Re: X.509 certificates on small micros?



On Dec 17, 8:22 am, linnix <m...@xxxxxxxxxxxxxxxxxx> wrote:
On Dec 17, 7:21 am, larwe <zwsdot...@xxxxxxxxx> wrote:

On Friday, December 17, 2010 5:42:57 AM UTC-5, tum_ wrote:
I could try and give you some ballpark figures in regards to
performance if we're talkng about RSA operations on X509 certs.
However, I'm not familiar with 8-bit AVRs, I've worked with Z80-based
uC and a range of ARMs (ARM7 and ARM9).

That's fine - I'd just like an order of magnitude sort of idea of footprint and execution time (on both platforms if possible).

But - I'm not quite getting the idea I'm afraid - in the description
above is the "8-bitter" on the System A or System B? In other words,

The answer to this is "yes". In short, various Systems A and B already exist today, and they're currently 8-bit (mostly). I want to introduce this new certificate infrastructure, and will tinker with the "who does what" question to minimize the number of devices that need massive hardware upgrades. If it turns out we need to move to tiny ARMs on everything, that is doable, though - a small Cortex-M3 can be had for around $0.80 these days...

This might not be a problem for you, but for my customer.  USB Cortex-
M* still can't beat AVR in price.

Low-end AVR, to be exact.

There are also deployment issues. To ensure that no two keys are the
same, the firmware is compiled online and downloaded to the device by
distributors (usually, more sophisticated users). All the data are
also tracked and logged into a central database, with a gLAMP server.
We did it with AVR, but haven't done it with M0/M3, since gcc-arm is
not mature enough.

gLAMP: gnu Linux Apache MySQL PHP
.