, particularly when a high degree of portability is paramount.

wolfCrypt can process fully authenticated sequences of AEAD messages using a simple one-shot API, via wc_XChaCha20Poly1305_Encrypt() and wc_XChaCha20Poly1305_Decrypt(), or wc_XChaCha20Poly1305_Init() can be called directly to set up the underlying cipher for incremental processing by the existing ChaCha20 and Poly1305 interfaces.

For more information about using wolfSSL or wolfCrypt, or for questions about using wolfSSL in your project, contact us at facts@wolfssl.com.  wolfSSL includes support for TLS 1.3, FIPS 140-2/140-3, DO-178, and more.

We would like to personally invite you to a webinar presented by wolfSSL.

This webinar will provide attendees with the basics and best practices needed to get started using the wolfSSL TLS library in products and projects into 2021! Topics will include a brief overview of TLS 1.3, wolfSSL package structure, how to build wolfSSL, running the wolfCrypt cryptography test and benchmark applications, wolfSSL basic API usage, tips on debugging, and more! Bring your questions for the Q&A session to follow!

When: Jan 27, 2021 09:00 AM Pacific Time (US and Canada)
Topic: Webinar: Getting Started with wolfSSL

Register in advance for this webinar:
https://us02web.zoom.us/webinar/register/WN_8iDFaiW_QSyDIKzyIYXGSA

After registering, you will receive a confirmation email containing information about joining the webinar.

See you there!

Additional Resources

Please contact us at facts@wolfssl.com with any questions about the webinar. For technical support, please contact support@wolfssl.com or view our FAQ page.

In the meanwhile, check out the wolfSSL embedded SSL/TLS library, star us on Github, and learn more about the latest TLS 1.3 is available in wolfSSL.

The threat of cyber security attacks exist in every industry simply because the need/want of intelligent devices has increased. From the data aspect – we need to address data at rest, data in transit and firmware updates. These three key factors have been wolfSSL’s wheel house for the last 10 years. In the last few years, industries that have safety-critical and/or functional-safety standards are also having to implement Cyber Security Standards; Commercial Aviation (DO-178B/DO-178C) and Automotive (ISO-26262). As we write this blog, these new Cyber Security Industry Standards are still being drafted.

Cyber Security industry standards such as ISO-21434 (Automotive) seems to be somewhat ahead of DO-326A (Airworthiness Security Process Specification) and have kept engineering cyber security teams guessing on how they need to address their architectures and processes. We believe that wolfSSL can help these teams move forward NOW in their planning, coding and implementation because we provide the products that help you meet whatever cyber security process or industry standard you’re trying to meet. Afterall, we do have a DO-178C DAL A certifiable crypto and support FIPS 140-3 today.

Whether you’re trying to address data at rest (SSL/TLS, SSH), data in transit (secure crypto) or firmware updates (SSL/TLS, crypto, MQTT), wolfSSL has a product portfolio that can meet your architecture needs. Our products are dual-licensed for those that need something “Open” or for Commercial use and we support virtually every Operating System and microprocessor on the market. If we don’t support your operating environment we have a world-class engineering team to do so. We even support bare metal!So, don’t wait for standards to be finalized. Don’t wait for a data security breach to be the reason to address cyber security. Do it now with a simple email to info@wolfssl.com.

Users and customers build the wolfSSL embedded SSL/TLS library in all kinds of build environments, one of those being Cygwin on Windows.

To build wolfSSL for Cygwin, here are the current steps to do so. These instructions can also be found in the wolfSSL Manual.

1. Go to https://www.cygwin.com/install.html and download setup-x86_64.exe
2. Run setup-x86_64.exe and install however you choose. Click through the installation menus until you reach the “Select Packages” stage.
3. Click on the “+” icon to expand “All”
4. Now go to the “Archive” section and select “unzip” drop down, change “Skip” to 6.0-15 (or some other version).
5. Under “Devel” click “autoconf” drop down and change “Skip” to “10-1” (or some other version)
6. Under “Devel” click “automake” drop down and change “Skip” to “10-1” (or some other version)
7. Under “Devel” click the “gcc-core” drop down and change “Skip” to 7.4.0-1 (NOTE: wolfSSL has not tested GCC 9 or 10 and as they are fairly new does not recommend using them until they have had a bit more time to be fine-tuned for development).
8. Under “Devel” click the “git” drop down and change “Skip” to 2.29.0-1 (or some other version)
9. Under “Devel” click “libtool” drop down and change “Skip” to “2.4.6-5” (or some other version)
10. Under “Devel” click the “make” drop down and change “Skip” to 4.2.1-1 (or some other version)
11. Click “Next” and proceed through the rest of the installation.

