12

I am wanting make an embedded device that can communicate with a web-server in a secure fashion. My preference would be for it to use standard SSL so the web-server views my device similar to a web browser.

  • Are there any prebuit libraries for the embedded side to do this?
  • What about an IC that can handle the handshaking and decryption for me?
  • If not how would I go about doing this myself?
suha
  • 1,774
  • 14
  • 17
Kellenjb
  • 17,509
  • 5
  • 51
  • 87
  • If you haven't seen this, you may consider it for it's small size, powerful capabilities, but not cheap price: http://www.phidgets.com/products.php?product_id=1072 – gahooa Feb 18 '11 at 18:33
  • @gahooa that is interesting. I am looking for a cheap option though. My market would be buying 10's or 100's of my device so every cent I can cut costs can help make the item more marketable. – Kellenjb Feb 18 '11 at 19:00
  • 1
    I hope you have a BIG micro. SSL Is pretty heavy, computationally. – Connor Wolf Feb 19 '11 at 06:58
  • @Fake Name I was thinking a dsPIC. The way I understand it is the initial handshaking can be pretty heavy, but everything else is not too bad. – Kellenjb Feb 19 '11 at 16:48

4 Answers4

5

Consider these embedded SSL libraries:

http://www.yassl.com/yaSSL/Products-cyassl.html

http://polarssl.org/

http://www.matrixssl.org/

And maybe http://gitorious.org/tropicssl/

Tropicssl and polarssl originated from http://www.ohloh.net/p/xyssl

Tropicssl and xyssl are BSD licensed, whereas as all the others are GPL with an option for a proprietary license for $.

goertzenator
  • 151
  • 1
  • 2
4

I suggest the Microchip TCP stack. Microchip offers a free licensed TCP/IP stack optimized for the PIC18, PIC24, dsPIC and PIC32.

Microchip’s TCP/IP stack includes the Secure Sockets Layer (SSL) feature.

But it's not free. See below:

To comply with US Export Control restrictions, the encryption portion of the SSL module must be purchased separately from Microchip. The library of Data Encryption Routines (SW300052) is available for a nominal fee from http://www.microchipdirect.com/productsearch.aspx?Keywords=SW300052.

For better results, you can use ENCx24J600 that has built-in AES encrypt/decrypt engine and other securities engines.

Daniel Grillo
  • 7,659
  • 18
  • 51
  • 69
2

If the system can be complicated enough to run an operating system, there are plenty of tools and libraries that can do the job. On an embedded Linux system, you can use wget with SSL. On any system with higher level languages like Python or Ruby, the networking library (Python SSL) will support SSL. If you only have access to C, you could write something using the OpenSSL library.

If there's no OS, I think you're in for a lot of work. At minimum, you need a TCP/IP stack. I'd build a prototype with an mbed-- there's a forum post that suggests they might have an SSL library by now.

pingswept
  • 12,581
  • 4
  • 46
  • 64
1

This seems to support AES SSL as well: http://www.lantronix.com/device-networking/embedded-device-servers/xport.html

powtac
  • 1,022
  • 2
  • 16
  • 27
  • 1
    I don't believe this actually supports SSL - AES is just a symmetric cipher that can be used by SSL but e.g. the handshake requires other steps that involve (usually) RSA and SHA-1. However Lantronix now has the XPort AR which does appear to support some version of SSL http://www.lantronix.com/device-networking/embedded-device-servers/xport-ar.html however it's not cheap. – thom_nic Feb 02 '15 at 14:47