SHA-512 encryption–the easy way

Over the last couple of months, we have been working a project for a new client.  It is a custom-user interface that requires encryption.  We have done encryption before for the financial industry, implementing 3DES with DUKPT key management.  We’ve also done MD5 hash algorithms and AES.  In all of these cases  we’ve had to “roll our own” code.  We found the relevant standards and implemented the code.  It was a time consuming and mind-numbing process.  This is doubly so for the 1DES and 3DES code, when we accomplished this task by writing it in assembly!  However, over the past five years, most microcontroller suppliers have really filled out their offerings with encryption.  Over the past week, this has really come in handy.

The new design is defined using the SHA-2 algorithm.  Specifically the SHA-512 implementation – the big daddy.   After checking out the specification, and getting a mild case of code phobia, I decided to see if there was some help on the web.  We are using a 24FJ-series microcontroller from Microchip.  I did a quick spin through the Microchip website looking for encryption ap-notes or libraries.  Unfortunately, their published libraries only covered algorithms through SHA-1.  Things were looking grim – we were going to have to code up the SHA-2 from scratch.  As a last gasp, I contacted Microchip directly through their normal tech support channel and asked if there was a SHA-512 ap-note I had not seen.  They did NOT; however, they did have some beta code for an ap-note/library they are working on and they provided it to me.

I tried the Microchip SHA-512 algorithm out and spent about 10 hours with it, making sure everything worked with standard test vectors and with the test vectors from the back-end of the system we are interfacing to.  Success!  I was able to get this chunk of the design roughed in in about 20% of the time I was budgeting.  Microchip really saved my bacon.  I am really impressed with Microchip and their “above and beyond” approach.  More on this project later.

Comments

  1. Such a quick and impressive start, promising “more on this project later”… and? any news? any details? any info on performance of sha-512 on microchip?
    Please let know! Thanks!

  2. Sergey –

    Over the last 8 months or so the project this was written about has been in the field and cranking away. I have not had to touch the SHA-512 implementation at all. It does a full SHA-512 encryption of a small data set very quickly and we have found no errors using it in a real world application. I am very impressed. We are about to start a new project that needs to implement some other encryption (3DES and SHA-256) and I will absolutely be looking to use these libraries again. I am very happy with how this has turned out.

    Dave

Speak Your Mind

*