Skip to main content
  • 产品
  • Evaluate our Software
  • 下载
  • Free Utilities
  • 购买
  • 芯片厂商
  • 支持
  • 关于我们
  • Search
  • 工作机会
  • 新闻简报
  • 联系我们
  • emSecure
  • emSecure-RSA

    emSecure-RSA
    The default version of emSecure

    emSecure-RSA is the default version of emSecure, based on RSA asymmetrical encryption.

    Contact us
    Downloads
    Documentation
    SEGGER emSecure
    1. 1.Performance
      1. 1.1.Verifying Data
      2. 1.2.Signing Data
    2. 2.Memory Footprint
    3. 3.Included Sign and Verify Applications
    4. 4.Technical Background

    Using emSecure-RSA

    All emSecure products are created to be simple but powerful, and easy to integrate. It can be used in new products and even extend existing ones as emSecure is a software solution and no additional hardware is required. The code is completely written in ANSI C and can be used platform- and controller-independent. The required key pairs can be generated with the included tool. A pass-phrase can be used to regenerate the keys. The generated keys can be exported into different formats to be stored on the application code or loaded from a key file. This allows portability and exchangeability between different platforms. Signing data, for instance firmware images, can be performed with the included tool. It is also possible to integrate the signing process directly into a production application running on any PC or even on a microcontroller. Once a signature is generated, the signed data can be verified by its signature in an embedded application or on an external application communicating with the device. Verifying data takes less than 20 ms on a STM32F746, running at 216 MHz, which is not significantly more time for a bootloader to start firmware.

    Performance

    emSecure-RSA aims for portability and is designed to fit speed and size requirements for different targets. The process of verifying data is technically split up into two steps:

    • Compute the hash of the data.
    • Decrypt the signature and compare the hash values.

    Step 1, the computation of the hash, depends on the size of the data, whereas step 2 is dependent on the key length and takes the same time to verify any data.

    StepPerformance
    Compute the hash of the data

    SHA-1
    Hash computation

    12.5 MB/sec
    Decrypt the signature and compare the hash values
    RSA 512 bit
    Signature decryption and verification
    0.84 ms
    RSA 1024 bit
    Signature decryption and verification
    2.15 ms
    RSA 2048 bit
    Signature decryption and verification
    7.29 ms
    RSA 512 bit
    Signature generation and encryption
    13.95 ms
    RSA 1024 bit
    Signature generation and encryption
    63.60 ms
    RSA 2048 bit
    Signature generation and encryption
    362.75 ms

    Test configuration

    • SEGGER Embedded Studio 3.35 using clang 5.0.1 compiler
    • SHA-1 algorithm configured for speed optimization
    • Test on a STM32F746 microcontroller, running at 216 MHz

    Verifying Data

    The following table shows some total values to verify different amounts of data.

    Data sizeKey lengthDecryption and verificationHash computationTotal time
    1 kByte512 bit0.84 ms 0.09 ms 0.93 ms
    100 kByte 512 bit0.84 ms 7.35 ms 8.19 ms
    1 kByte1024 bit 2.15 ms 0.09 ms 2.24 ms
    100 kByte 1024 bit 2.15 ms 7.35 ms 9.50 ms
    1 kByte2048 bit 7.29 ms0.09 ms 7.38 ms
    100 kByte 2048 bit 7.29 ms7.35 ms 14.64 ms

    Signing Data

    The following table shows some total values to sign different amounts of data.

    Data sizeKey lengthDecryption and verificationHash computationTotal time
    1 kByte512 bit13.95 ms 0.09 ms 14.04 ms
    100 kByte 512 bit13.95 ms 7.35 ms 21.30 ms
    1 kByte1024 bit 63.60 ms 0.09 ms63.69 ms
    100 kByte 1024 bit 63.60 ms 7.35 ms 70.95 ms
    1 kByte2048 bit 362.75 ms0.09 ms 362.84 ms
    100 kByte 2048 bit 362.75 ms7.35 ms 370.10 ms

    Memory Footprint

    The following table lists the memory requirements of emSecure-RSA configured for operation with a 2048 bit key.

    ROMStatic RAMStack
    Sign only

    5.81 KB

    0.03 KB

    2.12 KB

    Verify only

    4.88 KB

    0.03 KB

    2.93 KB

    Sign and verify

    6.35 KB

    0.03 KB

    2.93 KB

    Test configuration

    • SEGGER Embedded Studio 3.35 using GCC compiler
    • SHA-1 algorithm configured for size optimization
    • Compiled for Thumb-2 instruction set, optimized for size

    Included Sign and Verify Applications

    emSecure includes all basic applications needed for securing a product. The applications' source-code is included and provides an easy to use starting point for modifications and integration into other applications.

    The sign and verify applications are also available for evaluation. For more information contact us at info@segger.com

    Application nameTarget platform Description
    emKeyGenWindowsGenerates a key pair with a given key length, either random or from a given seed.
    emSignWindowsDigitally signs a file with your private key.
    emVerifyWindowsVerifies the signature of a digital asset with its public key.
    emPrintKeyWindowsExports keys and signatures into C source format, to be included into any application.

    The utilities are PC applications, ready-to-use for the setup step to secure your product.

    Key Generation: emKeyGen generates a public and a private key. The generation parameters can be set with command line options. The keys are saved in a common key file format and can be published and exchanged.


    Exporting Keys: emPrintKey exports key and signature files into a compileable format. The output can be linked into your application, so there is no need to load them from a file at runtime. This is especially useful for embedded applications

    emKeyGen

    Signing Data: emSign digitally signs the file content, usually the data to be secured, with a given (private) key file and creates a signature file.

    emSign
    emSign

    Verifying Data: emVerify decrypts a signature file and verifies if the corresponding data file matches the signature.

    emVerify

    Technical Background

    emSecure_Theory_Sign

    emSecure Signing Technical Details: The emSecure-RSA signing operation starts by using a secure hash algorithm (SHA1) to generate a hash from the original data. Using the 2kBit RSA private key along with the hash, a digital signature is generated using RSA encryption.


    emSecure_Theory_Verify

    emSecure Verification Technical Details: The emSecure-RSA verification process starts with the data one wishes to verify and the digital signature which was created from the original file. A hash file is generated for the unverified data. The public key and RSA decryption is used to generate the original hash and then compared to verify whether the data file is genuine.

    • User manual
    • Online documentation
    • List of downloads
    • Update notification
    • Pricing
    • Support
    • Silicon vendor resources

    全球总部

    德国: SEGGER Microcontroller GmbH

    地址: Ecolab-Allee 5
    40789 Monheim am Rhein, Germany
    电邮: info@segger.com
    电话: +49-2173-99312-0
    传真: +49-2173-99312-28

    网点分布

    中国:哲戈微系统科技(上海)有限公司

    地址: 中国上海市闵行区秀涟路133号
    大虹桥国际A 栋218室
    邮编201199
    电邮: china@segger.com
    电话: +86-133-619-907-60


    简易信息聚合

    通过ISO 9001认证

    ISO 9001

    30多年的嵌入式行业经验

    First-class embedded software tools since 1992
    • 版本说明
    • 免责声明
    • 行为准则
    • 隐私策略
    • 沪ICP备2022005181号
    • 沪公网安备 31011202014525号
    © 2025 SEGGER - 版权所有.

    您即将离开 segger.cn 而访问境外网站,是否继续?