Post Install:

1. Open a Cygwin terminal and clone wolfSSL “git clone https://github.com/wolfssl/wolfssl.git”
2. “cd wolfssl”
3. “./autogen.sh”
4. “./configure”
5. “make”
6. “make check”

For additional assistance building wolfSSL in your environment, contact wolfSSL at facts@wolfssl.com. In addition to portable builds, wolfSSL includes TLS 1.3 and has variants available for FIPS 140-2/140-3, DO-178, and MISRA!

Even FPGA softcore microprocessors need security. wolfSSL supports Xilinx MicroBlaze and Altera Nios II as well as Zynq SoCs with acceleration using XilSecure. For new and legacy projects, efficient security is available with first-class support.

See the Xilinx Vitis and Vivado README. For Nios II, from the Quartus developer environment run ./configure --host=nios2-elf

wolfSSL provides leading TLS 1.3 capabilities in a small memory footprint, and also offers FIPS 140-2/140-3 and DO-178 certified versions.

Please contact us at facts@wolfssl.com with any questions you have on wolfSSL, or just give us a call!

FIPS 140-2 requires the use of validated cryptography in the security systems implemented by federal agencies to protect sensitive information. The wolfCrypt Module is a comprehensive suite of FIPS Approved algorithms. All key sizes and modes have been implemented to allow flexibility and efficiency.

The National Institute of Standards and Technology (NIST) is sending FIPS cert #2425 into sunset June 2021. For customers who will be impacted, the wolfCrypt Cryptographic Module maintains its #3389 certificate and can be used in conjunction with the wolfSSL embedded SSL/TLS library for full TLS 1.3 client and server support. Upgrade your FIPS cert with wolfSSL to stay afloat and benefit from: 

• Algorithm support for TLS 1.3!
• New algorithms such as AES (CBC, GCM, CTR, ECB), CVL, Hash DRBG, DSA, DHE, ECDSA (key generation, sign, verify), HMAC, RSA (key generation, sign, verify), SHA-3, SHA-2, SHA-1, and Triple-DES
• Hardware encryption support for NXP’s Cryptographic Assistance and Assurance Module (CAAM), NXP Memory-Mapped Cryptographic Acceleration Unit (mmCAU), Intel’s AES-NI, and more
• Support for secure elements and TPM’s
• Interoperability with wolfBoot, wolfSSH, and wolfTPM
• Integration support for third party libraries such as strongswan, nginx, python and more

Contact us to upgrade to FIPS cert #3389 at fips@wolfssl.com. 

Additional Resources 

Learn more about wolfSSL support for FIPS cert #3389: https://www.wolfssl.com/wolfcrypt-fips-certificate-3389-3/ 

For a list of supported Operating Environments for wolfCrypt FIPS, check our FIPS page: https://www.wolfssl.com/license/fips/ 

Our FIPS Story

wolfSSL is currently the leader in embedded FIPS certificates. We have a long history in FIPS starting with wolfCrypt FIPS 140-2 Level 1 Certificate #2425 as well as wolfCrypt v4 FIPS 140-2 Level 1 Certificate #3389. wolfSSL partners with FIPS experts KeyPair to bring you FIPS consulting services, and high assurance along each step of your FIPS certification process. Additionally, wolfSSL will be the first implementation of FIPS 140-3.

wolfSSL also provides support for a wolfCrypt FIPS Ready version of the library! wolfCrypt FIPS Ready is our FIPS enabled cryptography layer code included in the wolfSSL source tree that you can enable and build. You do not get a FIPS certificate, you are not FIPS approved, but you will be FIPS Ready. FIPS Ready means that you have included the FIPS code into your build and that you are operating according to the FIPS enforced best practices of default entry point, and power on self test.

wolfCrypt FIPS Ready can be downloaded from the wolfSSL download page located here: https://www.wolfssl.com/download/. More information on getting set up with wolfCrypt FIPS Ready can be found in our FIPS Ready User guide here: https://www.wolfssl.com/docs/fips-ready-user-guide/