電子發燒友App
RSA Key Generation Using the MAXQ1103 Microcontroller
Abstract: Maxim's RSA key generation library provides easy-to-use interfaces to generate RSA key pairs using the MAXQ1103 microcontroller. The MAXQ1103 microcontroller is designed for financial terminal applications and has number of security features including RSA. The RSA library uses the modulo arithmetic accelerator (MAA) which provides cryptographic operations up to 2048 bits. The MAA allows the user to compute a set of operations that are important for many cryptographic operations. The article also explains why the MAXQ1103 Evaluation (EV) Kit and the CrossWorks development environment provide an ideal platform to develop secure applications.
Introduction
This application note demonstrates the generation of RSA key-pair sets using the MAXQ1103 secure RISC microcontroller. The article also demonstrates how to encrypt and decrypt the plain text messages using RSA key-pair sets. To demonstrate the timing of the RSA computation, the article shows data from the DS5250 high-speed, secure microcontroller which illustrates the performance improvement achieved with the MAXQ1103.
The MAXQ1103 microcontroller is designed for financial terminal applications and has number of security features including RSA. The hardware modulo arithmetic accelerator (MAA) provides cryptographic operations up to 2048 bits. The MAA allows the user to compute a set of operations that are important for many cryptographic operations. Example operations include modular exponentiation (ae mod m); modular multiplication (a × b mod m); modular square (b² mod m); modular square followed by moduar multiply ((b² mod m) × a mod m); modular addition; and modular subtraction.
The MAXQ1103 evaluation (EV) kit and CrossWorks development environment provide an ideal platform to develop these secure applications. The EV Kit comes with all the tools necessary for development: 4MB of external program memory; 4MB of external data memory; 2 serial ports; 2 smart-card chips (one full size and one SIM card); a USB connector; an LCD screen; a 16-bit keypad; and a prototyping area.
Getting Started with RSA Key-Pair Generation
The sample application binary (rsa_1103.hex) and sample application code that generate the RSA key pair can be obtained by writing t
micro.support@maxim-ic.com. The following information will help you build and execute the RSA key-pair sample application program which is written in C and uses the CrossWorks compiler for MAXQ30.
Setting Up the MAXQ1103 EV Kit
Refer to application note 4273, "Getting Started with the MAXQ1103 Evaluation Kit and the CrossWorks Compiler for the MAXQ30," for details on setting up the development environment for the MAXQ1103.
The MAXQ1103 EV kit is shown in Figure 1. The hardware components required to generate the RSA key pair are:
- MAXQ1103 EV kit board
- JTAG board
- JTAG cable (to connect the MAXQ1103 EV kit board and JTAG board)
- 9-pin serial cable. (to connect the PC's COM port and EV kit's serial port 0)
- Two regulated power supplies (5V, ±5%, 300mA, center positive); one supply is for the MAXQ1103 EV kit and the other for the JTAG board.
The jumper settings for the EV kit are shown in the table below.
| Jumper | Status |
| JU1 | Short |
| JU3 | Short |
| JU4 | Short |
Figure 1. MAXQ1103 EV kit with JTAG board.
Follow these steps to set up the EV kit and begin using the software for this application.
- Install the CrossWorks compiler for MAXQ30. The tool suite is available from Rowley Associates and is version 2.0.0.2008063000.2293 at the time of this publication.
- Connect the serial cable between the EV kit's port 0 and the PCs COM port so you can observe the application output onto the PC.
- Connect the serial cable between the JTAG board and PCs COM port. This connection is used to download the application onto the EV kit board.
- Open the project
rsa_1103.hzp. - Click on Project, then Rebuild to generate the
rsa_1103.hzxoutput file. This file will be downloaded to the MAXQ1103 EV kit. Additionally you can generatersa_1103.hexfile by modifying the project properties. Go to Project properties, then Linker Options, then additional Output Format. Choose "hex" from the dropdown list. - Connect to the target using the "Connect to the target" tab in your Targets window.
- The application prints the results onto serial port 0 of the EV kit.
Open the hyperterminal and configure the appropriate COM port connection for 115200, 8 data bits, parity none, 1 stop bit, and no flow control.
OR
You can use Maxim's Microcontroller Tool Kit (MTK) software to see the application results. Install the MTK and open the MTK in dumb terminal mode. Configure the appropriate serial port for 115200 baud rate, and open the serial connection. - Click on Debug, then Run to load and run the application. This application note uses MTK to observe the results.
The application will now prompt you for some data entry with the request to "Enter key length bits to be generated:"
Enter the number (for example, 1024) and wait for the application to display the results. The application displays the execution status shown in Figure 2. It takes approximately 5 seconds to generate a 1024-bit-length RSA key pair, then encrypt and decrypt the random message. This time can vary for each execution. The average times taken to generate RSA key-pair for various bit lengths are tabulated in Table 1.
Figure 2. Execution status and results of sample application.
Developing a Simple Application Using the RSA Key-Generation Library
The library provides easy-to-use interface functions in C to generate the key pair and encrypt/decrypt the user message using the private/public key. Refer to the rsalib_1103.h file to see the prototypes of these interfaces. This application demonstrates the use of these interface functions:
rsa_generateKeySet(...) rsa_bignumModExp(...)
Typical uses of these interface functions follow.
{
unsigned long exp = 0x10001; // public exponent
DIGIT *c,*x;
BIGNUM *d;
BIGNUM *e;
BIGNUM *pq;
DIGIT *plain_text;
d = rsa_newNum();
e = rsa_newNum();
pq = rsa_newNum();
// generate the public and private key pair
// 'maxq1103_rnd' is a call-back function to generate random numbers
using 'random number generator' (RNG) module built into the MAXQ1103 microcontroller.
err = rsa_generateKeySet(d,e,exp,maxq1103_rnd,pq,keylen);
if(err != RSA_SUCCESS)
{ printf("\nFailed to generate RSA Keysets. Error code=%d",err);
rsa_freeNum(d);
rsa_freeNum(e);
rsa_freeNum(pq);
return;
}
// allocate memory for 'plain_text' and 'assign values
// allocate memory for 'x' which will contain the encrypted text
rsa_bignumModExp(x,plain_text,e,pq); // use public key for encryption
// allocate memory for 'c' which will contain the decrypted/original text
rsa_bignumModExp(c,x,d,pq); // use private key for decryption
}
Typical test results for different bit lengths are shown below. These numbers can vary for each execution.
Table 1. Average Time for Generating an RSA Key Pair
| RSA Bit Length Generated | Number of Tests Run | Average Time Taken per Test to Generate RSA Key Pair (seconds) | |
| MAXQ1103 EV Kit at 12MHz | DS5250 EV Kit at 22.1MHz | ||
| 256 | 60 | 0.84 | 4.8 |
| 512 | 60 | 1.71 | 10.76 |
| 1024 | 60 | 4.55 | 26.6 |
| 1536 | 60 | 9.98 | 63.81 |
| 2047 | 60 | 17.36 | 126.81 |
Conclusion
Maxim provides a library for RSA key generation. This library allows applications written in C to access the power and functionality of the MAXQ1103 microcontroller's hardware to generate RSA key pairs up to a maximum of 2047 bits. The library uses of MAA and RNG modules built into the MAXQ1103 to compute the RSA key pairs. The hardware MAA supports IEEE® Public Key Cryptographic standard (P1363) for asymmetric cryptographic operations based on DSA, RSA, and ECSDA algorithms.
IEEE is a registered service mark of the Institute of Electrical and Electronics Engineers.
工商網監
評論