Is there a crypto ported to Arduino?

Hi
I'm currently building a lawnmower robot. I plan to use a mega 2560 with wifi and GPS for the robot.
To avoid that the robot "can be used elsewhere" 8) and to be able to trace the robot if someone has "displaced my robot" ]:smiley: I would like to add some security to my robot start-up sequence.
The idea is as follows. At start-up the robot waits for the GPS and wifi to be active.
Using the wifi the GPS location, date, time and robot ID is send to a server. The server provides a go/nogo to the robot.
To avoid middle man and other ways to avoid my security measurements, I need to encrypt the information send between the robot and the server. I'm very well aware I don't need a "high security level for this" but having everything readable to a sniffer is not an option.
I have been reading up on security algorithms but most algorithms I've been reading seem pretty hard to implement on a 8 bit processor. (and to be hones I'm not getting more than the concepts)
So my question is: "are there Algorithms available to Arduino that could support my scenario?" I'm thinking of DES, 3DES, MD5, SHA-1, RSA, AES ....? But I am interested in any "cryptographic algorithm that is implemented and publicly available".
Best regards
Jantje

You don't just need to use cryptography, you need a cryptographic protocol that is secure. For instance you probably want to be secure against a "replay attack" where the attacker eavesdrops one of your sessions and then just replays the server-side responses - if you haven't made provision to prevent this it won't matter if you use encryption or not. (And the attacker doesn't have to know anything about your system, just try the replayed session).

First though you need to make a realistic assessment of your "threat model" - what kind of attacker is there likely to be and what might they be able to do - they make sure you've provided for those attack modes.

You are likely to want authentication rather than secrecy, note.

If you need AES I've got a library to do this, see: http://arduino.cc/forum/index.php/topic,88890.0.html

But remember if your authentication test is vulnerable to replay it might not be enough - and its hard to generate random numbers or test timestamps on a small microcontroller.

MarkT
Thanks for the advise and link.
I'm not so much scared about the replay attack. Why? I'm including the gps location and the GPS received date and time. The server should respond with this information so a replay can not be done. And I'm not worried about people trying to do a replay each time the robot is restarted (which is at least 1's a year) in general as it is to cumbersome (they may just as well rewrite the Arduino code).
I'm just hoping that trying to start the robot will unveil the robot's gps location to me. Which is not so obvious as I use encrypted wifi with a specific SSID at home. The likelihood that the robot will be able to connect "as such" at the "new location" are next to null. Some "intelligence" and "hacking" will need to be done before I even can hope on receiving a gps location on my server. That is basically why I do not want to put to much effort in the protocol and I'm looking for a "available" protocol.
I'll look into the link tonight.
Best regards
Jantje

ps Note that as I plan to use a standard arduino with shields. This hardware remains vulnerable so it doesn't help investing in a watertight software solution.

There is CryptoSuite. GitHub - maniacbug/Cryptosuite: Cryptographic suite for Arduino (SHA, HMAC-SHA) My fork just adds 1.0 compatibility.

Wauw Much more response than I had hoped for.
So Now I have an implemented SHA-1, SHA-256, HMAC-SHA-1 and HMAC-SHA-256 and AES :slight_smile:
As far as I can see they are all good enough for me.
I have been looking at both libraries and I fear some basic knowledge is still missing here :fearful:
Assume I say my robot ID is 16Bits (int) , The GPS coordinates are 64 bits (2longs) and the date and time take 48 bit (6 Bytes).
So my message is binary wise 128 bit or 16 bytes.

Using AES
This turns out to be exactly 1 N_BLOC in the AES library. So I can easily encrypt and decrypt this to another N_BLOC.
I assume I then will have to convert this binary to a ASCII string to send it over the Ethernet module.
My first question is: Assume I had 17 bytes. Do I pad those with garbage to get to 32 bites? and do 2 blocks?

Using SHA
I guess i first convert the bits to a string and then call the SHA function. What is not clear to me is what the readme file states

The hash result is then stored in hash[0], hash[1] .. hash[19].

My second question is
Do I always get a hash from the same size?
My third question is:
If the web sever sends an encrypted message back how can I decrypt? I mean I haven't found a decrypt method in the readme. (I havn't unpacked yet)

In both cases
Is there a good implemented "covert bin to char" (and the other way around) algorithm?
Do I only need to send this hash? I mean: does the decrypt get me back to my original message?
As Arduino is an 8 bit platform and the server will be 32 or 64. Will this be compatible?

Best regards
Jantje

I selected the AES as it had encrypt and decrypt. and I got the AES library to work :slight_smile:
I had some issues so I wanted to share the code.
The sketch below is my test program and it shows how to use the AES library.
It is long because there is plenty of checking and debugging info added because it just didn't work (I had 6 as keylength :0).

