CycloneCRYPTO
Embedded Cryptographic Library

CycloneCRYPTO is a cryptographic toolkit designed for use in embedded systems. It provides a comprehensive set of cryptographic primitives (hash functions, stream and block ciphers, public key cryptography) that can be used to add security features to your embedded application.

CycloneCRYPTO Embedded Crypto Algorithms

Main Features

  • Base64 data encoding
  • MD2, MD4 and MD5 hash functions
  • RIPEMD-128 and RIPEMD-160 hash functions
  • SHA-1 hash function
  • SHA-2 family hash functions (SHA-256, SHA-384, SHA-512, SHA-512/224 and SHA-512/256)
  • SHA-3 family hash functions (SHA3-224, SHA3-256, SHA3-384 and SHA3-512)
  • BLAKE2b family hash functions (BLAKE2b160, BLAKE2b256, BLAKE2b384, BLAKE2b512)
  • BLAKE2s family hash functions (BLAKE2s128, BLAKE2s160, BLAKE2s224, BLAKE2s256)
  • Tiger/192 hash function
  • Whirlpool hash function
  • SHAKE128 and SHAKE256 extendable-output functions (XOF)
  • Keccak sponge function
  • CMAC, HMAC and GMAC message-authentication code
  • RC4 stream cipher
  • Block ciphers (RC2, RC6, IDEA, DES, Triple DES, AES, Camellia, SEED, ARIA, PRESENT)
  • Supports ECB, CBC, CFB, OFB, CTR and XTS operation modes for all symmetric block ciphers
  • Cipher Block Chaining-MAC (CCM) and Galois Counter Mode (GCM)
  • ChaCha encryption algorithm
  • Poly1305 message-authentication code
  • ChaCha20Poly1305 Authenticated Encryption with Associated Data (AEAD)
  • RSA public key cryptography (PKCS #1 v1.5 and v2.2)
  • Digital Signature Algorithm (DSA)
  • Diffie-Hellman key exchange (PKCS #3)
  • Password-Based Cryptography Standard (PKCS #5)
  • Elliptic Curve Cryptography (ECC)
  • Curve25519 (X25519) and Curve448 (X448) elliptic curves
  • Elliptic Curve Diffie-Hellman (ECDH)
  • Elliptic Curve Digital Signature Algorithm (ECDSA)
  • EdDSA signature scheme (Ed25519 and Ed448 elliptic curves)
  • Supports elliptic curves defined over prime fields (NIST-P and Brainpool)
  • HKDF key derivation function
  • Multiple precision arithmetic library with optimized assembly code (for ARM and MIPS-based microcontrollers)
  • X.509 certificate, CRL and CSR parsing functions
  • X.509 certification and CSR generation
  • Parsing/Formatting of public/private keys (PKCS #1 and PKCS #8 formats supported)
  • bcrypt and scrypt password hashing function
  • Flexible memory footprint. Built-time configuration to embed only the necessary features
  • Portable architecture (supports little-endian and big-endian architectures)
  • Extensive test suite available on request (for commercial licenses)
  • Curve25519 (X25519)
  • Curve448 (X448)
  • Ed25519
  • Ed448
  • secp160k1
  • secp160r1
  • secp160r2
  • secp192k1
  • secp192r1 (NIST P-192)
  • secp224k1
  • secp224r1 (NIST P-224)
  • secp256k1
  • secp256r1 (NIST P-256)
  • secp384r1 (NIST P-384)
  • secp521r1 (NIST P-521)
  • brainpoolP256r1
  • brainpoolP384r1
  • brainpoolP512r1
  • ARM7TDMI / ARM926EJ-S
  • ARM Cortex-M3
  • ARM Cortex-M4
  • ARM Cortex-M7
  • ARM Cortex-R4
  • ARM Cortex-A5
  • ARM Cortex-A8
  • ARM Cortex-A9
  • RISC-V
  • MIPS M4K
  • MIPS microAptiv
  • PowerPC e200
  • Coldfire V2
  • RX600
  • AVR32
  • Xtensa LX6
  • Amazon FreeRTOS
  • ChibiOS/RT
  • CMSIS-RTOS
  • CMSIS-RTOS2 (RTX v5 and FreeRTOS)
  • Keil RTX
  • Micrium µC/OS-II
  • Micrium µC/OS-III
  • Segger embOS
  • SYS/BIOS (TI-RTOS)
  • Bare Metal programming (without RTOS)
  • GNU GCC / Makefile
  • Atollic TrueSTUDIO
  • IAR Embedded Workbench
  • Keil MDK-ARM
  • Microsoft Visual Studio
  • Segger Embedded Studio
  • AC6 System Workbench for STM32 (SW4STM32)
  • Atmel Studio
  • Infineon DAVE
  • Microchip MPLAB X
  • NXP MCUXpresso
  • Renesas e2Studio
  • ST STM32CubeIDE
  • TI Code Composer Studio (CSS)

