- mbed-tls - lists.trustedfirmware.org

by Hulshof, Robert

All, Not sure if this is the right audience (If it is not let me know if there is a better place to ask the following question) We have been looking at future security requirements for CPE devices, and we think that we need the following functionality that is currently not really available in the current crypto libraries. - Support for Quantum computing secure algorithms (Post Quantum of PQ algorithms) - Support for Hybrid keys ( PQ plus Classic algorithm), preferable in any configuration. - Modularized public key crypto algorithms implementation, to simplify adding new algorithms - Updating public key architecture to simplify off-loading private key operations to a Trusted Execution environment or other security HW. We initially looked at openssl, but found the openssl difficult to work with, so we decided to look at Mbedtls, which has a more lightweight design. We modified the mbedtls 'pkey' code to make it more modularized (building on the pkwrap design), and added to support for Hybrid keys, which was relatively easy to do. Updating the TLS library to support hybrid keys has however been a big challenge. The TLS code is very interwoven with the 'pkey' code, and seems to have almost unique implementation for each type of key, making it difficult to follow and modify. Adding support for other (PQ) algorithms within that design will be challenge. Before spending too much time on this we would like to know if there is an interest in the MBEDTLS community for a redesign of the code to support hybrid keys, PQ algorithms and modularized public key architecture. Thanks, Robert E-MAIL CONFIDENTIALITY NOTICE: The contents of this e-mail message and any attachments are intended solely for the addressee(s) and may contain confidential and/or legally privileged information. If you are not the intended recipient of this message or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message and any attachments. If you are not the intended recipient, you are notified that any use, dissemination, distribution, copying, or storage of this message or any attachment is strictly prohibited.

3 years, 4 months

2
1
0 0

MBed TLS Technical Forum - reminder

by don.harbin＠linaro.org

Hi All, A gentle reminder that the US-Europe timezone-friendly MBest TLS Tech forum is next Monday. If you have any topics, please let Dave Rodgman know. :) Best regards, Don Title: MBed TLS Technical Forum Trusted Firmware is inviting you to a scheduled Zoom meeting. Topic: MBed TLS Technical Forum Time: Oct 25, 2021 04:30 PM London Every 4 weeks on Mon, 20 occurrence(s) Oct 25, 2021 04:30 PM Nov 22, 2021 04:30 PM Dec 20, 2021 04:30 PM Jan 17, 2022 04:30 PM Feb 14, 2022 04:30 PM Mar 14, 2022 04:30 PM Apr 11, 2022 04:30 PM May 9, 2022 04:30 PM Jun 6, 2022 04:30 PM Jul 4, 2022 04:30 PM Aug 1, 2022 04:30 PM Aug 29, 2022 04:30 PM Sep 26, 2022 04:30 PM Oct 24, 2022 04:30 PM Nov 21, 2022 04:30 PM Dec 19, 2022 04:30 PM Jan 16, 2023 04:30 PM Feb 13, 2023 04:30 PM Mar 13, 2023 04:30 PM Apr 10, 2023 04:30 PM Please download and import the following iCalendar (.ics) files to your calendar system. Weekly: https://linaro-org.zoom.us/meeting/tJEkceuurT4sGdaksikbUn6FARB9Kuk3ac2o/ics… Join Zoom Meeting https://linaro-org.zoom.us/j/95962635632?pwd=STFkQVltejAzRDJ6NmoxZjhmZC9RUT… Meeting ID: 959 6263 5632 Passcode: 018366 One tap mobile +13462487799,,95962635632# US (Houston) +16699009128,,95962635632# US (San Jose) Dial by your location +1 346 248 7799 US (Houston) +1 669 900 9128 US (San Jose) +1 253 215 8782 US (Tacoma) +1 312 626 6799 US (Chicago) +1 646 558 8656 US (New York) +1 301 715 8592 US (Washington DC) 877 853 5247 US Toll-free 888 788 0099 US Toll-free Meeting ID: 959 6263 5632 Find your local number: https://linaro-org.zoom.us/u/aewUpnQu5y When: Mon Feb 14, 2022 9:30am – 10:30am Mountain Standard Time - Phoenix Who: * Don Harbin - creator * psa-crypto(a)lists.trustedfirmware.org * mbed-tls(a)lists.trustedfirmware.org * nnac123(a)gmail.com