#include "AES.h"

#define KEYLENGTH 32  // this means 32 bit encryption only following values are allowed 16, 128, 24, 192, 32, 256
AES aes;
char PassString[] = "This is hard to believe but true however";// this must be at least KEYLENGTH characters long
byte key[KEYLENGTH];
void setup()
{
	Serial.begin(115200);

	Serial.println("Starting AES test");
	for (int i = 0; i < KEYLENGTH; i++)
	{
		key[i] = PassString[i];
	}

	if (aes.set_key(key, KEYLENGTH) != 0)
	{
		Serial.println(F("Failed to set key"));
	}
}

// The loop function is called in an endless loop
void loop()
{

	char Message[] = "A top secret message. 123456789012345678901234";
	byte plain[N_BLOCK];
	byte cipher[N_BLOCK];
	byte decrypted[N_BLOCK];

	Serial.print(F("message : '"));
	Serial.print(Message);
	Serial.println(F("'"));
	Serial.print(F("plain binary: '"));
	for (int i = 0; i < N_BLOCK; i++)
	{
		plain[i] = Message[i];
		cipher[i] = 0;
		decrypted[i] = 0;
		Serial.print(plain[i]);
	}
	Serial.println(F("'"));

	Serial.print(F("plain char: '"));
	for (int i = 0; i < N_BLOCK; i++)
	{
		Serial.print(char(plain[i]));
	}
	Serial.println(F("'"));

	if (aes.encrypt(plain, cipher) == 0)
	{
		Serial.print(F("encrypted : '"));
		for (int i = 0; i < N_BLOCK; i++)
		{
			Serial.print(cipher[i]);
		}
		Serial.println(F("'"));
	} else
	{
		Serial.println(F("Failed to encrypt"));
	}

	if (aes.decrypt(cipher, decrypted) == 0)
	{
		Serial.print(F("decrypted binary : '"));
		for (int i = 0; i < N_BLOCK; i++)
		{
			Serial.print(decrypted[i]);
		}
		Serial.println(F("'"));

		Serial.print(F("decrypted char : '"));
		for (int i = 0; i < N_BLOCK; i++)
		{
			Serial.print(char(decrypted[i]));
		}
		Serial.println(F("'"));
	} else
	{
		Serial.println(F("Failed to decrypt"));
	}

	delay(1000);
}

the serial monitor shows following output

Starting AES test
message : 'A top secret message. 123456789012345678901234'
plain binary: '6532116111112321151019911410111632109101115'
plain char: 'A top secret mes'
encrypted : '42123310212525483134722222673252149132239'
decrypted binary : '6532116111112321151019911410111632109101115'
decrypted char : 'A top secret mes'

Thanks for this Library
Best regards
Jan

If I were you I would be less concerned about somebody using the device without permission, and more concerned about somebody stealing the hardware. If you have a proprietary control interface it's vanishingly unlikely that anyone would be willing and able to put the effort in to breaking into it - but that won't stop them nicking it.

Peter
I don't quite understand what you are saying.

If I were you I would be less concerned about somebody using the device without permission, and more concerned about somebody stealing the hardware.

I don't quite see the difference between "using without permission" and stealing.
If they steal the device I hope they try to "use it without permission" and by doing so they tell me where the device is. Doing the telling without permission would be very easy to hack.
How would you advice to avoid nicking a lawnmower robot?
Best regards
Jantje

Make it growl if approached?

MarkT:
Make it growl if approached?

Lol
I like that approach. I could consider to add this feature after I get the lawn mowing part to work. 8)
Best regards
Jantje

Hi,

We are on a similar encryption journey. I have hit the N_BLOCK limit using this AES library and am loosing the remaining transmission text. To get around it, I am attempting multi-dimentional arrays of plaintext & ciphertext and rebuilding at the end. If you completed any more on this, I would be delighted to see. If not, I can keep you posted with my progress (or lack of!).

BTW, security is good for a bot, 3rd parties could cause it to misbehave, but you would be liable for the damage.

Thanks,

Dauhee.

Jantje:
I don't quite see the difference between "using without permission" and stealing.

'Stealing' means simply picking it up and carrying it off. Whether it's any good to them as a lawnmower, or as a bunch of parts, or just a useless box of junk they will sling off a bridge when they realise it's of no value to them, that's no consolation to you. The important thing is that you no longer have it. The fact it's hard for anyone else to use it as a lawnmower won't stop them stealing it and in no way secures your property. The only benefit I can see from your proposed security is to stop somebody from accidentally/deliberately causing it to do the wrong thing while it's playing in your garden.

Jantje:
How would you advice to avoid nicking a lawnmower robot?

  1. Dig a very big hole in your garden.
  2. Fill with concrete with a big steel ring set into the top.
  3. Chain the lawnmover, with a very heavy chain and padlock, to the ring.
    As additional security
  4. Connect the metal parts of you mower to 240v AC ]:slight_smile:

How would you advice to avoid nicking a lawnmower robot?

Just hire a guard to watch the lawnmower. Probably cheaper then hiring a gardener in the first place. :wink: