1 Topic by preethi.muddapurahaleshap (edited by preethi.muddapurahaleshap 2024-08-26 06:06:58)

  • Registered: 2024-08-01
  • Posts: 3

Topic: wolfssl library on Microchip platform - ECDSA signature verification

Hi,

I'm trying to bring wolfssl onto the microchip platform - MPLAB IDE. The current problem is with the ECDSA signature verification.

Environment details:
IDE - MPLAB IDE
MCU - SAME51
wolfssl library - Imported through the MPLAB code configurator [mcc]

I'm using the wc_ecc_verify_hash API for the verification. The verification is successful, but it seems to be taking a lot of time. I have added some log messages at the entry of each Internal function calls just to verify where it's taking a lot of time. Here is the log with timestamp:

[2024-08-26 16:06:40.964] DecodeECC_DSA_Sig
[2024-08-26 16:06:40.964] wc_ecc_verify_hash_ex
[2024-08-26 16:06:40.964] Entering mp_init
[2024-08-26 16:06:40.965] wc_ecc_curve_load
[2024-08-26 16:06:40.971] mp_init_multi
[2024-08-26 16:06:40.971] wc_ecc_new_point_ex MG
[2024-08-26 16:06:40.977] wc_ecc_new_point_ex MQ
[2024-08-26 16:06:40.977] mp_invmod
[2024-08-26 16:06:41.085] ecc_mul2add
[2024-08-26 16:06:56.938] mp_mod
[2024-08-26 16:06:56.950] mp_cmp
[2024-08-26 16:06:56.950] mp_cmp done
[2024-08-26 16:06:56.959] wc_ecc_curve_free FREE_CURVE_SPECS DONE
[2024-08-26 16:06:56.961] ECC_STATE_VERIFY_RES
[2024-08-26 16:06:56.961] Entering wc_ecc_reset
[2024-08-26 16:06:56.966] wc_ecc_reset
[2024-08-26 16:06:56.966] verification successful

you can see that ecc_mul2add is taking at least 7 seconds


I have also attached the my configuration for the library. you can see that I have define ECC_SHAMIR as this has a different API for verification and the time was less that not using this method.
The function call under the comment:
/* use Shamir's trick to compute u1*mG + u2*mQ using half the doubles */

My requirement is to finish the verification within 1 min [time sensitive]. I would like to know what can be the reason for it to take this much time and any ways to reduce the latency of it.

Any help appreciated.

Thanks.

Share

  • Registered: 2021-07-06
  • Posts: 128

Re: wolfssl library on Microchip platform - ECDSA signature verification

Hi Preethi,

I am not able to see your build settings, can you reattach them?

For the best speed with ECC, I would recommend using SP math with SP math assembly speedups:

#define WOLFSSL_HAVE_SP_ECC
#define WOLFSSL_SP_MATH_ALL 
#define WOLFSSL_SP_ARM_CORTEX_M_ASM

ECC_SHAMIR is also a good define for speeding up ECC operations, I would recommend consulting the ECC section of our user_settings.h template here: https://github.com/wolfSSL/wolfssl/blob … template.h

Also make sure you are using our latest wolfSSL release, 5.7.2.

What is the size of the key you are trying to verify?

Thanks,
Kareem

Share

  • Registered: 2024-08-01
  • Posts: 3

Re: wolfssl library on Microchip platform - ECDSA signature verification

Hi Kareem,

Thanks for the reply,

Your suggestion: "For the best speed with ECC, I would recommend using SP math with SP math assembly speedups" did help to reduce the latency to 3 seconds. Although WOLFSSL_SP_ARM_CORTEX_M_ASM did give me few errors, so skipped that. Can you help me any other ways, I can still fasten this.

I tried attaching the config settings file. It doesn't add for some reason.

What is the size of the key you are trying to verify: It's 256 bit.

I don't know how to find out the version because the library was ported form the IDE environment. Let me check that with Microchip.

Share

  • Registered: 2021-07-06
  • Posts: 128

Re: wolfssl library on Microchip platform - ECDSA signature verification

Hi Preethi,

Thanks for the followup, I'm glad to hear my suggestions helped.
SP math assembly will help significantly, please share your build log with errors so I can hopefully help you enable this for further speedups.  Your build settings would also be helpful.

As you having trouble attaching files here, please contact us at support [AT] wolfssl [DOT] com for further assistance.

Thanks,
Kareem

Share

  • From: Bozeman, MT
  • Registered: 2010-10-20
  • Posts: 650

Re: wolfssl library on Microchip platform - ECDSA signature verification

Hi,

Like Kareem mentioned above, if you can share the build errors you are seeing when trying to build with WOLFSSL_SP_ARM_CORTEX_M_ASM defined, we can make some suggestions around that.  The forums should now also allow for uploading/attaching of files.

If you are only using the ECC P-256 (SECP256R1) curve, you can only enable P-256 at compile time by defining ECC_USER_CURVES. This will have all other curves compiled out by default.

#define HAVE_ECC
#define ECC_USER_CURVES

You can also find an example configuration.h file we put together on a SAMD21 for reference. This will give you a better idea for some of the math library defines we have available:

https://github.com/wolfSSL/microchip-at … guration.h

Best Regards,
Chris

https://www.wolfssl.com

chrisc's Website

Share