Crypto-acceleration unit

Status
Not open for further replies.

Bharatwaj

New member
I am working on course project to do encryption and decryption with the Teensy (3.6). I referred to https://forum.pjrc.com/threads/34808-K66-Beta-Test?p=108621&viewfull=1#post108621. where there are guideline for crpto operations with the Teensy IDE.

I did the following steps

cp lib_mmcau.a hardware/tools/arm/arm-none-eabi/lib/libcau.a
in boards.txt change to
teensy36.build.flags.libs=-larm_cortexM4lf_math -lm -lcau
teensy35.build.flags.libs=-larm_cortexM4lf_math -lm -lcau

and then tired to run the test file "crypto.ino" that I could find online https://github.com/manitou48/teensy3/blob/master/cryptolib.ino

But when I run it I get the following error c:/program files (x86)/arduino/hardware/tools/arm/bin/../lib/gcc/arm-none-eabi/4.8.4/../../../../arm-none-eabi/bin/ld.exe: cannot find -lcau . ( also attached a screenshot of the output error)

It does not like the flag lcau that I added in the boards.txt file. Can you tell me what I am doing wrong here ?
 

Attachments

  • aa.jpg
    aa.jpg
    62.3 KB · Views: 300
  • cryptolib.ino
    2.5 KB · Views: 149
Thanks for the reply. I had a look at this too. In this, I am not be link the assembly files to the IDE. So the compiler is still not able to find the references of the functions as they are in assemble files. Hence I get an undefined reference to function error.
aq.jpg
If it was gcc i can compile and do it, but i am not able to figure out how the link the assembly functions to my teensy project, can you help me on that ?
 
On Ubuntu with IDE 1.8.1 and 1.35, I just confirmed the -lcau still works for me with sketch cryptolib.ino. so your problem may be the way windows handles .a files ??? I can't help with windows.

as noted in the original post you referenced, you can also use the .s files but the IDE doesn't handle the "include" in of the .hdr file. So to use those back in July, I had to copy the .hdr file into each of the .s files (in place of the .include)
 
update: using Paul's library above from github and the following sketch, on ubuntu i was able to build and run on T3.6
Code:
// K64F  CAU tests  MD5  SHA256  AES
// crypto assist co-processor
//  MD5 need to do padding and bookkeeping
// use library https://github.com/PaulStoffregen/CryptoAccel

#include "CryptoAccel.h"

void setup() {
  Serial.begin(9600);
}

void loop() {
  unsigned int i, t, errs;
  unsigned char mdstate[16], data[10 * 1024];
  unsigned int shastate[8];
  unsigned char aeskey[16], keysched[4 * 44], in[16], out[16], iv[16];
  char str[64];

  for (i = 0; i < sizeof(data); i++) data[i] = i & 0xff;
  for (i = 0; i < sizeof(aeskey); i++)  aeskey[i] = 0x70; // also des key with odd parity
  mmcau_md5_initialize_output(mdstate);

  for (i = 0; i < 16; i++) {
    sprintf(str, "%02x ", mdstate[i]);
    Serial.print(str);
  } Serial.println();
  t = micros();
  mmcau_md5_hash_n (data, sizeof(data) / 64, mdstate); // # 64-byte blocks
  t = micros() - t;
  sprintf(str, "md5 %d bytes %u us  KBs ", sizeof(data), t); Serial.print(str);
  Serial.println(1000.*sizeof(data) / t);
  for (i = 0; i < 16; i++) {
    sprintf(str, "%02x ", mdstate[i]);
    Serial.print(str);
  } Serial.println();

