project-chip / connectedhomeip

Matter (formerly Project CHIP) creates more connections between more objects, simplifying development for manufacturers and increasing compatibility for consumers, guided by the Connectivity Standards Alliance.
https://buildwithmatter.com
Apache License 2.0
7.48k stars 2.01k forks source link

Figure out whether we can use micro-ecc as a backend for our CryptoPal #8487

Open bzbarsky-apple opened 3 years ago

bzbarsky-apple commented 3 years ago

Problem

We don't have a micro-ecc backend for our crypto PAL

Proposed Solution

Maybe we should.

bzbarsky-apple commented 3 years ago

I should note that micro-ecc does not provide all the bits our crypto PAL needs (e.g. does not include hashing), so we would need to see what we do with that.

tcarmelveilleux commented 3 years ago

Yes, micro-ecc is not enough. You need another library such as libsodium or tinycrypt that provides the missing primitives

tcarmelveilleux commented 3 years ago

Note that many cryptographic primitives back-ends do not necessarily protect against side-channel attacks. Tinycrypt for instance, does not claim to be fully side-channel-attack-resistant on all platforms, for all algorithms, as this adds complexity.

I would argue that the easiest way to reduce size of the crypto library is to make it as straightforward as possible for an implementer to completely replace the implementation. This is mostly possible already, but BUILD.gn enforces using either the built-in backend of OpenSSL or mbedTLS and does not allow alternate choice (e.g. "custom back-end, irrespective of library used")

emargolis commented 3 years ago

micro-ecc is sufficient to implement all the ECC functions in CryptoPal. Other crypto primitives can be taken from libraries like libsodium or tinycrypt (which by the way uses micro-ecc).

The only component for which we may need a custom implementation is the CSRReq.

from Intel is also using micro-ecc and adds AES-CCM, HMAC and SHA256

bzbarsky-apple commented 3 years ago

and does not allow alternate choice (e.g. "custom back-end, irrespective of library used")

Maybe we should just focus on this part, then.

And yes, I did also see some worries about how micro-ecc handles side-channel attacks....

stale[bot] commented 2 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.

stale[bot] commented 2 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.

stale[bot] commented 1 year ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.

stale[bot] commented 1 year ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.