GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → rvkrypto → rvkrypto-fips

rvkrypto / rvkrypto-fips

Licence: other
FIPS and higher-level algorithm tests for RISC-V Crypto Extension

Programming Languages

c
50402 projects - #5 most used programming language
Makefile
30231 projects

Labels

aessha2riscvsha3riscv-crypto

Projects that are alternatives of or similar to rvkrypto-fips

Jsrsasign
The 'jsrsasign' (RSA-Sign JavaScript Library) is an opensource free cryptography library supporting RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp, CAdES JSON Web Signature/Token in pure JavaScript.
Stars: ✭ 2,760 (+15233.33%)
Mutual labels:  aes, sha2
Cryptography-Guidelines
Guidance on implementing cryptography as a developer.
Stars: ✭ 15 (-16.67%)
Mutual labels:  sha2, sha3
iroha-ed25519
RFC8032 compatible Ed25519 implementation with pluggable hash (sha2-512, sha3-512)
Stars: ✭ 28 (+55.56%)
Mutual labels:  sha2, sha3
Cryptoswift
CryptoSwift is a growing collection of standard and secure cryptographic algorithms implemented in Swift
Stars: ✭ 8,846 (+49044.44%)
Mutual labels:  aes, sha3
SHA.jl
A performant, 100% native-julia SHA1, SHA2, and SHA3 implementation
Stars: ✭ 35 (+94.44%)
Mutual labels:  sha2, sha3
yarvi
Yet Another RISC-V Implementation
Stars: ✭ 59 (+227.78%)
Mutual labels:  riscv
aes
Fast constant-time AES implementations on 32-bit architectures
Stars: ✭ 44 (+144.44%)
Mutual labels:  aes
chat-diffie-hellman
A secure chat between an Android client and Java server using AES for encryption and Diffie-Hellman for key exchange.
Stars: ✭ 26 (+44.44%)
Mutual labels:  aes
cortexm-AES
high performance AES implementations optimized for cortex-m microcontrollers
Stars: ✭ 18 (+0%)
Mutual labels:  aes
padre
Blazing fast, advanced Padding Oracle exploit
Stars: ✭ 35 (+94.44%)
Mutual labels:  aes
abrute
Multi-threaded AES Brute Force File Decryption
Stars: ✭ 22 (+22.22%)
Mutual labels:  aes
webcrypto
A WebCrypto Polyfill for NodeJS
Stars: ✭ 111 (+516.67%)
Mutual labels:  aes
ravel
A RISC-V simulator
Stars: ✭ 24 (+33.33%)
Mutual labels:  riscv
ngx http hmac secure link module
HMAC Secure Link module for NGINX.
Stars: ✭ 47 (+161.11%)
Mutual labels:  sha3
fedar-f1-rv64im
5-Stage Pipelined RV64IM RISC-V CPU design in Verilog.
Stars: ✭ 131 (+627.78%)
Mutual labels:  riscv
hash-wasm
Lightning fast hash functions using hand-tuned WebAssembly binaries
Stars: ✭ 382 (+2022.22%)
Mutual labels:  sha3
riscv em
Simple risc-v emulator, able to run linux, written in C.
Stars: ✭ 51 (+183.33%)
Mutual labels:  riscv
pulp soc
pulp_soc is the core building component of PULP based SoCs
Stars: ✭ 43 (+138.89%)
Mutual labels:  riscv
Net-Core-JS-Encryption-Decryption
A library to encrypt / decrypt with AES (Rijndael) between C# Net Core and JavaScript and securely hash with Scrypt
Stars: ✭ 17 (-5.56%)
Mutual labels:  aes
tinyaes-py
tiny-AES-c wrapper in Cython
Stars: ✭ 33 (+83.33%)
Mutual labels:  aes
View All Similar Projects ➔

rvkrypto-fips

Algorithm tests for RISC-V Crypto Extension.

2021-02-14 Markku-Juhani O. Saarinen [email protected]

2021-11-04 Updated to post-arch review 1.0rc5.

2022-02-03 Removed most intrinsics for Zbkb.

Information and recommendations here are unofficial and under discussion in the CETG.

