wolfTPM support for sealing/unsealing based on externally signed PCR

wolfTPM is a portable TPM 2.0 stack with backward API compatibility designed for embedded use, and the newly released wolfTPM v3.0.0 includes support for sealing/unsealing secrets to authority signed Platform Configuration Registers (PCR’s).

One of the most important features of the TPM 2.0 specification is the resolution of PCR brittleness. PCR brittleness is encountered when secrets like keys/data are sealed to PCR values and changes to hardware/software result in changes to the PCR values. With the altered PCR values, there is a mismatch of hashes and the secrets can no longer be unsealed. With the TPM 2.0 specification, it’s possible to seal/unseal secrets via cryptographic signatures of the PCR’s, removing the requirement to unseal then seal secrets whenever changes are made to the PCR values. wolfTPM now supports this feature.

See the documentation here examples/boot#secure-boot-encryption-key-storage for a wolfTPM example of using a private key to sign the state of a PCR, then seal and unseal a secret using the signed policy and a public key.

Our secure bootloader, wolfBoot, also supports this feature. See here docs/TPM.md#sealing-and-unsealing-a-secret.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

Thumb2 Gets Assembly Code for AES and SHA-2 Algorithms in WolfSSL 5.6.4

In an effort to improve our Thumb2 support for Cortex-M4 and the like, wolfSSL 5.6.4 includes assembly code for the AES-ECB/CBC/CTR/GCM, SHA-256 and SHA-512 algorithms.

Of particular interest is the AES-CBC and AES-GCM performance improvements you will see when changing from the C code implementations in wolfSSL 5.6.3. Take for example running wolfSSL on a Cortex-M4 at 80MHz. With wolfSSL 5.6.3 the performance numbers for the AES-CBC and AES-GCM algorithms are:

AES-128-CBC-enc            425 KiB took 1.000 seconds,  425.000 KiB/s
AES-128-CBC-dec            450 KiB took 1.024 seconds,  439.453 KiB/s
AES-192-CBC-enc            375 KiB took 1.039 seconds,  360.924 KiB/s
AES-192-CBC-dec            375 KiB took 1.008 seconds,  372.024 KiB/s
AES-256-CBC-enc            325 KiB took 1.027 seconds,  316.456 KiB/s
AES-256-CBC-dec            325 KiB took 1.000 seconds,  325.000 KiB/s
AES-128-GCM-enc            325 KiB took 1.062 seconds,  306.026 KiB/s
AES-128-GCM-dec            325 KiB took 1.063 seconds,  305.738 KiB/s
AES-192-GCM-enc            275 KiB took 1.012 seconds,  271.739 KiB/s
AES-192-GCM-dec            275 KiB took 1.015 seconds,  270.936 KiB/s
AES-256-GCM-enc            250 KiB took 1.024 seconds,  244.141 KiB/s
AES-256-GCM-dec            250 KiB took 1.023 seconds,  244.379 KiB/s

Add the following defines so the assembly code is compiled in:

#define WOLFSSL_ARMASM
#define WOLFSSL_ARMASM_INLINE
#define WOLFSSL_ARMASM_NO_HW_CRYPTO
#define WOLFSSL_ARMASM_NO_NEON
#define WOLFSSL_ARM_ARCH 7

And now, with wolfSSL 5.6.4, the performance is:

AES-128-CBC-enc           1000 KiB took 1.008 seconds,  992.063 KiB/s
AES-128-CBC-dec            850 KiB took 1.007 seconds,  844.091 KiB/s
AES-192-CBC-enc            850 KiB took 1.020 seconds,  833.333 KiB/s
AES-192-CBC-dec            825 KiB took 1.023 seconds,  806.452 KiB/s
AES-256-CBC-enc            725 KiB took 1.008 seconds,  719.246 KiB/s
AES-256-CBC-dec            700 KiB took 1.000 seconds,  700.000 KiB/s
AES-128-GCM-enc            425 KiB took 1.000 seconds,  425.000 KiB/s
AES-128-GCM-dec            425 KiB took 1.004 seconds,  423.307 KiB/s
AES-192-GCM-enc            400 KiB took 1.020 seconds,  392.157 KiB/s
AES-192-GCM-dec            400 KiB took 1.019 seconds,  392.542 KiB/s
AES-256-GCM-enc            375 KiB took 1.032 seconds,  363.372 KiB/s
AES-256-GCM-dec            375 KiB took 1.027 seconds,  365.141 KiB/s

AES-CBC encryption is more than double the C code performance while decryption is 90% better! AES-GCM gets an impressive 35-50% boost.

The SHA-256 and SHA-512 see modest improvements but are worthwhile in order to get the best out of wolfSSL for your embedded device.

Let us know if there are other cryptographic algorithms on Thumb2 for which you would like to see better performance.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

Thumb2 and Arm32 Public Key Gets Massive Speedup in wolfSSL 5.6.4

In the latest release of wolfSSL, version 5.6.4, a significant effort has been put into improving the performance of public key algorithms for 32-bit ARM chips.

wolfSSL now has arguably the best performance for P256 ECC, Curve25519 and Ed25519 for Cortex-M4 and Cortex-A32. With highly optimized assembly implementations of multiplication and squaring operations you now get about twice the number of operations performed!

