Alternative ECC based crypto implementation question


I am trying to replace existing ECC S/W based implementation with hardware accelerated engine.

Not sure I understand the guidelines in the knowledge base.

The issue that I am facing is that my HW engine based implementation is using different internal structure schema and a different math lib. I am wondering if I am obligated to continue to reuse S/W based internal data-structures (mbedtls_ecp_group, mbedtls_ecp_point, etc …) which in turn will significantly complicate the transition.

Appreciate if you can point me to an open source example so I could use it as a reference.


HI Tzvika,

What implementation do you wish to accelerate? Is it the ECP operations or the ECDSA\ECDH operations?
If you wish to supply alternative implementation for ECDSA\ECDH, you are welcome to look as reference for implementation in Mbed OS for Cryptocell.
If you wish to have an alternative implementation for ECP operations, then you are welcome to look at example from Cypress MXCrypto as to what was used.

‘mbedtls_ecp_group’ for example, is used outside of the mbedtls_ecp API, however it is defined inside the MBEDTLS_ECP_ALT check, which means it can be changed to your needs, but some of its members that are used need to remain… You should keep the API prototype, however internally, you should implement as it is best for your platform.
Mbed TLS Support