Real Time Logic, device web server and security specialist, now supports TLS 1.2 with its improved security and encryption in the latest version of SharkSSL, a compact, fast cryptographic engine that delivers high-performance security. With this release, SharkSSL Version 2.5 extends its secure connectivity for resource-constrained, small-footprint processors to low-cost, high-volume ASIC-powered M2M devices commonly used in large-scale networks for municipal utility monitoring, medical record transmission, secure building access and monitoring, and smart grid frameworks where secure message passing is essential.
Although TLS has become the defacto standard for information and communication standards at the desktop and enterprise level, in a February 11, 2013 press release, ABIresearch noted the "porous security" of M2M applications threatens to "throttle the successful adoption of M2M in healthcare, industrial installations, and consumer homes."
SharkSSL addresses this gap, bringing full end-to-end security to device communications with proprietary software that enables developers to optimize their security implementation for size or speed. As suppliers gear up to address the new high-volume opportunities in the M2M market, Real Time Logic’s encryption libraries are highly optimized to address the Gbps challenge inherent in the most demanding ASIC-driven applications. SharkSSL delivers very high bandwidth, while offering both client and server side support for security certificates, certificate chains, and certificate authority validation.
In integrating TLS 1.2 into SharkSSL, Real Time Logic implements the stronger cryptographic algorithm, improved encryption, and superior message authentication proven to secure TCP/IP communications at the enterprise level into the small, resource-constrained footprint of an embedded device. SharkSSL implements the new Secure Hash Algorithm-256 (SHA-256), which replaces outdated hash functions and can be used to verify the integrity of copies of the original data without compromising the source.
The latest version of SharkSSL also supports the internationally adopted Advanced Encryption Standard (AES) and Galois/Counter Mode (GCM)—technologies that combine message encryption and authentication into a single function that can be transferred at high throughput rates by taking advantage of the parallel processing of the architecture. Fine-tuned to take advantage of hardware functionality, SharkSSL offloads encryption libraries to crypto units on high-bandwidth platforms commonly found in ASICs or processors such as Freescale’s ColdFire or Kinetis K60.
"With projections indicating that the M2M market will be worth $198 million by the end of 2018, high-volume ASIC devices will underlie much of the infrastructure that we depend on," noted Wilfred Nilsen, CEO, Real Time Logic. "With the increasing threat of cyberattack, it is critical that we secure this infrastructure at the device level in order to ensure that all possible avenues for exploitation have been secured. By SharkSSL delivering not only this level of security, but also the high throughput now demanded by the most advanced applications, it addresses many of the critical pain points OEMs struggle to meet today."
The new SharkSSL, with its assembly-written big integer library, also delivers record-breaking performance on processors without specialized crypto units. While keeping code size to a minimum, SharkSSL V2.5 is capable of performing a private RSA operation in 100 ms on a Cortex-M3 running at 100 MHz, a speed 60 percent faster than competitors.
SharkSSL includes a specifically designed and optimized, C code SMTP library. The SMTP library makes it possible to send email messages via email servers that require encrypted communication. The library supports STARTTLS and SMTPS, ensuring compatibility with online services such as Google Mail and Hotmail. For companies where a TLS/SSL stack is not required, Real Time Logic offers a stripped down version of SharkSSL called RayCrypto. RayCrypto includes cryptographic libraries supporting authentication and encryption algorithms.
Optimized to take advantage of encryption acceleration, SharkSSL achieves unmatched throughput on ColdFire, Kinetis K60, and all the Cortex-M3 and -M4 processors. Available as source code, SharkSSL code can be implemented on any processor off the shelf. The SharkSSL library has been successfully deployed on ARM, Freescale, and PowerPC-based FPGA architectures. Other processors and accelerators can be accommodated upon request.
Out-of-the-box operating system (OS) support includes INTEGRITY™, MQX™, SMX™, ThreadX™, VxWorks™, EBSnet™, rtplatform, uCLinux™, Linux, and Windows™. It can also be used in bare-metal (no OS) configurations. Multi-threading is available for added performance when using an OS that supports multi-threading.
SharkSSL V2.5 is available immediately and comes with full source code and royalty-free licenses.