By compiling in the high performance SP code and using the assembly versions you get the best performance for your embedded device.

Take for example running wolfSSL on a Cortex-M4 at 80MHz with the following defines:

#define WOLFSSL_HAVE_SP_ECC
#define WOLFSSL_SP_NO_MALLOC
#define WOLFSSL_SP_ARM_CORTEX_M_ASM
#define WOLFSSL_SP_SMALL

With wolfSSL 5.6.3 the performance numbers for the ECC and Curve25519/Ed25519 algorithms are:

ECC   [      SECP256R1]   256  key gen        32 ops took 1.000 sec, avg 31.250 ms, 32.000 ops/sec
ECDHE [      SECP256R1]   256    agree        16 ops took 1.098 sec, avg 68.625 ms, 14.572 ops/sec
ECDSA [      SECP256R1]   256     sign        24 ops took 1.019 sec, avg 42.458 ms, 23.553 ops/sec
ECDSA [      SECP256R1]   256   verify        12 ops took 1.141 sec, avg 95.083 ms, 10.517 ops/sec
CURVE  25519  key gen        32 ops took 1.020 sec, avg 31.875 ms, 31.373 ops/sec
CURVE  25519    agree        32 ops took 1.012 sec, avg 31.625 ms, 31.621 ops/sec
ED     25519  key gen        80 ops took 1.000 sec, avg 12.500 ms, 80.000 ops/sec
ED     25519     sign        64 ops took 1.031 sec, avg 16.109 ms, 62.076 ops/sec
ED     25519   verify        28 ops took 1.011 sec, avg 36.107 ms, 27.695 ops/sec

But with wolfSSL 5.6.4 the performance is massively improved:

ECC   [      SECP256R1]   256  key gen        72 ops took 1.027 sec, avg 14.264 ms, 70.107 ops/sec
ECDHE [      SECP256R1]   256    agree        34 ops took 1.036 sec, avg 30.471 ms, 32.819 ops/sec
ECDSA [      SECP256R1]   256     sign        44 ops took 1.020 sec, avg 23.182 ms, 43.137 ops/sec
ECDSA [      SECP256R1]   256   verify        24 ops took 1.082 sec, avg 45.083 ms, 22.181 ops/sec
CURVE  25519  key gen        80 ops took 1.000 sec, avg 12.500 ms, 80.000 ops/sec
CURVE  25519    agree        84 ops took 1.020 sec, avg 12.143 ms, 82.353 ops/sec
ED     25519  key gen       165 ops took 1.000 sec, avg 6.061 ms, 165.000 ops/sec
ED     25519     sign       110 ops took 1.000 sec, avg 9.091 ms, 110.000 ops/sec
ED     25519   verify        74 ops took 1.008 sec, avg 13.622 ms, 73.413 ops/sec

Most operations are twice as fast while the Curve25519 operations and Ed25519 Verify are more than 2.5 times faster!

RSA has seen more modest gains when compiling for small SP code. Before, 5.6.3:

RSA     2048   public        38 ops took 1.043 sec, avg 27.447 ms, 36.433 ops/sec
RSA     2048  private         2 ops took 2.016 sec, avg 1008.000 ms, 0.992 ops/sec

And after, 5.6.4:

RSA     2048   public        42 ops took 1.039 sec, avg 24.738 ms, 40.423 ops/sec
RSA     2048  private         2 ops took 1.329 sec, avg 664.500 ms, 1.505 ops/sec

But notably, the RSA private key operation, that corresponds to RSA signing, is 50% faster. (Watch the space for further improvements to these numbers!)

Equivalent improvements are seen with Arm32 CPUs that have the UMAAL instruction. This includes all CPUs implementing ARMv7-A and ARMv8-A.

Try it out and get the best public key cryptography performance for your device.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

Live Webinar: wolfEngine vs wolfProvider

Join our insightful webinar: wolfEngine vs wolfProvider, led by wolfSSL Senior Software Developer Anthony, on December 14th at 10 am PT.

Watch the webinar here: wolfEngine vs wolfProvider

As you may be aware, the OpenSSL series 3.x has been launched, introducing a new FIPS 140-3 requirement. wolfSSL is here to simplify potentially challenging decisions for you. Anthony will explore the differences between wolfEngine and wolfProvider and demonstrate how to integrate them seamlessly with OpenSSL.

Sneak peek of the webinar:

    • Optimal Alternative: OpenSSL Compat layer
    • Understanding the OpenSSL 1.0.2, 1.1.1, and 3.x.y Branch Releases
    • Determining Suitable Branches for Engines and Providers
    • Utilizing wolfEngine and wolfProvider with the openssl app
    • Integrating wolfEngine and wolfProvider with the OpenSSL API
    • Available algorithms and cryptographic primitives
    • Insights on FIPS compliance

…And much more

This is an excellent chance to discover how you can efficiently meet the new OpenSSL requirements with wolfSSL. Anthony will showcase how wolfEngine and wolfProvider act as connectors between the OpenSSL and wolfCrypt FIPS, saving you time and effort.

