LPC55S69: EC_secp521r1 support

取消
显示结果 
显示  仅  | 搜索替代 
您的意思是: 

LPC55S69: EC_secp521r1 support

1,960 次查看
EugeneHiihtaja
Senior Contributor I

Hello !

https://www.nxp.com/docs/en/white-paper/IOTSECWP.pdf

 

here in the page 4 is mentioned that CASPER driver supports :

– Elliptic Prime Curve 521-bit (EC_secp521r1)   

 

But no any benchmark digits.

 What is current situation , can P521 be accelerated ( at list partially ) on CASPER ?

Pure SW routines is too slow on LPC55.

 

Regards,

Eugene

 

标签 (1)
0 项奖励
回复
5 回复数

1,951 次查看
xiangjun_rong
NXP TechSupport
NXP TechSupport

 

Hi, Eugene,

In the SDK package for LPC55S69, there is CASPER examples, which includes the RSA example and ECC examples. I copy the screenshot for loading the casper examples in SDK package. there is 256 bits and 384 bits ECC examples.

Hope it can help you

this is part of the code:

/* Begin code to test elliptic curve scalar multiplication. */
{
int i;
int m1, m2;

int errors = 0;

for (i = 0; i < 8; i++)
{
PRINTF("Round: %d\r\n", i);

uint32_t X1[8], Y1[8];
uint32_t *X3 = &test_ecmulans[i][0];
uint32_t *Y3 = &test_ecmulans[i][8];

CASPER_ECC_SECP256R1_Mul(CASPER, X1, Y1, &test_ecmulans[0][0], &test_ecmulans[0][8], test_ecmulscalar[i]);
CASPER_ECC_equal(&m1, X1, X3);
CASPER_ECC_equal(&m2, Y1, Y3);
if (m1 != 0 || m2 != 0)
{
errors++;
}
}
if (errors != 0)
{
PRINTF("Not all EC scalar multipication tests were succesfull.\r\n");
PRINTF("%d / 8 tests failed.\n", errors);
}
else
{
PRINTF("All EC scalar multiplication tests were succesfull.\r\n");
}
}
/* End code to test elliptic curve scalar multiplication. */

/* Begin code to test elliptic curve double scalar multiplication. */
{
int i;
int m1, m2;

int errors = 0;
uint32_t c3[NUM_LIMBS], c4[NUM_LIMBS];
for (i = 0; i < 8; i++)
{
PRINTF("Round: %d\r\n", i);
uint32_t *c1 = &test_ecddoublemul_result[i][0];
uint32_t *c2 = &test_ecddoublemul_result[i][NUM_LIMBS];
CASPER_ECC_SECP256R1_MulAdd(CASPER, c3, c4, &test_ecddoublemul_base[0][0],
&test_ecddoublemul_base[0][NUM_LIMBS], &test_ecddoublemul_scalars[i][0],
&test_ecddoublemul_base[1][0], &test_ecddoublemul_base[1][NUM_LIMBS],
&test_ecddoublemul_scalars[i][NUM_LIMBS]);

CASPER_ECC_equal(&m1, c1, c3);
CASPER_ECC_equal(&m2, c2, c4);
if (m1 != 0 || m2 != 0)
{
errors++;
}
}
if (errors != 0)
{
PRINTF("Not all EC double scalar multipication tests were succesfull.\r\n");
PRINTF("%d / 8 tests failed.\n", errors);
}
else
{
PRINTF("All EC double scalar multiplication tests were succesfull.\r\n");
}
}
/* End code to test elliptic curve double scalar multiplication. */

#elif CASPER_ECC_P384

PRINTF("Casper ECC Demo P384\r\n\r\n");

/* Begin code to test elliptic curve scalar multiplication. */
{
int i;
int m1, m2;

int errors = 0;

for (i = 0; i < 8; i++)
{
PRINTF("Round: %d\r\n", i);

uint32_t X1[12], Y1[12];
uint32_t *X3 = &test_ecmulans[i][0];
uint32_t *Y3 = &test_ecmulans[i][12];

