SEGGER - Jobs
emWin upgrade     Trade-In program     Web shop

Crypto Library in SEGGER Security Products

The foundation of all SEGGER security products - emSSL, emSSH, emSecure-RSA, and emSecure-ECDSA - is a cryptographic algoritm library toolkit.

The library is designed for embedded systems, to be small, efficient, secure, and broad enough to function as the basis of security protocols such as SSL, SSH, and IPSec. It targets what is needed for industry-standard protocols, and does this with robust, cleanly-engineered code.

The cryptographic algorithms are software implementations, written in ANSI C to run on virtually any CPU. Additionally, the toolkit has the capability to use hardware accelerators, if they are available, to accelerate ciphering and hashing. Support for popular embedded cryptography accelerators is included, to be used immediately in embedded systems.

The following sections describe which algorithms are available.

 


Symmetric Encryption (Ciphers)

The cryptographic library includes the following symmetric encryption algorithms and cipher modes.

All algorithms can use hardware acceleration. If a hardware accelerator does not support a cipher mode (e.g. AES-GCM), the cryptographic library may use hardware-assisted ciphering of individual blocks with software taking care of the cipher mode.

  • AES
    • AES-CBC
    • AES-CCM
    • AES-CTR
    • AES-ECB
    • AES-GCM
  • DES
    • TDES-CBC
    • TDES-CTR
  • Camellia
    • Camellia-CBC
    • Camellia-ECB
    • Camellia-GCM
  • CAST
    • CAST-CBC
    • CAST-ECB
    • CAST-CTR
  • Blowfish
    • Blowfish-CBC
    • Blowfish-CTR
    • Blowfish-ECB
  • Twofish
    • Twofish-CBC
    • Twofish-CTR
    • Twofish-ECB
  • XTS-AES

 


Asymmetric Encryption (Public Key Algorithms)

The cryptographic library includes RSA public key algorithms, including key generation functions, encryption, and decryption.

 


Elliptic Curve Arithmetic

The cryptographic library includes elliptic curve arithmetic functions, which are used by elliptic curve digital signatures (ECDSA) and elliptic curve key agreement protocols (ECDH).

The elliptic curve arithmetic includes scalar multiplication and addition in affine and projective coordinates, and field arithmetic, as well as transformation between affine and projective coordinates.

 


Digital Signatures

The cryptographic library includes digital signature signing and verification functions for following standards:

  • RSASSA-PSS
    • RSASSA-PSS-SHA1
    • RSASSA-PSS-SHA224
    • RSASSA-PSS-SHA256
    • RSASSA-PSS-SHA384
    • RSASSA-PSS-SHA512
    • RSASSA-PSS-SHA512/224
    • RSASSA-PSS-SHA512/256
  • RSASSA-PKCS1 v1.5
    • RSASSA-PKCS1-SHA1
    • RSASSA-PKCS1-SHA224
    • RSASSA-PKCS1-SHA256
    • RSASSA-PKCS1-SHA384
    • RSASSA-PKCS1-SHA512
    • RSASSA-PKCS1-SHA512/224
    • RSASSA-PKCS1-SHA512/256
  • DSA, including key generation
    • DSA-SHA1
    • DSA-SHA256
    • DSA-SHA512
  • ECDSA, including key generation
    • ECDSA-SHA1
    • ECDSA-SHA224
    • ECDSA-SHA256
    • ECDSA-SHA384
    • ECDSA-SHA512
    • ECDSA-SHA512/224
    • ECDSA-SHA512/256
  • EdDSA
    • EdDSA25519, including computation of public key from private key

 


Hash Algorithms

The cryptographic library includes the following has algorithms:

  • SHA1
  • SHA2
    • SHA224
    • SHA256
    • SHA384
    • SHA512
    • SHA512/224
    • SHA512/256
  • MD5
  • RIPEMD160
  • AES-GHASH

 


MAC Algorithms

The cryptographic library includes keyed-hash message authentication codes and cipher-based message authentication codes.

Cipher-based MACs:

  • AES-CMAC
  • TDES-CMAC
  • Camellia-CMAC

Keyed-hash MACs:

  • HMAC-SHA1
  • HMAC-SHA224
  • HMAC-SHA256
  • HMAC-SHA384
  • HMAC-SHA512
  • HMAC-SHA512/224
  • HMAC-SHA512/256
  • HMAC-MD5
  • HMAC-RIPEMD160

 


Random Bit Generation

The cryptographic library includes deterministic random bit generators (DRBGs) based on different Hashes and HMACs.

Hash-based DRBGs:

  • Hash-DRBG-SHA1
  • Hash-DRBG-SHA224
  • Hash-DRBG-SHA256
  • Hash-DRBG-SHA384
  • Hash-DRBG-SHA512
  • Hash-DRBG-SHA512/224
  • Hash-DRBG-SHA512/256
  • HMAC-DRBG-SHA1
  • HMAC-DRBG-SHA224
  • HMAC-DRBG-SHA256
  • HMAC-DRBG-SHA384
  • HMAC-DRBG-SHA512
  • HMAC-DRBG-SHA512/224
  • HMAC-DRBG-SHA512/256

 


Key Derivation

The cryptographic library includes hash-based key derivation functions (KDF1, KDF2), HMAC-based key derivation functions (HKDF), and password-based key derivation functions (PBKDF2).

 


Big Numbers

The cryptographic library includes a set of big number (also multi precision integer, arbitrary-precision integer) arithmetic functions which are used by the cryptographic algorithms.