Royalty free M2M security and encryption extended to NXP’s ARM Cortex-M MCUs
Designed to secure communication and management of embedded devices and dedicated M2M applications, SharkSSL is transport agnostic. While most SSL stacks are tightly coupled to the TCP transport protocol, SharkSSL can be used with any other transport protocol, whether TCP or a more lightweight—and even proprietary—stack that an embedded system or sensor network may employ, such as Zigbee, or for common applications, such as email or web encryption, file transfer, voice over IP and wireless security authentication.
The SharkSSL library has been optimized for high performance and efficiency in C code, achieving AES encryption at 750 kB/s and RSA encryption in as little as 18ms on a Cortex-M3-based core running at 50 MHz. The SharkSSL stack has been designed to use selective in-line assembly code—a feature most useful for the RSA and Diffie-Hellman key-exchange protocols which have a larger code base.
With the advent of M2M communications, communication security has become critical for the embedded systems that underpin utility grids, transportation systems, industrial networks, and military and aerospace applications. Such networks involve constant communication as sensor or device nodes receive instructions from back-end systems or send data back. With each communication exchange, intruders gain a new opportunity to compromise system integrity, exposing individuals, businesses and nations to cyber-attack. Secure communications are critical to ensuring that messages and data are seen only by the intended parties.
SharkSSL delivers embedded security and embedded encryption tailored for devices. Implementing SSL 3.0, TSL 1.0, and TLS 1.1 as well as encryption algorithms AES, DES, 3DES, ARC4, SHA1, MD5, RSA, and DH, the SharkSSL crypto software library can be optimized for processors with hardware encryption engines, partial support, or with no hardware encryption support, such as the ARM Cortex-M. SharkSSL’s 20-kB footprint not only weighs in 50 times smaller than OpenSSL, but also represents the smallest SSL/TLS stack available for embedded security.
“The speed and compact size of SharkSSL delivers the high-performance needed for our customers’ demanding real-time applications,” said Gene Carter, International Product Manager for Microcontrollers at NXP Semiconductors.
“Controllers as power efficient as the LPC1000 demand embedded security engineered to be fast and compact to preserve as much system memory as possible for the application,” said Wilfred Nilsen, CEO at Real Time Logic. “Compact and highly efficient, SharkSSL quickly secures and encrypts all embedded device communication whether on an industrial or sensor network to ensure that communication is secure, data stays in the right hands and no unauthorized access to the network is gained.”
The SharkSSL library can be adapted to take advantage of hardware encryption accelerators and implementations using hardware acceleration have demonstrated performance improvements of up to 50 times for Triple-DES encryption as compared to unaccelerated performance.
Because it is available as source code, SharkSSL code can be implemented on any processor off the shelf. The SharkSSL library has been successfully deployed on ARM, Freescale, and PowerPC-based FPGA architectures. It can also take advantage of the encryption acceleration in any Freescale microcontroller; other accelerators can be accommodated upon request.
Out-of-the-box operating system (OS) support includes INTEGRITY, MQX, SMX, ThreadX, VxWorks, EBSnet, rtplatform, uCLinux, Linux and Windows; it can also be used in bare-metal (no OS) configurations. Multi-threading is available for added performance when using an OS that supports multi-threading.
SharkSSL comes with full source code and royalty-free licenses starting at $8,000.