应用笔记 5427

RSA-Key Generation Using the DeepCover Secure Microcontroller (MAXQ1050)


摘要 : This application note demonstrates how to generate RSA-key-pair sets using the DeepCover® Secure Microcontroller (MAXQ1050) RISC. To generate the sets, Maxim provides an easy-to-use RSA key-generation library. This RSA library uses the modular arithmetic accelerator (MAA), which supplies cryptographic operations up to 2048 bits and allows the user to compute a set of operations that are essential for many cryptographic operations. The application note also explains why the MAXQ1050-KIT evaluation (EV) kit and the CrossWorks development environment provide an ideal platform to develop secure applications.


This document is written for a highly specific application and contains information about proprietary technology, and is only available to customers whose requirements closely match the application. To request the full document, please complete the form below.

Please enter information in English only.

Introduction

This application note demonstrates how to generate RSA-key-pair sets using the DeepCover® Secure Microcontroller (MAXQ1050) RISC. The document also demonstrates how to encrypt and decrypt the plain text messages using the RSA-key-pair sets. To demonstrate the performance of the RSA computation, comparative data from the MAXQ1850 microcontroller illustrate the performance achieved with the MAXQ1050.

Cryptographic Features of the MAXQ1050

The MAXQ1050 microcontroller is designed for low-cost security and e-commerce applications and has a number of security features, including RSA. The microcontroller's hardware contains a modular arithmetic accelerator (MAA) that provides cryptographic operations up to 2048 bits; it allows the user to compute a set of operations that are critical for many cryptographic operations. Example operations include modular exponentiation (ae mod m); modular multiplication (a × b mod m); modular square (b² mod m); modular square followed by modular multiply ((b² mod m) × a mod m); modular addition; and modular subtraction.
The MAXQ1050-KIT evaluation (EV) kit and the CrossWorks development environment provide a suitable platform to develop these secure applications. The EV kit comes with all the tools necessary for development: internal flash, one serial port; one full-size smart-card interface; a USB connector; and a prototyping area.

Getting Started with RSA-Key-Pair Generation

The sample application binary (rsa_1050.hex) and sample application code that generate the RSA-key pair can be obtained by contacting . The binary-linkable version of the RSA library, along with the support files (such as rsalib_1050.h can also be requested by contacting .
This application note will help you build and execute the RSA key-pair sample application program, which is written in C and uses the CrossWorks compiler for the MAXQ30 core.

Setting Up the MAXQ1050-KIT

Refer to application note 5028, "MAXQ1050 Rowley Development Environment Setup" for details on setting up the development environment for the MAXQ1050.
The MAXQ1050-KIT is shown in Figure 1. The hardware components required to generate the RSA key pair are listed here.
  • The MAXQ1050-KIT board
  • A USB cable to connect the USB port labeled "JTAG USB" on the MAXQ1050-KIT board
  • A 9-pin serial cable (to connect the PC's COM port and EV kit's serial port 0)
  • One regulated power supply (5V, ±5%, 300mA, center positive) for the MAXQ1050-KIT
Install jumpers JU18, JU20, and JU23 to allow serial communications.
Figure 1. The MAXQ1050-KIT with cables connected.
More detailed image
(PDF, 2.5MB)
Figure 1. The MAXQ1050-KIT with cables connected.
Follow these steps to set up the EV kit and begin using the software for this application.
  1. Install the CrossWorks compiler for the MAXQ30. The tool suite is available from Rowley Associates.
  2. Connect the serial cable between the EV kit's port 0 (J2) and the PC's COM port to observe the application output onto the PC.
  3. Connect the USB cable from the USB port labeled "JTAG USB" to a USB port on the PC. This connection is used to download the application onto the EV kit board.
  4. Open the project rsa_1050.hzp.
  5. Click on Project, then Rebuild to generate the rsa_1050.hzx output file. This file will be downloaded to the MAXQ1050-KIT. Additionally users can generate the rsa_1050.hex file by modifying the project properties. Go to Project properties, then Linker Options, then Additional Output Format. Choose hex from the drop-down list.
  6. Connect to the target using the Connect to the target tab in the Targets window.
The application prints the results onto serial port 0 of the EV kit.
  • Open the hyperterminal and configure the appropriate COM port connection for 115200, 8 data bits, parity none, 1 stop bit, and no flow control.
OR
  • Use Maxim's Microcontroller Tool Kit (MTK) software to see the application results. Install the MTK and then open it in dumb terminal mode. Configure the appropriate serial port for 115200 baud rate, and open the serial connection.
  • Click on Debug, then Run to load and run the application. This application note uses the MTK to observe the results.
The application will now prompt you for some data entry with the request to Enter key length.
Enter the number (for example, 1024) and wait for the application to display the results. The application displays the execution status shown in Figure 2. It takes approximately five seconds to generate a 1024-bit-length RSA key pair, then encrypt and decrypt the random message. This time can vary for each execution. The average times taken to generate an RSA-key pair for various bit lengths are tabulated in Table 1.
Figure 2. The execution status and results of a sample application.
Figure 2. The execution status and results of a sample application.

