ESP32S2 and secp256k1 ECC support

Simon76
Posts: 2
Joined: Wed Dec 16, 2020 8:53 pm

ESP32S2 and secp256k1 ECC support

Postby Simon76 » Fri Jan 15, 2021 3:35 pm

Hello,
I could not find examples related to the ability of the ESP32S2 secure chip to sign a message using elliptic curve cryptography with the curve secp256k1 that is the standard in blockchain cryptography to sign transactions.

Any advice on whether it's supported and an example on how to use it?

Thanks

ESP_Angus
Posts: 2278
Joined: Sun May 08, 2016 4:11 am

Re: ESP32S2 and secp256k1 ECC support

Postby ESP_Angus » Mon Jan 18, 2021 7:06 am

Hi Simon,

The ESP32-S2 SDK (ESP-IDF) uses mbedTLS as its primary cryptography library. The ECC support in mbedTLS includes support for secp256k1 curves and trhe signature algorithms ECDSA & Deterministic ECDSA.

You should be able to adapt any mbedTLS example of the ECC signature type you need for ESP-IDF, and produce secp256k1 signatures this way.

The hardware Multiple Precision Arithmetic accelerator helps a little with ECC operations, however not as much as a dedicated accelerator would do. Recommend configuring the CPU to 240MHz if possible for best performance.

Angus

Simon76
Posts: 2
Joined: Wed Dec 16, 2020 8:53 pm

Re: ESP32S2 and secp256k1 ECC support

Postby Simon76 » Tue Jan 19, 2021 3:32 pm

Thanks Angus for your reply, I've not yet tried it, anyway my main concern is about the ability of the on-board secure element to actually make the signature: not tho gain a performance improvement (although it is welcome), but to make use of the private key stored in the eFuses such that it is neither generated nor "seen" by the software itself.

Exactly the same way the DS module can securely sign messages using RSA, I would use it to sign messages using ECC secp256k1, but I can't see any mention of this feature in the Digital Signature (DS) module docs of the ESP32S2.

Just wondering if maybe it's there but still undocumented, or if you plan to add it in the future: ECC secp256k1 (and other curves too) represent the standard for blockchain cryptography.

To give you some more context, this is one example of a board with a secure element designed by IoTeX taking advantage of the secure element on the nrf-9160 to make it an ultra-secure blockchain-enabled IoT board.

ESP_Angus
Posts: 2278
Joined: Sun May 08, 2016 4:11 am

Re: ESP32S2 and secp256k1 ECC support

Postby ESP_Angus » Tue Jan 19, 2021 11:08 pm

Hi Simon,

Thanks for explaining, I didn't realise you were interested in secure element functionality in particular.

This is not supported in ESP32-S2, for the functionality described above the ECC key would be accessible by software running on the ESP32-S2. The Digital Signature Peripheral provides secure-element-like functionality where the key remains inaccessible to software, but it can only generate RSA signatures.

There is also the ESP32-WROOM-32SE (pdf link), which includes an ESP32 and an secure element inside the module. This element supports ECC signatures but unfortunately not the secp256k1 curve.

We'll consider if we can add support for ECDSA, and in particular this curve, in the future.

Who is online

Users browsing this forum: No registered users and 18 guests