HCC CryptoCoreTM Security & Encryption Suite
At HCC we believe that one of the biggest risks to security is software quality. Discussions about security tend to focus on algorithms or encryption and not on the real issue – quality. Large scale hacks of modern algorithms are almost unknown, it is poor quality that has caused the most significant security breaches to date. Software coding errors and defects in security algorithms and encryption allow security to simply be bypassed. This has resulted in high profile scandals such as Heartbleed, GnuTLS, SSL and many others which passed testing but failed disastrously. More testing is not a solution. The solution is to use a mature software process, similar to that used in the development of safety applications, to create robust software with evidence to back claims about quality.
HCC networking and security software is developed for embedded controllers and contains no open-source or third-party content.
CryptoCoreTM is HCC’s main encryption and security library, managed through HCC’s Embedded Encryption Manager (EEM). EEM provides a universal, high quality standard interface to any hardware or software cryptography implementation. This greatly simplifies the design process, makes software portable and allows use of either CryptoCore libraries or hardware accelerated algorithms on chips which provide them.
CryptoCore is available in two packages – CryptoCore Base and CryptoCore Pro. These packages are included with higher level security packages such as SNMP, TLS/DTLS, SSH etc. They can also be purchased independently to run on any embedded target.
CryptoCore Pro meets all the requirements for Suite B compliance. This includes
- Advanced Encryption Standard (AES) with key sizes of 128 and 256 bits.
- Elliptic Curve Digital Signature Algorithm (ECDSA) – digital signatures
- Elliptic Curve Diffie–Hellman (ECDH) – key agreement
- Secure Hash Algorithm 2 (SHA-256 and SHA-384)
MISRA Compliance & Portability
HCC software is all developed within our portable framework, called AEF, according to our internal coding rules. This means we can deploy our solutions on any MCU, RTOS or tool-chain. We adhere to one of the industry’s strictest coding standards using MISRA with no rules excepted. Any exceptions are done one at a time, signed off and explained in the documentation. A full MISRA compliance report generated by LDRA tools is provided. In addition, many of our components are available with detailed design documents, static and dynamic analysis and other quality life-cycle evidence.
Support for Encryption Hardware Acceleration
Thanks to HCCs modular Embedded Encryption Manager (EEM), all of HCCs software can seamlessly switch between running our CryptoCore software or using MCU hardware acceleration without any code changes. EEM provides a standard, efficient, MISRA compliant interface to manage all crypto functions.
CryptoCore Base: Base/Base64, DSS, 3DES, MD5, TIGER, RSA
|Base64||Base64||SMTP, SSH||Encode binary over text stream|
|DSS||DSS||TLS, IKE, SSH||Digital Signature|
CryptoCore Pro (Suite B): AES, SHA, EDH, ECC
|SHA||SHA1||IPSec, TLS, IKE||Hash|