0

Hi I have a small ARTY development board with a ARTY-35T, I have a sample project running on the board with lwip and a webserver. I was wondering if WolfSSL will be fast enough on a Microblaze running at 50MHz without a floating point unit. With all the mathematics involved I am wondering if the connection will time out before it can finish on the development board? Has anyone had experience in this?

Thanks in advance.

Godspped
  • 683
  • 4
  • 12
  • 31
  • Is this the device you are working with? https://reference.digilentinc.com/_media/reference/programmable-logic/arty/arty_rm.pdf If so you'll note in the document "The MicroBlaze processor in an Arty SoC configuration is typically run at 100 MHz, though it is possible to design your SoC so that it can operate at over 200MHz." So are you specifically configuring it to run at 50MHz for power considerations? If so you could also configure the clock for the duration of the handshake and then wind it back down for power consideration once the connection is established. – Kaleb Apr 10 '19 at 16:46
  • 1
    Thank you for the response, yes it is that board, and yes I have dialed it down for power related issues. I was unaware that we can change the clocks on the fly in a design, but I can have a look at that. – Godspped Apr 11 '19 at 03:40
  • It looks like section 7 of that guide I linked above points to this document for working with the 7 series clocks: https://www.xilinx.com/support/documentation/user_guides/ug472_7Series_Clocking.pdf. In my experience it is uncommon to come across a clock that can not be adjusted at run time but then again have not worked as extensively with field programmable gate arrays which are a bit different than the typical micro controller. That being said I highly suspect the clock is run-time adjustable on an FPGA and something to definitely look into! Cheers, let us know what you find. – Kaleb Apr 11 '19 at 16:35

1 Answers1

0

I would recommend looking into run-time clock adjustment on the device. It is common to speed up the clock for the heavy crypto operations that are involved when initially establishing a secure connection (I.E. the handshake portion of the TLS connection). Once the connection is established and the device is just doing record layer transactions the clock can then be tuned back to a lower speed. This setup would allow the connection to be established before a timeout occurs (in nearly all cases), while also allowing for power consideration.

I think it would be completely possible to realize a connection before timeout on your device. In addition to evaluating clock run-time adjustments wolfSSL offers single-precision math optimizations for some of the most expensive crypto operations involved during the handshake process. I recommend you review the below settings for wolfSSL:

WOLFSSL_HAVE_SP_RSA
WOLFSSL_HAVE_SP_ECC
WOLFSSL_HAVE_SP_DH

With the Single Precision assembly optimizations + clock tuning for the handshake you should have no issues establishing a secure connection before timeouts become an issue.

For more information or details please feel free to contact the wolfSSL support team directly at anytime by sending an email to "support [at] wolfssl [dot] com" or through the zendesk portal at "wolfssl [dot] zendesk [dot] com".

Kaleb
  • 591
  • 4
  • 17
  • As a side note if you wish to keep questions posted here in stack overflow for the benefit of other users that's great and wolfSSL encourages it! If you fail to see a timely response however please send a note to "support [at] wolfssl [dot] com" with a link to your stack overflow question so one of the wolfSSL engineers can come take a look! – Kaleb Apr 15 '19 at 23:01