Data Integrity and Aysmetric Encryption


I am working on an Project which collects sensordata and stores them on a sdcard. The user is later able to upload the data to a webpage for further processing.

I would like to ensure that the data is not tampered. The encryption itself is not necessary. Decryption is done offline so need for that on the Arduino. For a first approach time limitation is not an issue.

I am somewhat stuck, is generating a Hash for the data sufficient or do I need full asymetric encryption? Storing the encryption key on the device seems to be no option.

Thanks Janef

What scenario/attack do you have in mind?

How exactly is the data transferred to the webpage? By the Arduino transferring the SD card content, or by some user who grasps the card and plugs it into a different computer for transmission?

A user (which I may not fully trust) uses device to record his data. After returning home he attaches the arduino via usb and uploads the files.

Well, this might be a bit off but one would actually need a USB-MDS function which I not found. So I went the "dirty way" and got one of the smalest sdcard readers (is only slightly bigger than an usb connector) and wired the connections of the SD Card slot to mine. I used the usb power of the sdcard reader to cut power for the teensy since I do never read and write at the same time. This is not a clean solution but works for me.

The user accesses the sd card an can upload the file. Since I want to ensure, that the user does not change the file (for example changes the velocity or duration), I want to ensure the integrity of the data.

Best Janef

What could prevent the user from reading the files, modifying them, and sending them on to the server?

There exist many ways to secure files or transmissions. If you want to encrypt the files, again many algorithms can be used. It's up to you to select some procedure, or to find existing code for that. Eventually a network protocol (VPN...) will provide the best protection, with the network firmware already implemented in a communication module (ethernet, BT...). Then only the server and the Arduino were involved in the transmission.