[FAQ] MCU-PLUS-SDK-AM243X: [FAQ] How to Configure and Optimize MbedTLS in MCU_PLUS_SDK for am2x devices.

This FAQ briefly discusses about configuration of MbedTLS and optimization of memory footprint of MbedTLS which is delivered as an independent library, out-of-box in the MCU_PLUS_SDK 08.06 and later for am243x, am263x, am273x and am64x

How to configure MbedTLS features?

MbedTLS functionality is controlled by a top-level header file located at MCU_PLUS_SDK/source/networking/mbedtls_library/mbedtls_ti/alt_config.h

The config header file has #define macros to enable or disable following features of MbedTLS:

• Disable or enable SSL Server or SSL client functionality.
• Disable or enable certain cryptographic modules, eg. SHA-256 support can be disabled while still supporting SHA-512 and SHA-1.
• Support for mathematical operations on n-bit data can be disabled or enabled.
• Based on CPU, memory, Platform support, many features such as Time calculation, memory allocators can be controlled.
• Thread support can be enabled, disabled or re-implemented.
• Alternate implementations of cryptographic functions can be enabled.
• TLS Cipher suites can be enabled or disabled.
• Partial functionality of cryptographic module can be controlled. For example, AES – decryption can be disabled/ changed, while still using the default AES-encryption.

Note: MbedTLS library needs to be rebuilt after making any changes in the config file or the source code.

How to reduce the memory footprint of MbedTLS library?

Memory footprint of MbedTLS library can be reduced by disabling certain features from the config file as explained above.

Functionally, MbedTLS can be partitioned into TLS layer implementations and cryptographic modules support.

When used in an application, MbedTLS memory footprint is:

The above memory footprint is of the out-of-box library with majority features enabled. On disabling some features which are not desired, the memory footprint can be reduced further. The distribution is demonstrated in the image ABOVE, dividing the MbedTLS functionality into sub-parts.

SSL:

In most of the applications, either TLS client or TLS server functionality might be desired, One of the TLS services can be disabled to reduce memory footprint. For example, disabling TLS server functionality would reduce the library size by around 23% (17.1 KB), similarly, disabling TLS client will reduce the library size by around 21% (16.4 KB). The below image represents the memory distribution of TLS/SSL services.

Cryptography:

Based on the cryptographic modules enabled in the alt_config.h, A sample size distribution for MbedTLS cryptography is tabulated below:

It can be further optimized in majorly 2 ways:

1. Optimize the implementation of Cryptography modules.
2. Disable cryptographic features which are not required in the end application:
   - This can involve either disabling a cryptographic module completely (e.g., disable SHA-256 support) or disable partially (e.g., disable AES-decryption, but support AES-encryption)
   
   

For example, if the cipher suite chosen is MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, the cryptographic support for RSA, AES, SHA and other utilities is only required and the others can be disabled, e.g., HMAC, GCM, CCM, ECDSA, etc. can be disabled saving ~28.5 KB further.

Note: The above numbers are for example demonstration only, they do not represent the best-case optimization of MbedTLS library.

How to offload MbedTLS cryptography to custom implementations or crypto engines?

MbedTLS cryptography can be offloaded to alternative cryptography engines or custom implementations. Alternate implementation is supported for most of the cryptographic modules, commonly used to offload cryptography to hardware crypto engines (such as SA2_UL and DTHE in case of am2x devices).

To check the features supported on hardware and the features supported in the Driver, check the following:

1. SA2_UL - AM243x MCU+ SDK: SA2UL (ti.com)

2. DTHE - AM263x MCU+ SDK: DTHE (ti.com)

3. PKA - AM243x MCU+ SDK: PKA (ti.com)

Brief steps to offload cryptography:

1. Create the alternate implementation .c and .h files as “xyz_alt.h” and “xyz_alt.c”, for example sha256_alt.c.
2. Enable macro “MBEDTLS_XYZ_ALT” in alt_config.h
3. Compile the alternate implementation files as a part of the MbedTLS library.

Based on how efficient and optimized the alternate implementations are, the performance throughput can be improved, for example on am24x, offloading cryptography to the SA2_UL cryptography accelerator resulted in performance increase of ~700% - 900% for AES-CBC.

Note: The data shown in this FAQ is for demonstration only, obtained over MCU_PLUS_SDK 08_06 for am243x and am263x, the numbers are not the most optimized or do not represent the best device performance.