3 years, 4 months

1
0
0 0

mbedTLS Question

by SHIRLEY Murray

Hello, I am evaluating the mbedTLS library and trying to create a build with Visual Studio 2010, but I am encountering errors. Below are the steps I have taken: 1. Downloaded "mbedtls-3.1.0.zip" and extracted the contents to my Windows 10 computer. 2. Run Visual Studio 2010 and open the solution "mbedTLS.sln" in the folder "mbedtls-3.1.0\visualc\VS2010". 3. Select the "mbedTLS" project and select "Rebuild Only mbedTLS". This is for the Release configuration targeting Win32. 4. During the build process multiple errors are encounter, which seem to be related to Visual Studio's limited C Compiler support. The build output is attached. Am I missing any steps for configuring the solution or project? I was under the impression that mbedTLS offered support for compiling with Visual Studio 2010? Any help that you can provide would be greatly appreciated. Best regards, Murray Shirley, P.Eng. MicroSurvey Software, Inc. (250) 707-0000 murray.shirley(a)microsurvey.com<mailto:murray.shirley@microsurvey.com>

3 years, 4 months

2
1
0 0

TLS Only for Data Authentication

by Subramanian Gopi Krishnan

Hi, I am developing TLS client and server for embedded systems. Considering the operational efficiency, it is sufficient to have data authentication. Is it possible to setup a TLS communication with data authentication and without encryption? Consider a PLC network, 1. Within physical secure zone. 2. Requires faster data transfer. 3. Data are not confidential, but must be cryptographically authenticated. Thanks, Gopi Krishnan

3 years, 4 months

2
1
0 0

Please, help me about Mbedtls_ssl_handshake return error -0x2700

by Dmitrij Shabroff

Hello. I am facing the issue of certificate verification error during handshake.The problem is described by me in the appropriate section of the forum. https://forums.mbed.com/t/mbedtls-failing-with-the-certificate-is-not-corre… Please help me figure it out - there is no one else to turn to. Sincerely, Shabrov Dmitry

3 years, 4 months

1
0
0 0

Does MbedTLS provide paid tech support?

by Tom Zhu

We are interested in whether there are paid supports from MbedTLS regarding optimization on some ARM MCUs. If so, whom should we contact? Thanks! Tom

3 years, 4 months

1
0
0 0

TLS 1.3 support

by Lukas Frei

Good morning, My team and me are starting a bigger project concerning object control on the rail. The security specifications shall use TLS version 1.3. I could read on some forums that you are actually working on it. Could I please get some information about the release date of it? If not provided soon we will be forced to switch to another library. Thanks a lot for your help. Best Regards, Lukas Frei Dipl. MSc Universität Bern und BFH in Biomedical Engineering Embedded Software Engineer CSA Engineering AG Hans Huber-Strasse 38 CH-4500 Solothurn Direkt +41 32 626 35 81 Telefon +41 32 626 35 55 Fax +41 32 626 35 50 mailto:lukas.frei@csa.ch https://www.csa.ch ________________________________ Confidentiality Note: This message is intended only for the use of the named recipient(s) and may contain confidential and/or privileged information. If you are not the/an intended recipient, please contact the sender and delete this message. Any unauthorized use of the information contained in this message is prohibited.

3 years, 4 months

2
1
0 0

Now Im subscribe

by Dmitrij Shabroff

Good afternoon. I am a microcontroller product designer. I ported MBED TLS to STM 32L471 microcontroller. While I do not understand how can I use the certificate. My customer gave me a certificate in the form of a center2m.com.cer file. The file contains the 3 fields: -----BEGIN CERTIFICATE----- MIIGVzCCBT+gAwIBAgIMEnU/ ... -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIET ... -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIDDX ... -----END CERTIFICATE----- tell me please, how to port my certificate to certs.c file. The question is which fields to insert where? Please help. No one can answer this question except you. Sincerely, development engineer, Shabrov Dmitrii

3 years, 4 months

2
3
0 0

Next MBed TLS Tech Forum - Monday

by Don Harbin

Hi All, This is a gentle reminder that the next MBed TLS Tech forum is next Monday @10am UK time. Reminders: - This is the "Asia timezone friendly" session, but the session recording and supporting content are archived here <https://www.trustedfirmware.org/meetings/mbed-tls-technical-forum/>. - Dial-in details can be found in the online calendar <https://www.trustedfirmware.org/meetings/>. If you click on this event in the calendar, it also provides the option to add it to your personal calendar if you wish If anyone has topics you would like to see added to the agenda, please share and Dave and the team will work to get these onto the agenda. Best regards, Don

3 years, 4 months

1
0
0 0

Tentative: MBed TLS Technical Forum - Asia

by Gergely Pintér

3 years, 4 months

1
0
0 0

2025

2024

2023

2022

2021

2020

mbed-tls