While the Internet has become the norm for connecting and controlling embedded devices, it is inherently insecure. Embedded developers need to encrypt data interchanges to prevent unauthorized users from intercepting private data or gaining access to your devices and infrastructure.
SharkSSL Online Demo
Before developing our own secure sockets layer, we searched for a small, embedded SSL implementation. This proved impossible to find. The companies providing SSL products were either releasing solutions that were too expensive or too big for practical use in embedded devices. For example, the standard OpenSSL library is over 1 MB in size, a size totally unsuitable for embedded systems.
|
SharkSSL is an extremely compact SSL/TLS stack. It’s designed from the ground up to ensure completely secure communication and management of remote embedded devices and dedicated applications. Extremely small and boasting a transport-agnostic API, SharkSSL can be used in virtually any embedded device, ranging from 8- through 64-bit microcontrollers. To date, SharkSSL is the smallest SSL/TLS server on the market. |
SharkSSL Benchmark |
|
 |
SharkSSL standalone includes a specifically designed and optimized, C code SMTP library. The SMTP library makes it possible to send email messages via email servers that require encrypted communication. The library supports STARTTLS and SMTPS, ensuring compatibility with online services such as Google Mail and Hotmail. The SMTP library is delivered as a SharkSSL example and can easily be customized.
The Barracuda Application Server uses the SharkSSL server for secure (HTTPS) communication. The high level SMTP Library and the PikeHTTP client library uses the SharkSSL client when communicating with secure servers. The high level Secure Sockets API is integrated with the SharkSSL client and server, enabling designers to easily design custom secure protocols.
SharkSSL, with its assembly-optimized big integer library, also delivers record-breaking performance on processors without specialized crypto units. While keeping code size to a minimum, SharkSSL is capable of performing a private RSA operation in 100 ms on a Cortex-M3 running at 100 MHz, a speed 60 percent faster than competitors’.
Optimized to take advantage of encryption acceleration, SharkSSL achieves unmatched throughput on ColdFire, Kinetis K60, and all the Cortex-M3 and -M4 processors. Available as source code, SharkSSL code can be implemented on any processor off the shelf. The SharkSSL library has been successfully deployed on ARM, Freescale, and PowerPC-based FPGA architectures. Other processors and accelerators can be accommodated upon request.
Out-of-the-box operating system (OS) support includes INTEGRITY™, MQX™, SMX™, ThreadX™, VxWorks™, EBSnet™, rtplatform, uCLinux™, Linux and Windows™. It can also be used in bare-metal (no OS) configurations. Multi-threading is available for added performance when using an OS that supports multi-threading.
SharkSSL sizes (kB) obtained with IAR Embedded Workbench V5.4 (-Ohz optimization):
| Code combinations | ROM | RAM (2) |
|
Server-only TLS1.0 / TLS1.1 stack (1) library excluding AES and DES encryption software |
16 | 2 |
|
Client-only TLS1.0 / TLS1.1 stack (1) library excluding AES and DES encryption software |
19 | 2 |
|
Client+Server TLS1.0 / TLS1.1 stack (1) library excluding AES and DES encryption software |
21 | 2 |
| Symmetric Encryption Algorithms (3) | ROM | RAM |
| AES encryption software | 4.7 | - |
| DES/3DES encryption software (3) | 3.5 | - |