CycloneCRYPTO is a cryptographic toolkit designed for use in embedded systems. It provides a comprehensive set of cryptographic primitives (hash functions, stream and block ciphers, public key cryptography) that can be used to add security features to your embedded application.
CycloneCRYPTO is available either as open source (GPLv2 license) or under a royalty-free commercial license (non-GPL license). We also propose an evaluation license (90-day license in source form) with technical support for an easier onboarding and effective evaluation of our software.
Main Features Base64 encoding MD2, MD4 and MD5 hash functions RIPEMD-128 and RIPEMD-160 hash functions SHA-1 hash function SHA-2 family hash functions (SHA-256, SHA-384, SHA-512, SHA-512/224 and SHA-512/256) SHA-3 family hash functions (SHA3-224, SHA3-256, SHA3-384 and SHA3-512) BLAKE2b family hash functions (BLAKE2b160, BLAKE2b256, BLAKE2b384, BLAKE2b512) BLAKE2s family hash functions (BLAKE2s128, BLAKE2s160, BLAKE2s224, BLAKE2s256) Tiger/192 hash function Whirlpool hash function SHAKE128, SHAKE256 and cSHAKE extendable-output functions (XOF) Keccak sponge function HMAC, CMAC, GMAC and KMAC message-authentication code RC4 and Trivium stream ciphers Block ciphers (RC2, RC6, IDEA, DES, Triple DES, AES, Camellia, SEED, ARIA, PRESENT) Supports ECB, CBC, CFB, OFB, CTR and XTS operation modes for all symmetric block ciphers Cipher Block Chaining-MAC (CCM) and Galois Counter Mode (GCM) ChaCha encryption algorithm Poly1305 message-authentication code ChaCha20Poly1305 Authenticated Encryption with Associated Data (AEAD) RSA public key cryptography (PKCS #1 v1.5 and v2.2) Digital Signature Algorithm (DSA) Diffie-Hellman key exchange (PKCS #3) Password-Based Cryptography Standard (PKCS #5) Elliptic Curve Cryptography (ECC) Elliptic Curve Diffie-Hellman (ECDH) ECDH over Curve25519 and Curve448 elliptic curves (X25519 and X448) Elliptic Curve Digital Signature Algorithm (ECDSA) EdDSA signature scheme (Ed25519 and Ed448 elliptic curves) Supports elliptic curves defined over prime fields (NIST-P and Brainpool) HKDF key derivation function Multiple precision arithmetic library with optimized assembly code (for ARM and MIPS-based microcontrollers) X.509 certificate, CRL and CSR parsing functions X.509 certification and CSR generation Parsing/Formatting of public/private keys (PKCS #1 and PKCS #8 formats supported) bcrypt and scrypt password hashing functions Flexible memory footprint. Built-time configuration to embed only the necessary features Portable architecture (supports little-endian and big-endian architectures) Extensive test suite available on request (for commercial licenses) Supported Elliptic Curves Curve25519 (X25519) Curve448 (X448) Ed25519 Ed448 secp160k1 secp160r1 secp160r2 secp192k1 secp192r1 (NIST P-192) secp224k1 secp224r1 (NIST P-224) secp256k1 secp256r1 (NIST P-256) secp384r1 (NIST P-384) secp521r1 (NIST P-521) brainpoolP256r1 brainpoolP384r1 brainpoolP512r1 Supported Embedded Processors ARM Cortex-M3 ARM Cortex-M4 ARM Cortex-M7 ARM Cortex-R4 ARM Cortex-A5 ARM Cortex-A8 ARM Cortex-A9 Legacy ARM7TDMI / ARM926EJ-S RISC-V MIPS M4K MIPS microAptiv Infineon TriCore AURIX PowerPC e200 Coldfire V2 RX600 AVR32 Xtensa LX6 Supported Compilers / Toolchains Reference Standards CycloneCRYPTO conforms to RFC, IEEE and NIST standards See the list Hide the list RFC RFC 1319: The MD2 Message-Digest Algorithm RFC 1321: The MD5 Message-Digest Algorithm RFC 2104: HMAC: Keyed-Hashing for Message Authentication RFC 2268: A Description of the RC2 Encryption Algorithm RFC 2313: PKCS #1: RSA Encryption Version 1.5 RFC 2631: Diffie-Hellman Key Agreement Method RFC 2898: PKCS #5: Password-Based Cryptography Specification Version 2.0 RFC 2986: PKCS #10: Certification Request Syntax Specification Version 1.7 RFC 3174: US Secure Hash Algorithm 1 (SHA1) RFC 3447: PKCS #1: RSA Cryptography Specifications Version 2.1 RFC 4269: The SEED Encryption Algorithm RFC 4634: US Secure Hash Algorithms (SHA and HMAC-SHA) RFC 4648: The Base16, Base32, and Base64 Data Encodings RFC 5280: Internet X.509 Public Key Infrastructure Certificate and CRL Profile RFC 5639: ECC Brainpool Standard Curves and Curve Generation RFC 5794: A Description of the ARIA Encryption Algorithm RFC 5869: HMAC-based Extract-and-Expand Key Derivation Function (HKDF) RFC 5915: Elliptic Curve Private Key Structure RFC 6090: Fundamental Elliptic Curve Cryptography Algorithms RFC 7468: Textual Encodings of PKIX, PKCS, and CMS Structures RFC 7539: ChaCha20 and Poly1305 for IETF Protocols RFC 7693: The BLAKE2 Cryptographic Hash and Message Authentication Code (MAC) RFC 7748: Elliptic Curves for Security (Curve25519 and Curve448) RFC 7914: The scrypt Password-Based Key Derivation Function RFC 8017: PKCS #1: RSA Cryptography Specifications Version 2.2 RFC 8032: Edwards-Curve Digital Signature Algorithm (EdDSA) RFC 8410: Algorithm Identifiers for Ed25519, Ed448, X25519, and X448 for Use in the Internet X.509 Public Key Infrastructure IEEE Certicom Research SEC 1: Elliptic Curve Cryptography SEC 2: Recommended Elliptic Curve Domain Parameters NIST FIPS 46-3: Data Encryption Standard FIPS 180-4: Secure Hash Standard FIPS 186-4: Digital Signature Standard (DSS) FIPS 197: Advanced Encryption Standard FIPS 198-1: The Keyed-Hash Message Authentication Code (HMAC) FIPS 202: SHA-3 Standard: Permutation-Based Hash and Extendable Output Functions SP 800-38A: Recommendation for Block Cipher Modes of Operation - Methods and Techniques SP 800-38C: Recommendation for Block Cipher Modes of Operation: The CCM Mode for Authentication and Confidentiality SP 800-38D: Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC SP 800-56A: Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography RSA Laboratories RSA Laboratories PKCS #1: RSA Cryptography Standard PKCS #3: Diffie-Hellman Key Agreement Standard PKCS #5: Password-Based Cryptography Standard PKCS #8: Private-Key Information Syntax Standard PKCS #10: Certification Request Standard