Image
Makoto Endo
Makoto Endo
Principal Product Marketing Specialist

Develop security functions efficiently with free sample software

Free sample software "AESEA Sample Security Driver" will be officially released in October 2022 to support software development of security functions for RL78/F23, F24.

The sample software uses AESEA and TRNG circuits built into the Renesas in-vehicle 16-bit microcomputer RL78/F23, F24 and performs encryption/decryption processing based on the AES encryption algorithm. The security function can be used simply by incorporating it into the user application software, which greatly reduces development efforts. It also supports Smart Configurator, Renesas development tool.

* NDA is required to provide the "AESEA Sample Security Driver".

Image
Software structure of AESEA Sample Security Driver

Figure 1. Software structure of AESEA Sample Security Driver

Main Functions:

  1. AES ECB and CBC modes are processed by hardware.
  2. CMAC generation and verification of message data (Message authentication)
  3. Detects tampering with user application programs stored in Code Flash. (Secure Boot)
  4. Generates random number seeds, extends the seeds and gets pseudo-random numbers.

Customers who want to incorporate the security of Evita-light without experience or development resources can use the software for the actuator applications in the latest E/E architecture where new control mechanisms and security considerations are required.

Table 1. ROM, RAM, Stack size of the AESEA Sample Security Driver

  ROM (Byte) RAM (Byte) Stack (Byte)
CC-RL 9.8K 36 Max 334
IAR 10.8K 36 Max 342

Following countermeasures against threats to the actuator area are also perfectly supported.

Table 2. Examples of Threats to the actuator domain and countermeasures

Image
Example of Threats to the actuator domain and countermeasures

* For challenge and response, (4) is used to create challenge data, and (2) is used to create and confirm response data.

Following the AESEA Sample Security Driver, the security software libraries shown in Table 3 will be released in sequence. These are free security software that do not require a NDA contract and can be used not only with RL78/F23, F24 but also with existing RL78/F13, F14, F15. Security processing can be performed efficiently with an in-vehicle 16-bit microcomputer.

*Libraries for RL78/F13, F14 will target products with 8KB or more RAM.

Table 3. Security software library

Item Description Release
Alpha version Official version
SHA-256/384/512 Software library for calculating hash values Output 256/384/512 bit message digest 2022/9 2023/2
RSA-2048/3072 Software library for signature generation and verification of RSASSA-PKCS1-V1.5 with key length of 2048/3072 bit 2022/9 2023/2
ECDSA
(Verification only)
Software library for signature verification using elliptic curve digital signature algorithm 2023/7 2023/12

In the case of cryptographic algorithms that do not use a common key or secret key, the processing speed is slow, but the software is device-independent and has a high degree of freedom. If a coprocessor or the like is installed in a product and a vulnerability is found, it will cost a huge amount of effort to fix it.

Remarks: Free sample software has no warranty and no support.

Easy to start security with Renesas Solution Starter Kit for RL78/F23, F24

A Renesas Solution Starter Kit (RSSK) bundled with the free sample software (AESEA Sample Security Driver) introduced in Part.1 will be built. It enables software development of security functions while checking the actual operation and results on the actual board and GUI software.

Image
RL78/F24 Security RSSK Development Schedule

Figure 2. RL78/F24 Security RSSK Development Schedule

Security RSSK ver.1 is planned to be released in early 2023 at first. It allows encryption/decryption and key registration using RL78/F24 target board and terminal software only for users who have signed NDA.

Figure 3 shows an image of Security RSSK ver.1. Connecting the serial data transmission (TxD) / reception (RxD) of RL78/F24 to the PC with a serial USB conversion cable, etc., and using terminal software on the PC to support software development of security functions.

Image
Image of software development using Security RSSK ver.1

Figure 3. Image of software development using Security RSSK ver.1

Security RSSK ver.2 will be released around October 2023 as the second step. It is a set of dedicated security board and GUI. Security RSSK ver.2 enables security functions such as encryption/decryption, secure boot, key registration, random number generation, and challenge & response to be executed with GUI operations. Beginners of security applications can use it to study security functions. Therefore, users who have not signed an NDA will be able to use it with some functional restrictions (for example, usage of challenge and response for authentication function).

Figure 4 shows the block diagram of Security RSSK ver.2. CAN-FD/CAN, debug and USB interfaces, as well as output/display LED, LCD, and speaker are prepared. Flash memory is used for reprogramming and as a user program storage area if an NDA is not signed.

Image
Block diagram of Security RSSK ver2

Figure 4. Block diagram of Security RSSK ver2

Table 4 shows the main functional differences between with and without an NDA. Note that functional restrictions can be removed after signing an NDA.

Table 4. Functional differences with and without an NDA

Item With NDA Without NDA
Debug function Available Not available
Option Byte Configurable Not configurable (Fixed value)
Key/Data length No limit Limited
Secure Boot No limit Limited

Figure 5 shows the GUI image of the key calculation tool based on SHE, which is one of the GUI images of Security RSSK ver.2. Current key storage status can also be displayed in the GUI.

Image
GUI image of key calculation tool based on SHE

Figure 5. GUI image of key calculation tool based on SHE

The development of Security RSSK is ongoing. The content and schedule are subject to change as it is still in the planning stage. We hope that it can be adapted to various needs, such as those who want to develop software efficiently even with limited security knowledge and/or resources, or who just want to use security functions or just for study.

If you are interested, please contact your local Renesas sales representative.

Share this news on

Log in or register to post comments

Share this news on