  mmcau_sha256_initialize_output(shastate);
  for (i = 0; i < 8; i++) {
    sprintf(str, "%08x ", shastate[i]);
    Serial.print(str);
  } Serial.println();
  t = micros();
  mmcau_sha256_update (data, sizeof(data) / 64, shastate); // # 64-byte blocks
  t = micros() - t;
  sprintf(str, "sha256 %d bytes %u us   KBs  ", sizeof(data), t);
  Serial.print(str);
  Serial.println(1000.*sizeof(data) / t);
  for (i = 0; i < 8; i++) {
    sprintf(str, "%08x ", shastate[i]);
    Serial.print(str);
  } Serial.println();
  t = micros();
  mmcau_aes_set_key(aeskey, 128, keysched);
  t = micros() - t;
  Serial.print("aes set key us "); Serial.println(t);
  //printf("aes set key  %u us\n",t);
  t = micros();
  mmcau_aes_encrypt (in, keysched, 10, out); // # 16-byte block
  t = micros() - t;
  sprintf(str, "aes %d bytes %u us  KBs  ", sizeof(in), t); Serial.print(str);
  Serial.println(1000.*sizeof(in) / t);
  mmcau_aes_decrypt (out, keysched, 10, iv); //  decrypt test
  errs = 0;
  for (i = 0; i < 16; i++) if (in[i] != iv[i]) errs++;
  Serial.print("aes errs "); Serial.println(errs);
  //printf("aes errs %d\n",errs);

  // CBC XOR IV or output with plain, our sketch does 4 blocks
  t = micros();
  for (i = 0; i < 16; i++) in[i] = out[i] ^ iv[i]; // sort of, just for timing
  mmcau_aes_encrypt (in, keysched, 10, out); // # 16-byte block
  for (i = 0; i < 16; i++) in[i] = out[i] ^ iv[i]; // sort of, just for timing
  mmcau_aes_encrypt (in, keysched, 10, out); // # 16-byte block
  for (i = 0; i < 16; i++) in[i] = out[i] ^ iv[i]; // sort of, just for timing
  mmcau_aes_encrypt (in, keysched, 10, out); // # 16-byte block
  for (i = 0; i < 16; i++) in[i] = out[i] ^ iv[i]; // sort of, just for timing
  mmcau_aes_encrypt (in, keysched, 10, out); // # 16-byte block
  t = micros() - t;
  sprintf(str, "aes cbc %d bytes %u us  KBs   ", 4 * sizeof(in), t);
  Serial.print(str);
  Serial.println(4000.*sizeof(in) / t);

  // DES
  t = mmcau_des_chk_parity(aeskey);
  Serial.print("parity "); Serial.println(t);
  t = micros();
  mmcau_des_encrypt(in, aeskey, out);
  t = micros() - t;
  mmcau_des_decrypt(out, aeskey, iv);
  errs = 0;
  for (i = 0; i < 8; i++) if (in[i] != iv[i]) errs++;
  Serial.print("DES errs "); Serial.println(errs);
  sprintf(str, "DES block encryption %d us", t);
  Serial.println(str);
}

However, build failed on windows 10 with IDE 1.6.12/1.31 and with 1.8.1/1.36 :(

UPDATE As suggested by tni, renaming .s files to .S allowed sketch to build and run on windows 10 :)

As noted in earlier threads, the CAU library and hardware only accelerate the compute-intensive functions, additional logic/coding is required to fully implement hashing and encryption. An exercise left to the reader.
 
Last edited:
I've updated the sketch in post #4 to include a DES encrypt/decrypt. We would need to see your sketch. are you initializing the data blocks? (I added that to sketch) Also even for ubuntu (1.8.1 1.36) i had to change CryptoAccel lib's .s to .S

CAU DES performance reported on K66 beta thread
 
Last edited:
Quick question, after playing around with the CryptoAccel library, I found that it utilizes the ECB cipher mode. This mode is known to have some security issues if repetitive text blocks are being encrypted. Does anybody know if CBC cipher mode can be implemented with this library to enhance encryption security?
 
Quick question, after playing around with the CryptoAccel library, I found that it utilizes the ECB cipher mode. This mode is known to have some security issues if repetitive text blocks are being encrypted. Does anybody know if CBC cipher mode can be implemented with this library to enhance encryption security?

You will have to add the wrapper to support CBC mode (initialization vector and chaining) and maybe worry about paddding if you need to be compatible with other crypto libraries.

The NXP SDK can be configured with mbedtls and/or wolfssl. Both of those crypto libraries have been extended by NXP to utilize the crypto acceleration hardware, and those libs support the various encryption modes like CBC. you could use those libs or look at their implementation.

FWIW, i have some performance comparisons for AES CBC and SHA256, see https://github.com/manitou48/DUEZoo/blob/master/perf.txt

good luck
 
Status
Not open for further replies.
Back
Top