Modular exponentiation with a big modulus

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob
user_2112781
Level 4
Level 4
10 likes received 10 likes given 5 likes given

Hello,

I'm struggling with the memory allocation using the PolarSSL functions to perform a modular exponentiation with a 3072 bits modulus.

The pool allocator doesn't look to be optimized to such cases (Allocating 384 and 768 bytes).

What is the maximum key size supported for RSA like operations and what would be the way to have them working properly ?

Thank you.

0 Likes
1 Solution
asridharan
Employee
Employee
10 comments on KBA 5 comments on KBA First comment on KBA

The library supports up to 4096 bits. Did you try changing the application thread stack size (default is 1024 bytes) using blecm_SetApplicationThreadStackSizeInWords() and the pool block size/number using cfa_mm_ConfigureMemoryPool()? See ota_secure_firmware_update/hello_sensor.c sample for an example to configure these buffers (thread_and_mem_mgmt.h in SDK 2.1).

Edit: Corrected typo in number of bits supported.

View solution in original post

0 Likes
2 Replies
asridharan
Employee
Employee
10 comments on KBA 5 comments on KBA First comment on KBA

The library supports up to 4096 bits. Did you try changing the application thread stack size (default is 1024 bytes) using blecm_SetApplicationThreadStackSizeInWords() and the pool block size/number using cfa_mm_ConfigureMemoryPool()? See ota_secure_firmware_update/hello_sensor.c sample for an example to configure these buffers (thread_and_mem_mgmt.h in SDK 2.1).

Edit: Corrected typo in number of bits supported.

0 Likes

I did change the stack size to 4K and  try to play with the pool allocator sizes.

PolarSSL is allocating (for 3K modulus) buffers of +/- 384 and +/- 768 bytes. (384 bytes corresponding to 3072 bits).

I've seen that by using my own allocator function:

void* myAlloc(size_t size) 
{ 
     ble_trace1("Alloc(%u)", size); 
     void* nptr = cfa_mm_Alloc(size); 
     
     if (nptr == NULL) 
          ble_trace0("unable to alloc!!"); 
     
     return nptr; 
}

void MyTestFunc(void)
{
     mpi res, a, e, m;
     
     // Use my allocator
     brcmcryptoglue_set_allocator(myAlloc);

     // Initialize a, e, m;
     
     // perform a^e mod m;
     mpi_exp_mod(&res, &a, &e, &m, NULL);
}

Or if I for example set the last pool (CFA_MM_POOL_2) to 780, which is the highest allocation size required, when PolarSSL requires a buffer of 384 the pool will give him a block of 780 (the smallest one that fits) and of course allocating a lot of 780 blocks will just kill the memory.


Does anybody have an example working for such case ?


Thank you.

0 Likes