Silicon Labs Cryptography Hardware Acceleration Plugins for mbed TLS#

Overview of plugins for hardware accelerated cryptography through the mbed TLS APIs.

These plugins hook into acceleration points in the relevant mbed TLS APIs, for the algorithms that can be accelerated by the hardware peripheral included in the respective device.

The plugins support sharing of cryptography hardware in multi-threaded applications, as well as a reduced overhead configuration for optimal performance in single-threaded applications. Multi-threaded support is provided by the Threading Primitives module.

AES Peripheral#

A plugin for the AES peripheral is provided for classic EFM32 and EZR32 MCUs (Series-0).

For more details, see accelerated implementation file aes_aes.c located in the sl_mbedtls_support/src/ subdirectory.

CRYPTO Peripheral#

The Series-1 devices incorporate the CRYPTO peripheral for cryptographic hardware acceleration. The plugins using the CRYPTO peripheral support multi-threaded applications by implementing mbed TLS threading primitives and are located in sl_mbedtls_support/src/crypto_* and sl_psa_driver/src/sli_crypto_*. These implementations are replacing the corresponding software implementations in mbedtls/library.

Driver files supporting acceleration through legacy mbed TLS APIs (mbedtls_*):

  • crypto_aes.c: acceleration for the AES block cipher together with a few common modes of operation.

  • crypto_gcm.c: acceleration for the AES-GCM mode of AEAD.

  • crypto_ecp.c: acceleration of ECC point multiplication (secp192r1, secp224r1 and secp256r1).

  • mbedtls_aes.c: acceleration for AES in the ECB mode of operation. Uses the corresponding PSA Crypto driver for acceleration.

  • mbedtls_ccm.c: acceleration for the AES-CCM mode of AEAD. Uses the corresponding PSA Crypto driver for acceleration.

  • mbedtls_cmac.c: acceleration of the AES-CMAC algorithm for MACs. Uses the corresponding PSA Crypto driver for acceleration.

  • mbedtls_sha.c: acceleration of SHA-1 and SHA-2 hash functions. Uses the corresponding PSA Crypto driver for acceleration.

Secure Engine Peripheral#

The EFR32xG21, EFR32xG23 & EFR32xG24 devices incorporate the SE peripheral for cryptographic hardware acceleration. The plugins using the SE peripheral support multi-threaded applications by implementing mbed TLS threading primitives, and are located in sl_mbedtls_support/src/se_* and sl_psa_driver/src/sli_se_*. These implementations are replacing the corresponding software implementations in mbedtls/library/.

Note

  • The Secure Engine drivers are multi-thread capable, but do not support preemption. This means the application developer is responsible for not calling a driver-accelerated PSA API under conditions which would cause preemption of an already-running operation. For baremetal applications, this usually means not calling cryptographic operations from ISR. For RTOS-based applications, this boils down to not calling these SE-accelerated functions from either ISR or inside critical/atomic sections, since the underlying mutex acquisition would fail.

Driver files supporting acceleration through legacy mbed TLS APIs (mbedtls_*):

  • se_aes.c: acceleration for the AES block cipher together with a few common modes of operation.

  • se_gcm.c: acceleration for the AES-GCM mode of AEAD.

  • se_jpake.c: acceleration of the Elliptic Curve (EC) J-PAKE protocol for key agreement.

  • mbedtls_aes.c: acceleration for AES in the ECB mode of operation. Uses the corresponding PSA Crypto driver for acceleration.

  • mbedtls_ccm.c: acceleration for the AES-CCM mode of AEAD. Uses the corresponding PSA Crypto driver for acceleration.

  • mbedtls_cmac.c: acceleration of the AES-CMAC algorithm for MACs. Uses the corresponding PSA Crypto driver for acceleration.

  • mbedtls_ecdsa_ecdh.c: acceleration of two common schemes built on Elliptic Curve Cryptography (ECC): ECDSA for signatures, and ECDH for key agreement. Uses the corresponding PSA Crypto driver for acceleration.

  • mbedtls_sha.c: acceleration of SHA-1 and SHA-2 hash functions. Uses the corresponding PSA Crypto driver for acceleration.

CRYPTOACC Peripheral#

The EFR32xG22 devices incorporate the CRYPTOACC peripheral for cryptographic hardware acceleration. The plugins using the CRYPTOACC peripheral support multi-threaded applications by implementing mbed TLS threading primitives, and are located in sl_mbedtls_support/src/cryptoacc_* and sl_psa_driver/src/sli_cryptoacc_*. These implementations are replacing the corresponding software implementations in mbedtls/library/.

Note

  • The CRYPTOACC peripheral has not been hardened against side-channel analysis (SCA) attacks. Certain APIs in mbed TLS might give the impression of being secured against this class of attack, but this is not necessarily true if the hardware acceleration plugins are used. For example: some APIs operating over elliptic curves will require an RNG function pointer and state to be passed as arguments in order to perform coordinate randomization. Since the CRYPTOACC peripheral does not allow for this type of acceleration, these parameters will not be used. However, it should be stated that timing based SCA attacks are more challenging to perform on hardware accelerated operations of this type – since they are significantly faster than their software implementation counterparts.

Driver files supporting acceleration through legacy mbed TLS APIs (mbedtls_*):

  • cryptoacc_aes.c: acceleration for the AES block cipher together with a few common modes of operation.

  • cryptoacc_gcm.c: acceleration for the AES-GCM mode of AEAD.

  • mbedtls_aes.c: acceleration for AES in the ECB mode of operation. Uses the corresponding PSA Crypto driver for acceleration.

  • mbedtls_ccm.c: acceleration for the AES-CCM mode of AEAD. Uses the corresponding PSA Crypto driver for acceleration.

  • mbedtls_cmac.c: acceleration of the AES-CMAC algorithm for MACs. Uses the corresponding PSA Crypto driver for acceleration.

  • mbedtls_ecdsa_ecdh.c: acceleration of two common schemes built on Elliptic Curve Cryptography (ECC): ECDSA for signatures, and ECDH for key agreement. Uses the corresponding PSA Crypto driver for acceleration.

  • mbedtls_sha.c: acceleration of SHA-1 and SHA-2 hash functions. Uses the corresponding PSA Crypto driver for acceleration.

Modules#

Accelerated AES Block Cipher

Accelerated AES-CCM AEAD Cipher

Accelerated AES-CMAC Cipher

Accelerated Elliptic Curve J-PAKE

Accelerated GCM AES-128 Cipher

Accelerated SHA-1 Hash Function

Accelerated SHA-224/SHA-256 Hash Function

Accelerated SHA-384/SHA-512 Hash Function

Threading Primitives