• Stars
    star
    149
  • Rank 248,619 (Top 5 %)
  • Language
    C
  • License
    Other
  • Created over 11 years ago
  • Updated over 11 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A very small ECC implementation for 8-bit microcontrollers

nano-ecc

A very small ECDH and ECDSA implementation for 8-bit microcontrollers.

Based on kmackay's micro-ecc, a small ECDH and ECDSA implementation for 32-bit microcontrollers. For more information see https://github.com/kmackay/micro-ecc

Features

  • Resistant to known side-channel attacks.
  • Written in C, with optional inline assembly forthcoming
  • Small code size: ECDH in as little as 6KB, ECDH + ECDSA in as little as 7KB
  • No dynamic memory allocation.
  • Reasonably fast: on an ATmega328P at 16MHz (AVR, 2-cycle 8x8 bit multiply), 192-bit ECDH shared secret calculation takes about 4034ms
  • Support for 4 standard curves: secp128r1, secp192r1, secp256r1, and secp384r1
  • BSD 2-clause license.

Usage Notes

Integer Representation

To reduce code size, all large integers are represented using little-endian bytes - so the least significant bytes is first. For example, the standard representation of the prime modulus for the curve secp128r1 is FFFFFFFD FFFFFFFF FFFFFFFF FFFFFFFF; in nano-ecc, this would be represented as uint8_t p[16] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff 0xff, 0xff, 0xff, 0xff 0xff, 0xfd, 0xff, 0xff, 0xff};.

You can use the ecc_bytes2native() and ecc_native2bytes() functions to convert between the native byte representation and the standardized octet representation.

Generating Keys

You can use the makekeys program in the apps directory to generate keys (on Linux or OS X). You can run make in that directory to build for your native platform. To generate a single public/private key pair, run makekeys. It will print out the public and private keys in a representation suitable to be copied into your source code. You can generate multiple key pairs at once using makekeys <n> to generate n keys.

Using the Code

I recommend just copying (or symlink) ecc.h and ecc.c into your project. Then just #include "ecc.h" to use the nano-ecc functions.

See ecc.h for documentation for each function.

Speed and Size

Available optimizations are:

  • ECC_ENABLE_DSA - Set to 0 to avoid including any DSA-related code.
  • ECC_SQUARE_FUNC - Use a separate function for squaring.
  • ECC_ASM - Choose the type of inline assembly to use. Currently only ecc_asm_none is available. In the near future we plan to provide ecc_asm_avr and ecc_asm_8051.

Comprehensive code size and performance analysis are forthcoming.

More Repositories

1

ios-ssl-kill-switch

Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS Apps
Objective-C
894
star
2

Introspy-iOS

Security profiling for blackbox iOS
Objective-C
725
star
3

Android-SSL-TrustKiller

Bypass SSL certificate pinning for most applications
Java
704
star
4

sslyze

Current development of SSLyze now takes place on a separate repository
Python
644
star
5

jailbreak

Jailbreak
C++
472
star
6

Introspy-Android

Security profiling for blackbox Android
Java
464
star
7

android-ssl-bypass

Black box tool to bypass SSL verification on Android, even when pinning is used.
Java
314
star
8

yontma-mac

You'll Never Take Me Alive!
Objective-C
233
star
9

ssl-conservatory

Sample SSL client code for correct endpoint validation.
Objective-C
232
star
10

Introspy-Analyzer

JavaScript
213
star
11

LibTech-Auditing-Cheatsheet

Python
198
star
12

Android-OpenDebug

Make any application debuggable
Java
132
star
13

jailbreak-Windows

Certificate extraction tool for Windows
125
star
14

tlspretense

A test framework for testing SSL/TLS client certificate validation.
Ruby
95
star
15

yontma

You'll never take me alive.
C++
85
star
16

Android-KillPermAndSigChecks

Bypass signature and permission checks for IPCs
Java
82
star
17

publications

iSEC Partners' research publications
C++
76
star
18

RtspFuzzer

RTSP network protocol fuzzer
Python
64
star
19

femtocatcher

Java
54
star
20

manifest-explorer

A tool for viewing Android application Manifests.
Java
48
star
21

fuzzbox

A multi-codec media fuzzing tool.
Python
42
star
22

scout

AWS EC2 and S3 Security Auditing Tool
Clojure
41
star
23

dnsRedir

Python
38
star
24

R2B2

A brute-forcing delta robot
Python
27
star
25

PeachFarmer

A log collector for Peach fuzzing in the cloud
C#
27
star
26

vtfinder

pykd script to dynamically find vtables on heap (windows x86/x64)
Python
24
star
27

sqlperms

A tool for calculating necessary SQL Server permissions
C#
23
star
28

package-play

Tool for viewing Android package details, including permissions, services, activities, and more.
Java
22
star
29

libshambles

A library for efficient interception of established TCP connections
C++
19
star
30

hiccupy

Jython binding for Burp to facilitate realtime traffic analysis and modification using simple plugins.
Java
14
star
31

ZigTools

C
11
star
32

ccs-testing-tool

9
star
33

samlpummel

A BeanShell plugin for WebScarab to automate SAML auditing.
Java
8
star
34

gizmo

A graphical web proxy written in Java. It is designed to be speedy, with the user interfaced centered around keyboard use. It should do what you want, and then get out of your way.
Java
8
star
35

extractparam

Java
7
star
36

SecureNSCoder

NSKeyed(Un)ArchiverDelegate implementation to encrypt state prior to preservation and decrypt it when restoring.
Objective-C
6
star