Skip to main content
  • Products
  • Evaluate our Software
  • Downloads
  • Free Utilities
  • Purchase
  • Support
  • About Us
  • Blog
  • Forum
  • Search
    • Contact Us
    • Forum
    • Knowledge Base
    • Web Shop
    • Newsletter
    • RSS
  •   Jobs
  •   Videos
  •   Blog
  •   Sustainability
  • emSSH
  • About Cryptography
  • Technology

Encryption library in SEGGER security products

The foundation of all SEGGER security products - emSSL, emSSH, emSecure-RSA, and emSecure-ECDSA - is a cryptographic algorithm library toolkit.

Contact us
Downloads
Documentation
SEGGER emSSH

Encryption Libraries for Embedded Systems

The library is designed for embedded systems, to be small, efficient, secure, and broad enough to function as the basis of security protocols such as SSL, SSH, and IPSec. It targets what is needed for industry-standard protocols, and does this with robust, cleanly-engineered code.

More information about emCrypt, SEGGER's Cryptographic Algorithm Library

Supported Capabilities

Ciphers for bulk encryption

The following ciphers are supported by emCrypt, with optional hardware acceleration:

  • AES-128, AES-192, AES-256
  • DES and TripleDES (also known as 3DES or TDES) with all keying options
  • CAST
  • ARIA
  • SEED
  • Camellia
  • Twofish
  • Blowfish
  • IDEA

All cipher algorithms support ECB, CBC, OFB, and CTR modes take advantage of the underlying cipher accelerator when available. In addition, 128-bit ciphers, such as AES, support CCM, GCM and XTS encryption modes with optional hardware acceleration.

Hash algorithms

Hash algorithms are also known as message digest algorithms or compression functions: they provide a means to produce a digital fingerprint of some data, such as a document, and make it infeasible to produce another document with an identical fingerprint.

  • MD5, RIPEMD-160, SHA-1
  • SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256
  • SHA3-224, SHA3-256, SHA3-384, SHA3-512
  • SM3

All hash algorithms take advantage of the underlying hash accelerator when available.

MAC algorithms

Message authentication codes (MACs) guard against transmission errors and malicious data tampering.

  • CMAC-AES, CMAC-TDES, CMAC-SEED, CMAC-ARIA, CMAC-Camellia, CMAC-Twofish
  • GMAC-AES, GMAC-SEED, GMAC-ARIA, GMAC-Camellia, GMAC-Twofish
  • HMAC-MD5, HMAC-RIPEMD-160, HMAC-SHA-1, HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, HMAC-SHA-512/224, HMAC-SHA-512/256, HMAC-SHA3-224, HMAC-SHA3-256, HMAC-SHA3-384, HMAC-SHA3-512
  • KMAC

All MAC algorithms take advantage of the underlying cipher or hash accelerator when available.

Key derivation

Key derivation functions calculate symmetric keys to use from an agreed secret.

  • KDF1-SHA-1, KDF1-SHA-224, KDF1-SHA-255, KDF1-SHA-384, KDF1-SHA-512, KDF1-SHA-512/224, KDF1-SHA-512/256
  • KDF2-SHA-1, KDF2-SHA-224, KDF2-SHA-255, KDF2-SHA-384, KDF2-SHA-512, KDF2-SHA-512/224, KDF2-SHA-512/256
  • X9.63-KDF-SHA-1, X9.63-KDF-SHA-224, X9.63-KDF-SHA-256, X9.63-KDF-SHA-384, X9.63-KDF-SHA-512, X9.63-KDF-SHA-512/224, X9.63-KDF-SHA-512/256
  • HKDF-MD5, HKDF-RIPEMD-160, HKDF-SHA-1, HKDF-SHA-224, HKDF-SHA-255, HKDF-SHA-384, HKDF-SHA-512, HKDF-SHA-512/224, HKDF-SHA-512/256
  • PBKDF2-SHA-1, PBKDF2-SHA-224, PBKDF2-SHA-256, PBKDF2-SHA-384, PBKDF2-SHA-512, PBKDF2-SHA-512/224, PBKDF2-SHA-512/256

All key derivation algorithms take advantage of the underlying hash accelerator when available.

Random bit generators

High-quality random data is essential for many cryptographic protocols and algorithms. emCrypt supports NIST random bit generators and the highly regarded Fortuna cryptographically secure random number generator.

  • Fortuna
  • Hash-DRBG-SHA-1, Hash-DRBG-SHA-224, Hash-DRBG-SHA-256, Hash-DRBG-SHA-384, Hash-DRBG-SHA-512, Hash-DRBG-SHA-512/224, Hash-DRBG-SHA-512/256
  • HMAC-DRBG-SHA-1, HMAC-DRBG-SHA-224, HMAC-DRBG-SHA-256, HMAC-DRBG-SHA-384, HMAC-DRBG-SHA-512, HMAC-DRBG-SHA-512/224, HMAC-DRBG-SHA-512/256
  • CTR-DRBG-TDES, CTR-DRBG-AES-128, CTR-DRBG-AES-192, CTR-DRBG-AES-256

All DRBG algorithms take advantage of the underlying cipher or hash accelerator when available.

Digital signatures

Digital signatures provide an assurance that a document, or a collection of data, is authentic and unmodified.

  • RSASSA-PSS with approved and configurable hash algorithms
  • RSASSA-PKCS1 with approved and configurable hash algorithms
  • ECDSA using all NIST prime curves and Brainpool curves and with approved and configurable hash algorithms
  • Ed25519, Ed448

Headquarters

SEGGER Microcontroller GmbH

Ecolab-Allee 5
40789 Monheim am Rhein, Germany
info@segger.com
Tel.: +49-2173-99312-0
Fax: +49-2173-99312-28

Locations

USA: SEGGER Microcontroller Systems LLC

Boston area
101 Suffolk Lane
Gardner, MA 01440, USA
us-east@segger.com
Tel.: +1-978-874-0299
Fax: +1-978-874-0599

Silicon Valley
Milpitas, CA 95035, USA
us-west@segger.com
Tel.: +1-408-767-4068

China: SEGGER Microcontroller China Co., Ltd.

Room 218, Block A, Dahongqiaoguoji
No. 133 Xiulian Road
Minhang District, Shanghai 201199, China
china@segger.com
Tel.: +86-133-619-907-60

ISO 9001 certified

ISO 9001

30+ years of experience

First-class embedded software tools since 1992
  • Imprint
  • Disclaimer
  • Privacy Policy
© 2025 SEGGER - All rights reserved.