Make sure to Watch it today!

As always, our webinars will include Q&A sessions throughout. If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

wolfCrypt AES-XTS Acceleration on x86-64

With our recent 5.6.4 release of wolfSSL/wolfCrypt, AES-XTS gains a newly optimized implementation for modern x86-64 CPUs. AES-XTS, standardized in IEEE P1619-2007 and NIST SP800-38E, and typically used for encrypting storage.

By leveraging AES-NI and AVX vectorized instructions, sustained throughput now exceeds 1.5 bytes per cycle for 256 bit keys, and 1.12 bytes per cycle for 512 bit keys, in both encrypt and decrypt modes.

The new wolfCrypt optimizations are fully kernel-compatible, enabling in-kernel disk encryption at state-of-the-art speeds and can exceed 5 GiB/s. Performance compares favorably with the Linux kernel’s optimized implementation, which attains 0.87 and 0.72 bytes per cycle with 256 and 512 bit keys respectively.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247

Download wolfSSL Now

wolfCLU v0.1.4

wolfCLU version 0.1.4 is now available! In this release of the wolfSSL command line utility (CLU) there were additions to the x509 command, more subject alternative name attributes supported, and a couple of minor fixes / maintenance items. The command line utility is a great time saver for quickly creating keys, certificates, signatures, and hashes with wolfSSL.

For questions about wolfCLU and its use or if you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

wolfSSL is extending wc_PKCS7_VerifySignedData streaming

wolfSSL, a TLS library for embedded devices, not only handles the TLS protocol, but also supports bundle file handling functions specified by PKCS#7 (bundle file encoding, decoding, content extraction, signature verification). wolfSSL continues to extend this PKCS#7 handling functionality.

wolfSSL is currently extending our wc_PKCS7_VerifySignedData() API to handle PKCS#7 bundle data with multipart and indefinite length content in a streaming manner. This enhancement allows bundle data with relatively large content to be served sequentially by streaming, rather than buffering it all and then processing it.

If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

wolfSSL Updated Support for Kerberos 5 1.21.1

wolfSSL release 5.6.4 includes support for Kerberos 5 1.21.1. Kerberos is a network authentication protocol using modern cryptography to secure communications. The cryptography in the protocol is strong enough so that a client can prove its identity to a server (and vice versa) across an insecure network connection. You can improve the security of Kerberos to a FIPS 140-2 (and 140-3 coming soon!) level by using wolfSSL as the cryptographic and TLS backend.

wolfSSL and wolfCrypt are Federal Information Processing Standards (FIPS) 140-2 certified. This is a mandatory standard for the protection of sensitive or valuable data within Federal systems. We are working very hard on certifying our products to FIPS 140-3. wolfSSL and wolfCrypt will be FIPS 140-3 certified very soon. By using wolfSSL, you can achieve a full (D)TLS 1.3 connection that is fully FIPS compliant.

For more information about using Kerberos with wolfSSL or FIPS certification, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

Live Webinar: FIPS 140-3 OE additions and planning for 2024 and beyond

Join us for the highly anticipated FIPS 140-3 webinar! Save the date for our insightful session, ‘FIPS 140-3 OE Additions and Planning for 2024 and Beyond,’ led by wolfSSL’s Senior Software Engineer, Kaleb, scheduled for December 7th at 10 am PT. wolfSSL, a leader in embedded FIPS certificates, is on the verge of certifying wolfCrypt for FIPS 140-3.

Watch the webinar here: FIPS 140-3 OE Additions and Planning for 2024 and Beyond

Discover the latest updates and exciting news during this webinar, including:

  • Progress updates and status of our FIPS 140-3 pursuit
  • Notable differences between 140-2 and 140-3 standards
  • Insights on Post-Quantum and NSA 2.0 Suite
  • Engage with us during Q&A, offering input for our next submission

In this session, Kaleb will share exclusive insights into FIPS 140-3, providing valuable information to align your projects with FIPS requirements. Watch it now!

As always, our webinars will include Q&A sessions throughout. If you have questions on any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

wolfSSL Support for Nginx 1.25.0 and 1.24.0

In wolfSSL release 5.6.4, we have updated support for Nginx versions 1.24.0 and 1.25.0. Nginx is a high-performance, high-concurrency web server which is compact, fast, and highly scalable. This makes wolfSSL a good choice for the TLS backend. wolfSSL is an embedded SSL/TLS library which supports a wide range of architectures and operating systems.

The instructions to build Nginx with wolfSSL can be found at https://github.com/wolfSSL/wolfssl-nginx

If you have any questions about using Nginx with wolfSSL, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.

Download wolfSSL Now

Posts navigation

1 2