Go Down

Topic: SSL/TLS on Arduino Due (Read 3567 times) previous topic - next topic

Markus_L811

Jan 13, 2013, 02:38 pm Last Edit: Jan 13, 2013, 04:51 pm by Markus_L811 Reason: 1
Hello Guys,

I was thinking about SSL connections for the Due because there is more space and speed for that I have searched fot it but I found nothing only some parts about the CyaSSL and integration in LwIP for RTOS, and I have no idea how to integrate it, but this feature would be nice. Think the Due has the power for that.

And all the possibiltys, HTTPS, SSL/TLS for eMail connections and lots more...

Or PolarSSL looks comfortable for it https://github.com/polarssl/polarssl/blob/master/programs/ssl/ssl_mail_client.c
And I see Atmel puts allready some examples from it in the ASF but for the same uC that are worked in the Wifi-Shield.

Depends on this https://polarssl.org/discussions/platform-specific/atmel-microcontroller-wiznet-and-polarssl and this https://www.brainspark.nl/kb/how-to/polarssl-tutorial it should be possible to do this.

B.R.

Markus

ardiri

i've been working on a low-level protocol/standard for doing this.

http://ardiri.com/blog/utls_defining_lightweight_security_for_iot_part_1
http://ardiri.com/blog/utls_defining_lightweight_security_for_iot_part_2
http://ardiri.com/blog/utls_defining_lightweight_security_for_iot_part_3

i currently do have code for the Arduino to perform RSA1024 and RC4.. by simulating the layers of TLS; it should be possible to get a level of security that is solid enough to say "yes, it is secure". i am interested in collaborations; a while ago i did the RSA code on an Arduino UNO (and all subsequent models) - mixing C with avr assembly:

http://ardiri.com/blog/iot_security_feasibility_in_micro_controllers

since not much is happening in this area; i figured i would work on this project to bring saviour to a number of Arduino and other low-powered micro-controllers on the market.. i would be interested to discuss licensing; for my next blog entry i will have a working RC4 cipher within this protocol.

the best part is; we can run a single server - and have different layers of security for different micro-controllers. for example; for some micro-controllers, you may not care.. but others may be better off with at least rsa512/rc4 over nothing and the more powerful ones could do rsa2048/aes if be needed.
// Aaron Ardiri
independent IoT consultant

Go Up