RFC

  • RFC 1319: The MD2 Message-Digest Algorithm
  • RFC 1321: The MD5 Message-Digest Algorithm
  • RFC 2104: HMAC: Keyed-Hashing for Message Authentication
  • RFC 2268: A Description of the RC2 Encryption Algorithm
  • RFC 2313: PKCS #1: RSA Encryption Version 1.5
  • RFC 2631: Diffie-Hellman Key Agreement Method
  • RFC 2898: PKCS #5: Password-Based Cryptography Specification Version 2.0
  • RFC 2986: PKCS #10: Certification Request Syntax Specification Version 1.7
  • RFC 3174: US Secure Hash Algorithm 1 (SHA1)
  • RFC 3447: PKCS #1: RSA Cryptography Specifications Version 2.1
  • RFC 4269: The SEED Encryption Algorithm
  • RFC 4634: US Secure Hash Algorithms (SHA and HMAC-SHA)
  • RFC 4648: The Base16, Base32, and Base64 Data Encodings
  • RFC 5280: Internet X.509 Public Key Infrastructure Certificate and CRL Profile
  • RFC 5639: ECC Brainpool Standard Curves and Curve Generation
  • RFC 5794: A Description of the ARIA Encryption Algorithm
  • RFC 5869: HMAC-based Extract-and-Expand Key Derivation Function (HKDF)
  • RFC 5915: Elliptic Curve Private Key Structure
  • RFC 6090: Fundamental Elliptic Curve Cryptography Algorithms
  • RFC 7468: Textual Encodings of PKIX, PKCS, and CMS Structures
  • RFC 7539: ChaCha20 and Poly1305 for IETF Protocols
  • RFC 7693: The BLAKE2 Cryptographic Hash and Message Authentication Code (MAC)
  • RFC 7748: Elliptic Curves for Security (Curve25519 and Curve448)
  • RFC 7914: The scrypt Password-Based Key Derivation Function
  • RFC 8017: PKCS #1: RSA Cryptography Specifications Version 2.2
  • RFC 8032: Edwards-Curve Digital Signature Algorithm (EdDSA)
  • RFC 8410: Algorithm Identifiers for Ed25519, Ed448, X25519, and X448 for Use in the Internet X.509 Public Key Infrastructure

IEEE

Certicom Research

  • SEC 1: Elliptic Curve Cryptography
  • SEC 2: Recommended Elliptic Curve Domain Parameters

NIST

  • FIPS 46-3: Data Encryption Standard
  • FIPS 180-4: Secure Hash Standard
  • FIPS 186-4: Digital Signature Standard (DSS)
  • FIPS 197: Advanced Encryption Standard
  • FIPS 198-1: The Keyed-Hash Message Authentication Code (HMAC)
  • FIPS 202: SHA-3 Standard: Permutation-Based Hash and Extendable Output Functions
  • SP 800-38A: Recommendation for Block Cipher Modes of Operation - Methods and Techniques
  • SP 800-38C: Recommendation for Block Cipher Modes of Operation: The CCM Mode for Authentication and Confidentiality
  • SP 800-38D: Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC
  • SP 800-56A: Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography RSA Laboratories

RSA Laboratories

  • PKCS #1: RSA Cryptography Standard
  • PKCS #3: Diffie-Hellman Key Agreement Standard
  • PKCS #5: Password-Based Cryptography Standard
  • PKCS #8: Private-Key Information Syntax Standard
  • PKCS #10: Certification Request Standard