Tiny asymmetric encryption implementation to verify boot

Question

Tiny asymmetric encryption implementation to verify boot

In order for a small C ++ application to be updated on clients connected via the Internet, I need a mechanism that checks the download based on the public key. Algorithms like DSA or RSA seem to do it nicely.

However, looking at the well-known available libraries for this (Crypto ++, LibTomCrypt), all of them ultimately make my binary file larger than 500 thousand, although it seems to me that such logic can be implemented in a couple k. Are there libraries that implement RSA / DSA hash checking in, say, <20k footprint?

+7

c ++ rsa dsa

Emiel mols Jul 21 '10 at 18:31

source share

6 answers

If you are only for Windows, you can connect to the Crypto Windows API if your applications are deployed on win2k or higher. Windows Crypto MSDN article.

EDIT: Another possible solution, if you just need to verify that the download was not corrupted, a quick google search found the source of this small MD5 implementation . according to read-me in the top 3k of compiled object code.

+1

Scott Chamberlain Jul 21 '10 at 18:38

source share

Do you really need ciphers? Typically, you can use a hash function such as MD5 or SHA to verify the load. Perhaps you can find a small library using them.

In any case, you can try the openssl library. However .a on my machine is around 400K and 250K.

+1

Scharron Jul 21 '10 at 19:01

source share

The http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.143.3049&rep=rep1&type=pdf describes an elliptic curve library, which, according to the authors, can be configured to only need about 7k ROM and below 200 RAM byte on the microcontroller

0

Peter G. Jul 21 '10 at 18:41

source share

I think you may find that the MIRACL library meets your needs.

0

James k polk Jul 22 '10 at 0:59

source share

Checksums

can easily handle such validation jobs.

0

d-live Jul 22 '10 at 9:11

source share

Emiel mols · Accepted Answer · 2010-07-23T09:15:40+0000

Since I did not find libraries that matched my specific need, I hacked my own library for this: http://github.com/paiq/dsa_verify . The current implementation has ~ 50KB of program memory, mainly due to the included binary math library, but future versions may be shared even more.

Tiny asymmetric encryption implementation to verify boot

More articles: