CRYPTOGRAPHY - RSA in Arduino

I have a project where I will send an encrypted data using RSA from mobile app to arduino. Now, to get the plaintext sent by the mobile app, I should apply RSA decryption algorithm to Arduino. But, I can't find any sample code of RSA in Arduino.

Can I apply 2048-bit RSA encryption in Arduino Uno & Arduino Nano? Why can't I see a lot of RSA sample code in Arduino?

Deeply need some help.

Why can’t I see a lot of RSA sample code in Arduino?

One working example should be all you need. Which did you try, of the several available?

Consider also using one of the many other implemented encryption algorithms.

I was tried adding this repo (GitHub - arpitchauhan/cryptographic-protocols-arduino-and-PC: This project demonstrates how cryptographic protocols can be implemented for the case when an Arduino board and a PC communicate.) as library in arduino IDE but it has some bugs like: “Special folder/zip file does not contain a valid library.” I event tried manually copy paste it on new sketch and I get a new bug, “Error compiling for board Arduino/Genuino Uno.”

I also find this library (AVR-Crypto-Lib/en – LaborWiki) yesterday but it doesn’t have RSA. Can you explain me why??

I found this library a while ago (GitHub - arduino-libraries/ArduinoBearSSL: Port of BearSSL to Arduino) and I’m not quite sure how to use the rsa library here çause there were no sample of any rsa.ino using this library especially in arduino uno.

It’s a Thesis project and it was already on the manual to use RSA cryptography. I didn’t knew it was so hard to find samples which I can use on my project. It would be too hassle to change what’s on the manual.

Attached file is the sample of the manual copy paste from the repo which got me the error compiling message. Pls let me know what’s wrong.

RSA.ino (6.96 KB)

The RSA.ino file that you posted is just a collection of C/C++ functions, a library if you wiii, and I see no obvious problems with it.

If you wish to exercise those functions to encrypt or decrypt data using an Arduino and the IDE, you will need to provide a standard Arduino framework .ino with setp() and loop(), to call them.

I have the impression that you are not familiar with Arduino. If that is the case, try out some of the examples provided.

To get the most out of this forum, please read and follow the directions in How to use this forum.

my mistake. i forgot to type the void setup() and void loop(). but i still have no idea how to use the library if i wanted to encrypt and decrypt a byte. can anyone help me? Given that i have a static public and private key and that the plaintext will be converted from string to byte since i will send it to arduino. :frowning:

i am also confused why the library used a long function in the decryption and encryption. is the result always in integer? so i still need to convert the plaintext which is from byte into long int?

long* rsa_encrypt(char* plaintext, long* key) {
//long n = key[0];
//long e = key[1];
long* plaintext_list;
long* ciphertext_list;
int length = strlen(plaintext);

plaintext_list = string2ascii_int_list(plaintext);

ciphertext_list = new long[length];
Serial.write(“inside hell called rsa_encrypt\n”);

for (int i = 0; i < length; ++i) {
Serial.write(“plaintext_list[”); Serial.print(i); Serial.print("] = "); Serial.println((plaintext_list*));*
ciphertext_list = raiseto_mod(plaintext_list*, key[1], key[0]);
_ }_
return ciphertext_list;
_}_
long rsa_decrypt(long* ciphertext_list, long* key, int length) {

* //long n = key[0];*
* //long d = key[1];*
long* plaintext_list;
* //int length = sizeof(ciphertext_list)/sizeof(ciphertext_list[0]);
plaintext_list = new long[length];
_ for(int i = 0; i < length; ++i) {_
plaintext_list = raiseto_mod(ciphertext_list, key[1], key[0]);
_ } _
return plaintext_list;
_}*_

I don’t think you’ll be able to fit a 2048bit key, plus intermediate big math variables, plus cyphertext, plus plaintext, in the 2048 bytes of ram that is available on an Atmega328p.

i intended to only have the decryption function of RSA in arduino since the ciphertext is sent by the mobile app. will it consumes really that much on the RAM of arduino? if not, would it still be possible if i use 1024 or 512 bits?

tam12345:
i still have no idea how to use the library if i wanted to encrypt and decrypt a byte. can anyone help me?

It looks like you encrypt by calling rsa_encrypt() with the plaintext (a C string) and the encryption key (a list of two long integers). It looks like that would limit you to 64-bit keys?

It looks like you decrypt by calling rsa_decrypt() with the ciphertext (a pointer to a list of longs), the encryption key (a list of two long integers), and the length of the plaintext. The result is a pointer to a list of longs, each containing one character. Perhaps there is a helper function like the string2ascii_int_list(plaintext) but in the opposite direction.

You should maybe consider an ESP32 which has native support for RSA

I'm thinking of using AES instead. But is it redundant that I'm using AES algorithm when my arduino nano 33 ble has already a built in AES encryption? Am I right that the built in encryption of bluetooth in nano 33 ble is 128-bit AES? If yes, how could I access/edit the built-in encryption?

On the nano 33 BLE, encryption is built in to the nRF52840 radio module. See the chip documentation for how to use it.

an I apply 2048-bit RSA encryption in Arduino Uno & Arduino Nano?

my arduino nano 33

Do you have a n original "Nano", or a "Nano 33"? The Nano33 has a significantly more powerful CPU that the Uno or original Nano, and RSA might be more reasonable.
I found this: https://www.jfokus.se/jfokus15/preso/IoT-security%20feasibility.pdf
It looks like they were able to do 1024bit decode of RSA on an Uno in something like 100s. (I hope I'm misreading that, or they mis-typed it.)
Also, is your "mobile app" actually doing plain RSA? Frequently RSA is so expensive (even on larger computers) that "secure data" is done by exchanging KEYS using RSA, and then using a simpler algorithm for actually transferring the data...

my arduino nano 33 ble has already a built in AES encryption

westfw:
Do you have a n original "Nano", or a "Nano 33"?

I have arduino nano 33 ble and also arduino uno atmega328P. Hoping I could do RSA on both since arduino nano 33 ble hasn't arrived yet (it was ordered online). So now I'm trying to work with RSA on Uno. I don't if it will have a big difference once I transferred my algorithm to nano 33 ble assuming I've successfully implemented RSA.

westfw:
I found this: https://www.jfokus.se/jfokus15/preso/IoT-security%20feasibility.pdf
It looks like they were able to do 1024bit decode of RSA on an Uno in something like 100s. (I hope I'm misreading that, or they mis-typed it.)

I already emailed the person posted that just now. Hoping I could ask for his sample code of RSA 1024 as a guide. Thank you so much for giving me the reference. Let's see what's next when he replies.

westfw:
Also, is your "mobile app" actually doing plain RSA? Frequently RSA is so expensive (even on larger computers) that "secure data" is done by exchanging KEYS using RSA, and then using a simpler algorithm for actually transferring the data...

Based on my project I'm working on, the mobile app is only meant for encrypting data since my Arduino will be receiving from mobile app and so arduino is only for decrypting. Do you think it is not advisable to use RSA on my app? Will it consumes that much? I'm using 1024-bit..

johnwasser:
It looks like you encrypt by calling rsa_encrypt() with the plaintext (a C string) and the encryption key (a list of two long integers). It looks like that would limit you to 64-bit keys?

It looks like you decrypt by calling rsa_decrypt() with the ciphertext (a pointer to a list of longs), the encryption key (a list of two long integers), and the length of the plaintext. The result is a pointer to a list of longs, each containing one character. Perhaps there is a helper function like the string2ascii_int_list(plaintext) but in the opposite direction.

In decryption, how much maximum bit keys can I use? Since I'm only implementing decryption function in Arduino. TO clarify, plaintext is not a C string but it was declared as int long variable.

tam12345:
In decryption, how much maximum bit keys can I use? Since I'm only implementing decryption function in Arduino. TO clarify, plaintext is not a C string but it was declared as int long variable.

It looks like the key is two longs. On an UNO that would be 64 bits... but the two longs are treated separately: one is 'e' the power to raise the plaintext to and the other is 'n' the modulo to take of the result. It looks like during encryption each character of the plaintext gets expanded into a list of long ints but after decryption it is up to you to turn the list of long ints back into characters. That is why I mentioned that the library might have a function to do that conversion.

Your questions have gone beyond what I know about RSA.
As I understand it, encryption and decryption are essentially identical, mathematically:

   result = pow(m, key) % n;

Decrypt is slightly easier because you don't have to calculate the keys (which seems more complicated than the actual encrypt/decrypt)
There are apparent "relatively efficient" ways of doing pow(m, key) % n (where key is very large.) It's not clear whether the examples you've found, or any of the standard big number math packages, actually use those algorithms.

I made a system where two Arduino Unos communicate with Morse code. But I want this communication to be encrypted. How can I include morse codes with symmetric or asymmetric encryption algorithms in this system? I need a lot of help. : '(

gopboy:
I made a system where two Arduino Unos communicate with Morse code. But I want this communication to be encrypted. How can I include morse codes with symmetric or asymmetric encryption algorithms in this system? I need a lot of help. : '(

The code has 36 characters so you can represent 5 bits (32 symbols) with each character. You can use the remaining 4 characters to indicate framing, like start of message and between blocks of binary. Encrypt the binary blocks like any other binary message (maybe use the Arduino Cryptography Library: GitHub - rweather/arduinolibs: Arduino Cryptography Library)