Nihal Pasham's CryptoAuthLib Brings Microchip's ATECC608A Security Part to the Rust Language

Cybersecurity expert Nihal Pasham is looking to make hardware secure elements more accessible to Rust developers, courtesy of an open source platform-agnostic driver dubbed the Rusty CryptoAuthLib.

"[I've been] working on a not so simple goal for a few months," Pasham announced via Twitter. "Simplify security engineering for embedded devices. Open source secdev and Rust lang[uage] have become a de facto choice. A driver for a secure element guaranteed to be mem-safe, written in safe Rust."

Pasham's driver is designed for use with Microchip CryptoAuthentication parts, initially targeting the ATECC608A. Featured in many of Microchip's Internet of Things (IoT) product lines, the ATECC608A offers network and node protection and authentication, anti-counterfeiting, firmware and media protection, secure data storage, and user authentication, along with EEPROM-based secure storage for up to 16 keys and other data types.

"[Rusty CryptoAuthLib is] 100% safe Rust code i.e. no memory-safety bugs in the driver (unless my logic is wrong)," Pasham writes of the project. "Platform agnostic i.e. uses 'embedded-hal' for all HW dependencies. No (heap) dynamic memory allocation required at all. Uses heapless and Postcard for command packet construction. API compatibility with that of Microchip's CrypoAuthlib 'C library' i.e. uses the same names & arguments, making it easier to bind to an existing C code-base."

The source code is available on Pasham's GitHub repository under the user's choice of Apache 2.0 or MIT license, though he does warn that it is not production quality and simply "a product of my interest in 'learning the language.'"