As you may know, wolfSSL includes support for offloading cryptography operations into NXP Coldfire and Kinetis devices that include the CAU, mmCAU, or LTC hardware crypto modules. Taking advantage of these modules improves performance of both the cryptography and the SSL/TLS layer running on top of it.
Here is a quick comparison of performance between software cryptography and the hardware-based cryptography offered by the Kinetis mmCAU on a K60 TWR running at 100MHz:
Software Crypto Hardware Crypto AES 0.49 MB/s 2.71 MB/s DES 0.31 MB/s 3.49 MB/s 3DES 0.12 MB/s 1.74 MB/s MD5 4.07 MB/s 4.88 MB/s SHA-1 1.74 MB/s 2.71 MB/s SHA-256 1.16 MB/s 2.22 MB/s HMAC-SHA 1.74 MB/s 3.05 MB/s HMAC-SHA256 1.22 MB/s 2.03 MB/s
And, here are some benchmark comparisons between software and hardware cryptography offered by the LTC module on a NXP FRDM-K82F, Cortex M4 running at 150 MHz:
Software Crypto Hardware Crypto RNG 0.136 MB/s 0.939 MB/s AES enc 0.247 MB/s 12.207 MB/s AES dec 0.239 MB/s 12.207 MB/s AES-GCM 0.016 MB/s 12.207 MB/s AES-CTR 0.247 MB/s 8.138 MB/s AES-CCM 0.121 MB/s 6.104 MB/s CHACHA 0.568 MB/s 3.052 MB/s CHA-POLY 0.444 MB/s 1.878 MB/s POLY1305 2.441 MB/s 8.138 MB/s SHA 0.842 MB/s 4.069 MB/s SHA-256 0.309 MB/s 2.713 MB/s SHA-384 0.224 MB/s 0.763 MB/s SHA-512 0.216 MB/s 0.698 MB/s RSA 2048 public 147.000 ms 12.000 ms (over 1 iteration) RSA 2048 private 2363.000 ms 135.000 ms (over 1 iteration ECC 256 key generation 355.400 ms 17.400 ms (over 5 iterations) EC-DHE key agreement 352.400 ms 15.200 ms (over 5 iterations) EC-DSA sign time 362.400 ms 20.200 ms (over 5 iterations) EC-DSA verify time 703.400 ms 33.000 ms (over 5 iterations) CURVE25519 256 key generation 66.200 ms 14.400 ms (over 5 iterations) CURVE25519 key agreement 65.400 ms 14.400 ms (over 5 iterations) ED25519 key generation 25.000 ms 14.800 ms (over 5 iterations) ED25519 sign time 30.400 ms 16.800 ms (over 5 iterations) ED25519 verify time 74.400 ms 30.400 ms (over 5 iterations)
Did you know that wolfSSL also provides support for TLS 1.3? With TLS 1.3, users also have the ability to use this new protocol version for TLS connections with even better performance!
TLS 1.3 includes many improvements over TLS 1.2, including reducing the number of round trips required to perform a full handshake, repurposing the ticketing system to allow for servers to be stateless, and the removal of insecure algorithms. These changes mean better performance on Freescale/NXP CAU, mmCAU, and LTC-based devices, and lower memory usage on those devices acting as a TLS server.