Over the last couple of months, we have been working a project for a new client. It is a custom-user interface that requires encryption. We have done encryption before for the financial industry, implementing 3DES with DUKPT key management. We’ve also done MD5 hash algorithms and AES. In all of these cases we’ve had to “roll our own” code. We found the relevant standards and implemented the code. It was a time consuming and mind-numbing process. This is doubly so for the 1DES and 3DES code, when we accomplished this task by writing it in assembly! However, over the past five years, most microcontroller suppliers have really filled out their offerings with encryption. Over the past week, this has really come in handy.
The new design is defined using the SHA-2 algorithm. Specifically the SHA-512 implementation – the big daddy. After checking out the specification, and getting a mild case of code phobia, I decided to see if there was some help on the web. We are using a 24FJ-series microcontroller from Microchip. I did a quick spin through the Microchip website looking for encryption ap-notes or libraries. Unfortunately, their published libraries only covered algorithms through SHA-1. Things were looking grim – we were going to have to code up the SHA-2 from scratch. As a last gasp, I contacted Microchip directly through their normal tech support channel and asked if there was a SHA-512 ap-note I had not seen. They did NOT; however, they did have some beta code for an ap-note/library they are working on and they provided it to me.
I tried the Microchip SHA-512 algorithm out and spent about 10 hours with it, making sure everything worked with standard test vectors and with the test vectors from the back-end of the system we are interfacing to. Success! I was able to get this chunk of the design roughed in in about 20% of the time I was budgeting. Microchip really saved my bacon. I am really impressed with Microchip and their “above and beyond” approach. More on this project later.