This repo currently provides RISC-V Cryptographic Extensions implementations of AES-128/192/256, GCM, SHA2-256/384, SHA3, SM3, SM4, PRESENT algorithms for RV32-K and RV64-K scalar targets. Together with primary test vectors in test/test_*.c, the implementations allow bare metal architectural self-testing of the scalar crypto extension, which is the first part of the Krypto extension reaching "stable" status.

After intrinsics are agreed and initial testing succeeds, we can start pushing RV Krypto optimizations into FIPS 140-3 OpenSSL and other open source middleware.

NOTE.

I'm expanding this repo to cover more test vectors and other FIPS 140-3 algorithm validation information. I am not an accredited testing laboratory, nor is RISC-V International, so all information herein should be seen just as a well-intentioned sharing of breadcrumbs of information and experiments without any warranty whatsoever. However, this repo is a freely licensed contribution to RISC-V work by a member.

Cheers, - markku

(Cross) Compiling

If you have a RISC-V compiler and spike emulator with 1.0 Scalar Crypto Extension, try:

make -f rv32.mk

or

make -f rv64.mk

for 32-bit and 64-bit RISC-V ISAs, respectively. This will create the xtest test binary and execute it on spike. Add xtest as the target to build the test binary only.

Currently the makefile uses inline assembler mappings.

Proposed Krypto Intrinsics

Please see riscv_crypto.md for information about the proposed compiler builtins and intrinsics in riscv_crypto.h.

You may enable inline assembler with flag RVKINTRIN_ASSEMBLER -- then the intrinsics are defined using rvk_asm_intrin.h.

Intrinsics emulation on other ISA

You can also compile the tests natively on a non-RV host with simple make if you uncomment the line in Makefile:

CFLAGS	+=	-DRVKINTRIN_EMULATE=1 -DRVKINTRIN_RV32 -DRVKINTRIN_RV64

This uses emulation header in rvk_emu_intrin.h, which in turn requires helper tables in rvk_emu_intrin.c.

To execute, just run xtest:

$ ./xtest 
[INFO] === AES32 ===
[PASS] AES-128 Enc 69C4E0D86A7B0430D8CDB78070B4C55A
[PASS] AES-128 Dec 00112233445566778899AABBCCDDEEFF
(...)
[INFO] RVKAT self-test finished: PASS (no errors)

Background for RISC-V FIPS 140-3

RISC-V encourages the use of standardized cryptography. Through vendor compliance with cryptographic implementation standards, such as FIPS 140-3 and Common Criteria Protection Profiles, users can manage risks and choose appropriate RISC-V processor products for security applications.

The FIPS 140-3 validation program CMVP and its automated ACVP mechanism offer a route to perform cost-effective base-level algorithm validation for the FIPS-defined cryptographic algorithms, such as AES (FIPS 197), SHA-2 (FIPS 180-3), SHA-3 (FIPS 202), and their modes.

FIPS is a requirement in some industries and for US Federal IT sales. FIPS algorithm testing (ACVP) satisfies a functional requirement that is a part of more stringent protection profiles of dedicated security products.

Certification and Self-Certification

Algorithm testing is just a part of a wider cryptographic module testing process that leads to FIPS or CC certification.

The certified module ("IUT") can be the RISC-V processor or coprocessor itself, but more often is some derived device or product. Appropriate standards-aware engineering, self-certification, and evidence of FIPS compliance help a RISC-V vendor "sell" their IP to a security vendor wishing to build a cryptographic module.

The actual post-engineering validation process additionally involves an accredited testing lab and a national certification body -- NIST (USA) CCCS (Canada) for most typical FIPS certification, NIAP for National Security Systems, BSI in Germany, ANSSI in France, etc.

Side-Channels and Entropy Sources for Cryptographic Use

While basic algorithm testing can be largely automated, vendors are very likely to need cryptographic security specialists when:

  • Designing entropy sources for the Zkr, which is CSR part of Scalar Crypto or
  • Designing implementations for side-channel (non-invasive) security.

(This repo does not contain material related to entropy sources yet.)

Entropy sources are easy to get wrong as the product will "work" regardless of the quality of cryptographic keys. Automated testing alone is not sufficient to satisfy SP 800-90B or AIS-31 PTG.2 requirements. These certification processes require additional evidence about matters such as noise source entropy justification, appropriateness of conditioning components, and health testing.

Side-channel claims must also be independently verified. In a Common Criteria setting, this is often done by evaluating attack potential in a laboratory setting against a specific protection profile (PP).

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].