Authenticated Encryption for the MSP430

This is the software for the paper “High Speed Implementation of Authenticated Encryption for the MSP430X Microcontroller“. It provides the block cipher AES with 128-bit keys and the authenticated encryption ciphers CCM, GCM, SGCM, Hummingbird-2, MASHA and OCB3. There are two backends availabe, one is portable and written in C, and another is tailored for the MSP430X microcontroller. The code uses the RELIC toolkit and may be integrated with it in the future.


Download source code.

Beware: some of the algorithms (in particular, Hummingbird-2, MASHA and OCB3) may be patented in your country.

Building using the IAR Embedded Workbench

Extract and configure:

cd relic
#edit preset/ and add the following parameters after "cmake": -G "Unix Makefiles"
mkdir -p build/authenc
cd build/authenc
../../ ../..

Create or open a IAR workspace. Click Project > Add Existing Project. Select relic_authenc_5.20.ewp or relic_authenc_5.30.ewp depending on your IAR version. If its newer, you can import one of those and it will be converted. If it is older, you’ll have to work around it (open the project file to find out which files and flags to use in your project).

There are three programs in the source tree: test_bc.c, test_ac.c and bench_ac.c. Only one of those can be active, since they all have main functions. You can comment out two of them by changing the “#if 1” to “#if 0” in the top of the files.

Compile and execute!

Building using MSPGCC

Right now the MSP430X-specific code does not work with MSPGCC. It can be ported with some work, and I’ll probably do it in the near future…

Building using GCC

You can build the portable version of the library with the following steps. Check the RELIC documentation for more information on the building process.

cd relic
mkdir -p build/authenc
cd build/authenc
#On Windows, choose a generator in the next command using -G. Check the CMake documentation.
#Choose the word size using the -DWORD specifier.
ctest -R test


You can use the default authenticated cipher by using the function ac_key (sets the key), ac_init (sets the IV; call at the start of a new message); ac_data (input additional data to be authenticated / verified, but no encrypted / decrypted); ac_enc (encrypt a block) and ac_dec (decrypt a block). For more detail on the API, check the include/relic_ac.h file, or the test/test_ac.c for examples.

The above functions use the default AC method, see AC_METHD below. You can use a specific method using, e.g., ac_gcm_key, ac_gcm_init, ac_gcm_enc and so on.

In addition to the RELIC build options, this code adds the following options:

BC_METHD: the block cipher method used by authenticated ciphers based on block ciphers. Right now only AES128 is supported (AES with 128-bit key).

BC_SPLIT: adds support for split encryption. This changes the API so that the block cipher encryption and decryption is split into two parts. See the next option.

BC_SINGL: this indicates that only one encryption or decryption can be carried out simultaneously. This is the case when, e.g. a hardware accelerator is used. When using the MSP430X backend, activating this option will enable the usage of the MSP430 AES acceleration. Together with BC_SPLIT, this enhances the performance of authenticated ciphers based on block ciphers, as described in the paper.

AC_METHD: choose the default AC method: CCM, CCFBH, GCM, HB2, MASHA or OCB3. This is useful if you want to build an application which can use any AC method; the API will be the same for any of them, and you can change the method by changing AC_METHD.

AC_GCM_REFLC: uses the reflect trick in GCM. May increase or decrease performance.

AC_GCM_SGCM: transforms GCM into SGCM (the function names stay the same). Kinda ugly workaround, will try to improve later :P