CASPER_ECC_SECP384R1_Mul(CASPER, X1, Y1, &test_ecmulans[0][0], &test_ecmulans[0][12], test_ecmulscalar[i]);
CASPER_ECC_equal(&m1, X1, X3);
CASPER_ECC_equal(&m2, Y1, Y3);
if (m1 != 0 || m2 != 0)
{
errors++;
}
}
if (errors != 0)
{
PRINTF("Not all EC scalar multipication tests were succesfull.\r\n");
PRINTF("%d / 8 tests failed.\r\n", errors);
}
else
{
PRINTF("All EC scalar multiplication tests were succesfull.\r\n");
}
}
/* End code to test elliptic curve scalar multiplication. */

/* Begin code to test elliptic curve double scalar multiplication. */
{
int i;
int m1, m2;

int errors = 0;
uint32_t c3[NUM_LIMBS], c4[NUM_LIMBS];
for (i = 0; i < 8; i++)
{
PRINTF("Round: %d\r\n", i);
uint32_t *c1 = &test_ecddoublemul_result[i][0];
uint32_t *c2 = &test_ecddoublemul_result[i][NUM_LIMBS];
CASPER_ECC_SECP384R1_MulAdd(CASPER, c3, c4, &test_ecddoublemul_base[0][0],
&test_ecddoublemul_base[0][NUM_LIMBS], &test_ecddoublemul_scalars[i][0],
&test_ecddoublemul_base[1][0], &test_ecddoublemul_base[1][NUM_LIMBS],
&test_ecddoublemul_scalars[i][NUM_LIMBS]);
CASPER_ECC_equal(&m1, c3, c1);
CASPER_ECC_equal(&m2, c4, c2);
if (m1 != 0 || m2 != 0)
{
errors++;
}
}
if (errors != 0)
{
PRINTF("Not all EC double scalar multipication tests were succesfull.\r\n");
PRINTF("%d / 128 tests failed.\r\n", errors);
}
else
{
PRINTF("All EC double scalar multiplication tests were succesfull.\r\n");
}
}
/* End code to test elliptic curve scalar multiplication. */
#endif

/* Deinitialize CASPER */
CASPER_Deinit(CASPER);

while (1)
{
}
}

 

xiangjun_rong_0-1602311423559.png

 

0 项奖励
回复

1,939 次查看
EugeneHiihtaja
Senior Contributor I

Hi @xiangjun_rong !

Yes situation with P256/384 are clear. But nowadays P-521 is minimal requirement quite often.

CASPER has potential for be used for partial acceleration of it.

And it is quite important to understand if it going to be utilized in nearest feature.

OR software calculations of P-521 will be used for this MCU forever.

 

Regards,

Eugene

 

0 项奖励
回复

1,931 次查看
xiangjun_rong
NXP TechSupport
NXP TechSupport

Hi, Eugene,

We have implemented the 512 bits ECC in both software implementation and CASPER implementation.

I suggest you refer to the application note an12445.pdf located at:

https://www.nxp.com.cn/docs/en/application-note/AN12445.pdf

 

The SDK package for LPC55S69 has mbedTLS example.BR

 
 
 

BR

XiangJun Rong

 

0 项奖励
回复

1,911 次查看
EugeneHiihtaja
Senior Contributor I

Hello !

But in both cases you have pure SW implementation.

Only P256/384 cases are accelerated.

Can CASPER be used at list partially for P-521 already ?

 

Regards,

Eugene

 

0 项奖励
回复

1,895 次查看
xiangjun_rong
NXP TechSupport
NXP TechSupport

Hi, Eugene,

I am sorry, you are right, the _mbed-crypto_benchmark example is implemented with pure software, the hardware CASPER accelerator is not used.

I have asked the AE team, the 512 bits ECC algorithms based on CASPER has been developing, it is estimated it can be released at the end of this year, but we do not guarantee, because it is dependent on the priority of the task.

BR

Xiangjun Rong

0 项奖励
回复