Verified cryptographic library for embedded systems

Need for verified cryptographic library

Difficulties of verifying liability of cryptographic library

Cryptographic algorithms are the core of all security applications and are used for various security implementation such as verifying message integrity, encrypting messages, verifying digital signatures, etc. Implementation of Cryptographic algorithm requires calculation of complicated mathematical algorithms and expertise of cybersecurity. Thus, generally customers buy cryptographic library products to implement security features. Even buying the product from the market, there is still a difficulty in verifying the product liability of whether the product’s cryptographic algorithms are applied or are complying with all standards.

Difficulties of Key Management

Security level of a security system using cryptographic algorithms is closely related to the level of cryptographic key management. Cryptographic key management includes a variety of topics, such as whether the entropy noise source collection was done properly, whether there are prevention of unauthorized exposure, and secure key replacement solutions throughout the product's entire life cycle. The key management process also requires expertise in cryptographic algorithms, making it difficult for users to manage keys throughout the product's entire life cycle.

FESCARO’s efforts for Verified Cryptographic Library

FIPS 140-2 Certification to obtain objective liability

FIPS(Federal Information Processing Standard) 140-2 is a US government computer security standard used to approve cryptographic modules. FIPS 140-2, established by NIST, has been designated by the Federal Information Security Management Act (FISMA) as a mandatory for U.S. and Canadian government procurements.

Implementing powerful cryptographic key management mechanism

FAST ™ CLIB implemented an integrity verification-based cryptographic key management protection mechanism to prevent unauthorized disclosure and replacement of cryptographic keys. Cryptographic key management mechanism ensures cryptographic key value to be not exposed even to users, and allows only the integrity verified cryptographic keys to be used for operations for specified purposes. FAST ™ CLIB abstracts the cryptographic key management mechanism strongly and strictly, making it easy and safe for users to use keys without any difficulty.

FAST™ CLIB Advantages

With FAST™ CLIB, FAST implementation of
Verified cryptographic Library
for mass production is possible.

Fescaro Advanced Security Trust-anchor

High Reliability

High reliability
through international certification

  • Achieved A-SPICE Level 2 Certification
  • Achieved FIPS 140-2 Certification (CMVP)
  • Provide Sync/Async processing
  • Provide International Standards Cryptographic Algorithms
    (SHA2, AES, CMAC, HMAC, RSA, DH etc)

High Convenience

Easy and convenient use
through abstracted Service API

  • Provide Crypto Service API
  • Provide Crypto Service API Specification and User Guide
  • Only required cryptographic algorithms can be selected
  • Easy porting on different processers

Low Resource

Minimization of resource
through ECU environment optimization

  • Executable in ECU RTOS Environment
  • Some of the cryptographic algorithms can improve performance and optimize code size through the use of HW acceleration devices, if it is implemented in HSM processor.

FAST™ CLIB Cryptographic Algorithm

Algorithm Standard Moduli Mode/Method
Hash FIPS 180-4 N/A SHA-256, SHA-512
GCM SP 800-38D 128 AES-GCM
CMAC SP 800-38B 128 N/A
HMAC FIPS 198-1 256, 512 SHA-256, SHA-512
RSA Signature Generation/Verification FIPS 186-4 2048 PKCS1.5, PKCSPSS
RSA Key Generation FIPS 186-4 2048 N/A
Symmetric Key Generation SP 800-133 128, 256, 512 N/A
Hash DRBG SP 800-90A N/A HASH-SHA-256, HASH-SHA-512
Diffie-Hellman SP800-56Ar3 (2048,256) FFC


If you have any questions regarding our product, please fill out the form below, so we can provide quick and efficient service. For urgent matters, please contact Customer Support.


FESCARO collect the following personal information for receiving and answering customer inquiries.

  • Objectives: To receive and answer customer inquires
  • Subjects: name, job title, department, company name, and contact information(cell phone number or company phone number, and email address)
  • Period of use and retention of personal information: 1 year from the collected date
  • *Note that you may not grant your consent to FESCARO to collect and use your personal information. However, if you do not agree to the disclosure of your personal information, you would be disadvantaged for service we provide.