Open Source Security Libraries                                         

To Secure Data in Transit and Rest

Introduction

Arm contributes to various open source projects that enable applications to establish secure network connections and protect the confidentiality and integrity of software and data on devices. The contributions include implementing new protocols, cryptographic algorithms, Arm architecture support and optimizations. The projects include

Mbed TLS: It is an SSL/TLS and cryptography library widely used by embedded devices. It includes X.509 and cryptography support. The cryptographic library implements the PSA Crypto APIs and allows integration with Secure Elements and Cryptographic accelerators via. the PSA Cryptoprocessor Driver Interface. The project is part of the open source community project trustedfirmware.org. The project is licensed under Apache 2.0.

The source code can be found here. Please visit the project site for further details. Use the mailing list if you have any questions or feedback.

OpenSSL: Provides an opensource toolkit for SSL and TLS protocols. It also provides a cryptographic library and is licensed under the Apache 2.0 license. The source code can be found here. Arm has contributed towards optimizing various ciphers for improved performance on Arm devices. List of optimized ciphers can be found in Table1.

ISA-L: Intel(R) Intelligent Storage Acceleration Library provides optimized low level routines for storage applications targeting data centers. The routines include fast erasure codesdata integrity & protection, compression, hashing and encryption. Arm has contributed towards optimizing some of these routines for Arm systems as shown in Table2.

intel-ipsec-mb: Intel(R) Multi-Buffer Crypto for IPsec Library provides a multi buffer crypto implementation targeting packet processing applications. Source code can be found here. A pull request has been raised for aarch64 support and SNOW3G aarch64 implementation. See link in Table3.

Contact support@arm.com for any inputs on Open SSL, ISA-L and intel-ipsec-mb contributions or related projects,


Table1: Optimized OpenSSL Algorithms

Cipher  Version Github Link 
 AES-GCM  openssl-3.0.0-alpha1  https://github.com/openssl/openssl/blob/master/crypto/modes/asm/aes-gcm-armv8_64.pl
 AES-XTS  openssl-3.0.0-alpha9  https://github.com/openssl/openssl/blob/master/crypto/aes/asm/aesv8-armx.pl
 AES-ECB  openssl-3.0.0-alpha1 https://github.com/openssl/openssl/blob/master/crypto/aes/asm/aesv8-armx.pl
 RSA  openssl-3.0.0-alpha17   https://github.com/openssl/openssl/blob/master/crypto/bn/asm/armv8-mont.pl


Table2: Optimized ISA-L Algorithms

 Algorithm  Version  Github Link 
 AES-XTS  TBD https://github.com/intel/isa-l_crypto/tree/master/aes/aarch64 
 Multihash SHA1-Murmur3  TBD https://github.com/intel/isa-l_crypto/tree/master/mh_sha1_murmur3_x64_128/aarch64 
 Multihash SHA1 (SIMD Enhanced)  TBD  https://github.com/intel/isa-l_crypto/tree/master/mh_sha1/aarch64
 AES-CBC  TBD  https://github.com/intel/isa-l_crypto/tree/master/aes/aarch64
 AES-GCM  v2.24.0  https://github.com/intel/isa-l_crypto/tree/master/aes/aarch64
 Multibuffer SHA1  v2.23.0  https://github.com/intel/isa-l_crypto/commits/master/sha1_mb/aarch64
 Multibuffer SHA256  v2.23.0 https://github.com/intel/isa-l_crypto/tree/master/sha256_mb/aarch64 
 Multibuffer SHA512  v2.23.0 https://github.com/intel/isa-l_crypto/tree/master/sha512_mb/aarch64 
 Multibuffer SM3  v2.23.0 https://github.com/intel/isa-l_crypto/tree/master/sm3_mb/aarch64 
 Rolling Hash  v2.23.0 https://github.com/intel/isa-l_crypto/tree/master/rolling_hash/aarch64 
 MultiHash SHA1  v2.23.0 https://github.com/intel/isa-l_crypto/tree/master/mh_sha1/aarch64 
 MultiHash SHA256  v2.23.0 https://github.com/intel/isa-l_crypto/tree/master/mh_sha256/aarch64
 Multibuffer MD5  v2.23.0  https://github.com/intel/isa-l_crypto/tree/master/md5_mb/aarch64
 CRC16 T10DIF  v2.27.0 https://github.com/intel/isa-l/tree/master/crc/aarch64 
 CRC32 GZIP  v2.27.0 https://github.com/intel/isa-l/tree/master/crc/aarch64 
 CRC32 ISCSI  v2.27.0 https://github.com/intel/isa-l/tree/master/crc/aarch64 
 CRC32 IEEE  v2.27.0 https://github.com/intel/isa-l/tree/master/crc/aarch64 
 CRC64 ECMA  v2.27.0 https://github.com/intel/isa-l/tree/master/crc/aarch64 
 CRC64 ECMA REFL  v2.27.0 https://github.com/intel/isa-l/tree/master/crc/aarch64 
 CRC64 ISO  v2.27.0 https://github.com/intel/isa-l/tree/master/crc/aarch64 
 CRC64 JONES  v2.27.0 https://github.com/intel/isa-l/tree/master/crc/aarch64 
 IGZIP  v2.29.0 https://github.com/intel/isa-l/tree/master/igzip/aarch64 
 MEM Zero detect  v2.27.0 https://github.com/intel/isa-l/tree/master/mem/aarch64
 RAID  v2.27.0 https://github.com/intel/isa-l/tree/master/raid/aarch64