Developing a Simple Application Using the RSA-Key-Generation Library

The RSA-key-generation library provides easy-to-use interface functions in C to generate the key pair and encrypt/decrypt the user message using the private/public key. Refer to the rsalib_1050.h file to see the prototypes of these interfaces. This application demonstrates the use of these interface functions:
rsa_generateKeySet(...)
rsa_bignumModExp(...)
Typical uses of these interface functions follow.
{
        unsigned long exp = 0x10001;                // public exponent
        DIGIT *c,*x;
        BIGNUM *d;
        BIGNUM *e;
        BIGNUM *pq;
        DIGIT *plain_text;

        d = rsa_newNum();
        e = rsa_newNum();
        pq = rsa_newNum();

      // Generate the public and private key pair
// 'MAXQ1050_rnd' is a call-back function to generate random    
// numbers using 'random number generator' (RNG) module built into 
// the MAXQ1050 microcontroller.

        err = rsa_generateKeySet(d,e,exp,MAXQ1050_rnd,pq,keylen);

        if(err != RSA_SUCCESS)
        {       printf("\nFailed to generate RSA Keysets. Error code=%d",err);
                rsa_freeNum(d);
                rsa_freeNum(e);
                rsa_freeNum(pq);
                return;
        }

        // Allocate memory for 'plain_text' and 'assign values'.
        // Allocate memory for 'x' which will contain the encrypted text.

        rsa_bignumModExp(x,plain_text,e,pq); 	// Use public key for encryption.
				// Allocate memory for 'C' which will 				// contain the decrypted original 				// text

        rsa_bignumModExp(c,x,d,pq);        	// Use private key for decryption.

}
Typical test results for different bit lengths are shown in Table 1. These numbers can vary for each execution.















Table 1. Average Time for Generating an RSA Key Pair
Bit Length Generated Number of Tests Run Average Time Taken Per Test to Generate an RSA Key Pair(s)
MAXQ1050-KIT (at 24MHz) MAXQ1850-KIT (at 12MHz)
256 100 0.64 1.03
512 100 1.18 1.79
1024 100 3.99 5.37
1536 100 11.75 15.21
2048 100 27.54 28.85

Conclusion

Maxim's RSA library allows applications written in C to access the power and functionality of the MAXQ1050 microcontroller's hardware to generate RSA-key pairs up to a maximum of 2048 bits. The hardware MAA supports IEEE® Public Key Cryptographic standard (P1363) for asymmetric cryptographic operations based on DSA, RSA, and ECDSA algorithms. The RSA library uses the special hardware on the MAXQ1050 (MAA and RNG) to do cryptographic operations much more quickly than would be possible using a purely software implementation.