Go Down

Topic: I want some idea/library to defense "Replay Attack" for my NRF24L01+Arduino. (Read 10136 times) previous topic - next topic

Halry



Get that.Now I am working on that.I am going to use random number to increase security.Thanks your idea.And can you introduce some AES library.Easy to use.Support Char/Unsigned Long.....



https://github.com/DavyLandman/AESLib

Personally, I think AES on an Arduino is hitting a fly with a sledgehammer. The CHAP already mentioned is reasonably secure for any noncommercial Arduino application I can imagine. But that's just my .02.

And the library which you told me can't encrypt char.....
Code: [Select]
#include <AESLib.h>
void setup()
{
  Serial.begin(9600);
uint8_t key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
char data[] = "a"; //16 chars == 16 bytes
aes128_enc_single(key, data);
Serial.print("encrypted:");
Serial.println(data);
aes128_dec_single(key, data);
Serial.print("decrypted:");
Serial.println(data);
}

void loop()
{
}

Than I got this:
encrypted:Z¹}?
²YÒ;;W?j.h
decrypted:s«?¬×Ò<Õ   Iì0>h

tylernt




can you introduce some AES library.Easy to use.Support Char/Unsigned Long.....

https://github.com/DavyLandman/AESLib

Personally, I think AES on an Arduino is hitting a fly with a sledgehammer. The CHAP already mentioned is reasonably secure for any noncommercial Arduino application I can imagine. But that's just my .02.

And the library which you told me can't encrypt char.....
I never said that. I just said AES was overkill. And if millis() isn't secure enough because someone might guess it, I don't see how RandomSeed (which easier to find out the value of than millis()) is going to help.

Now, analogRead() on a floating input -- an input connected to a long wire or PCB trace so it can pick up all sorts of RF hash -- that would be a better source of entropy for AES.

Halry

Yes.I mean that using the analogRead().Leave a analog pin float.

And I just found a AES library is better.https://github.com/una1veritas/Arduino/tree/master/libraries/AES128

And can you tell me without AES which is suitable to use? :smiley-roll:.I know AES is overkill.But I don't find out which is better.I use AES just because AES is famous......

if one random number doesn't enough.You can make random2/random3.But AES will make system more slow.

All for that I just want to use CHAP to make sure TX is TX.not the hacker.

If there is a better way to get that.Please tell me.

Go Up