This is the first in a series of papers that will look at cryptographic algorithms in common use and how they are used to achieve secure communication within the Transport Layer Security TLS protocol. This article will look at the core cryptographic algorithm used to secure and authenticate data. In the second article we will build an understanding of public key encryption and in the final article will step through the Transport Layer Security protocol. We will also see how these algorithms can be implemented on a small microcontroller using the ARM mbed TLS library. Alongside this article there are a set of example programs which can be downloaded using the link provided at the end.
The mbed TLS security library started life as an open source project called XySSL run by Christophe Deivine up until 2008 when it was relaunched as PolarSSL. In 2014 PolarSSL was acquired by ARM and rebranded as mbed TLS, and forms the security component of ARM’s mBed IoT platform. Today mbed TLS is available as a free download and is provided as a software component as part of Keil’s MDK-ARM toolchain. The mbed TLS library is provided as source code and is free to use with a choice of GPL or Apache licences while being maintained and developed by ARM. The library itself has been designed to run on small embedded devices and the complete TLS stack takes under 60KB of Program memory and under 64K of RAM. The mbed TLS library is designed as a set of modules which allow you to use any of the cryptographic primitive’s standalone from the full library.