Pretty much everyone knows what a Raspberry Pi board is, a very budget-friendly ARM board which runs Linux. What you might not know is that Raspberry Pi also created a very small, cheap, embedded ARM microcontroller range and development board as well. The board is known as the Raspberry Pi Pico and the chip is the RP2040.
The RP2040 is a $1 dual-core ARM Cortex-M0+ microcontroller with lots of features and a very well documented SDK. It was followed-up recently with the RP2350, which, for a similar price, gets you a dual-core ARM Cortex-M33 / RISC-V microcontroller. The RP2350 can be found on the Pi Pico 2 boards.
wolfSSL support
wolfSSL has had basic support for RP2040 for a little while, but with wolfSSL 5.7.6, we have provided improvements to the support. In addition, we have added support for the RP2350.
For both microcontrollers, we have enhanced the performance for RNG. We have integrated support for the PRNG in the Pico SDK for the RP2040 and the TRNG in the RP2350. Both provide performance improvements.
With the RP2350, we have also added support for the RISC-V mode for the cores.
Benchmark
What about the numbers? Well, with a RP2350 in ARM mode, clocked at the default 150MHz, these are the numbers you can expect to see from the wolfCrypt Benchmark:
wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each) RNG 3 MiB took 1.001 seconds, 2.855 MiB/s AES-128-CBC-enc 3 MiB took 1.004 seconds, 2.529 MiB/s AES-128-CBC-dec 3 MiB took 1.000 seconds, 2.588 MiB/s AES-192-CBC-enc 2 MiB took 1.007 seconds, 2.157 MiB/s AES-192-CBC-dec 2 MiB took 1.005 seconds, 2.234 MiB/s AES-256-CBC-enc 2 MiB took 1.009 seconds, 1.888 MiB/s AES-256-CBC-dec 2 MiB took 1.003 seconds, 1.898 MiB/s AES-128-GCM-enc 900 KiB took 1.003 seconds, 897.418 KiB/s AES-128-GCM-dec 925 KiB took 1.015 seconds, 911.157 KiB/s AES-192-GCM-enc 850 KiB took 1.006 seconds, 844.758 KiB/s AES-192-GCM-dec 875 KiB took 1.021 seconds, 856.974 KiB/s AES-256-GCM-enc 825 KiB took 1.029 seconds, 802.085 KiB/s AES-256-GCM-dec 825 KiB took 1.015 seconds, 812.705 KiB/s AES-128-GCM-enc-no_AAD 1000 KiB took 1.017 seconds, 983.142 KiB/s AES-128-GCM-dec-no_AAD 1000 KiB took 1.004 seconds, 995.881 KiB/s AES-192-GCM-enc-no_AAD 925 KiB took 1.004 seconds, 921.384 KiB/s AES-192-GCM-dec-no_AAD 950 KiB took 1.018 seconds, 933.496 KiB/s AES-256-GCM-enc-no_AAD 875 KiB took 1.007 seconds, 868.579 KiB/s AES-256-GCM-dec-no_AAD 900 KiB took 1.024 seconds, 879.291 KiB/s GMAC Table 4-bit 2 MiB took 1.000 seconds, 2.488 MiB/s CHACHA 6 MiB took 1.004 seconds, 6.397 MiB/s CHA-POLY 4 MiB took 1.001 seconds, 4.024 MiB/s POLY1305 21 MiB took 1.000 seconds, 20.868 MiB/s SHA 6 MiB took 1.000 seconds, 6.493 MiB/s SHA-256 2 MiB took 1.010 seconds, 2.224 MiB/s SHA-384 1 MiB took 1.013 seconds, 0.988 MiB/s SHA-512 975 KiB took 1.019 seconds, 956.876 KiB/s SHA-512/224 775 KiB took 1.000 seconds, 774.960 KiB/s SHA-512/256 1 MiB took 1.024 seconds, 0.978 MiB/s SHA3-224 1 MiB took 1.001 seconds, 1.171 MiB/s SHA3-256 1 MiB took 1.013 seconds, 1.109 MiB/s SHA3-384 875 KiB took 1.017 seconds, 860.133 KiB/s SHA3-512 625 KiB took 1.032 seconds, 605.855 KiB/s SHAKE256 1 MiB took 1.013 seconds, 1.109 MiB/s HMAC-SHA 6 MiB took 1.001 seconds, 6.463 MiB/s HMAC-SHA256 2 MiB took 1.007 seconds, 2.206 MiB/s HMAC-SHA384 1000 KiB took 1.012 seconds, 987.685 KiB/s HMAC-SHA512 950 KiB took 1.010 seconds, 940.914 KiB/s RSA 2048 public 226 ops took 1.004 sec, avg 4.442 ms, 225.121 ops/sec RSA 2048 private 8 ops took 1.093 sec, avg 136.666 ms, 7.317 ops/sec DH 2048 key gen 16 ops took 1.015 sec, avg 63.442 ms, 15.762 ops/sec DH 2048 agree 16 ops took 1.009 sec, avg 63.034 ms, 15.864 ops/sec ECC [ SECP256R1] 256 key gen 46 ops took 1.034 sec, avg 22.489 ms, 44.466 ops/sec ECDHE [ SECP256R1] 256 agree 108 ops took 1.004 sec, avg 9.292 ms, 107.615 ops/sec ECDSA [ SECP256R1] 256 sign 42 ops took 1.017 sec, avg 24.226 ms, 41.278 ops/sec ECDSA [ SECP256R1] 256 verify 96 ops took 1.015 sec, avg 10.569 ms, 94.614 ops/sec CURVE 25519 key gen 103 ops took 1.006 sec, avg 9.762 ms, 102.433 ops/sec CURVE 25519 agree 106 ops took 1.015 sec, avg 9.575 ms, 104.437 ops/sec ED 25519 key gen 101 ops took 1.005 sec, avg 9.952 ms, 100.479 ops/sec ED 25519 sign 80 ops took 1.019 sec, avg 12.741 ms, 78.484 ops/sec ED 25519 verify 76 ops took 1.020 sec, avg 13.427 ms, 74.477 ops/sec CURVE 448 key gen 25 ops took 1.014 sec, avg 40.580 ms, 24.643 ops/sec CURVE 448 agree 26 ops took 1.034 sec, avg 39.770 ms, 25.144 ops/sec ED 448 key gen 34 ops took 1.027 sec, avg 30.219 ms, 33.092 ops/sec ED 448 sign 32 ops took 1.030 sec, avg 32.187 ms, 31.069 ops/sec ED 448 verify 22 ops took 1.098 sec, avg 49.900 ms, 20.040 ops/sec Benchmark complete
For the RP2040, you can expect around 33-50% of this performance at the default 125MHz.
wolfBoot support
We are not stopping at just plain wolfSSL, we have a port of wolfBoot in-development to allow for secure bootloading of the RP2350 microcontroller. We will announce more details about this soon.
How do I try this?
We have a wolfSSL example available in our wolfSSL Examples repository. For more information, you can reach out to us for help at facts@wolfSSL.com or +1 425 245 8247.
Download wolfSSL Now