socket com with SHA-Hash

Hi, I'm thinking for a more or less secure way to receive data from my Arduino through Ethernet. An easy way would be saving an static, pregenerated SHA-Hash on the Arduino directly in the source-code and xor everything before sending. In the (java) client I then have to enter the psw, it generates the same hash (if the psw is right), xor's again and can show me the decoded data. Yes I know this would only work for one psw but that’s enough, at least for the start. The problem is, if you can read the source-code from the Arduino over Ethernet my whole encryption would be useless. Does anyone know how much data you can (force) an Arduino to send over Ethernet?

Thanks for any help.

lg banick

Does anyone know how much data you can (force) an Arduino to send over Ethernet?

You can't force the Arduino to do anything. You program the Arduino to understand certain requests, and to make appropriate replies.

The "source code on the Arduino" is not something that you can get from the other end of an ethernet connection, simply because there is no source code on the Arduino.

The source code got compiled and linked into machine code. The machine code can be extracted from the Arduino, but not via an ethernet link, and can not be converted back into source code.

banick: An easy way would be saving an static, pregenerated SHA-Hash on the Arduino directly in the source-code and xor everything before sending.

I assume that it is the hash of the password which you would be storing. In that case you could then store the current password hash in EEPROM, which would make it possible to update it without re-writing your sketch.

The sort of solution you're describing would probably be slightly more secure than plain text but sounds as if it would be extremely easy to crack if anyone was seriously interested in doing so. I hope you weren't proposing to use this to protect any valuable information.

XOR against a constant is not a particularly secure form of encryption. Basically you replace a simple substitution cypher (where A becomes M and B becomes Z etc.) with a series of substitution cyphers. That is, if you have a 16-byte string you XOR against, your adversary first determines how long the string is (ie. when it repeats) and then applies the normal techniques for cracking a substitution cypher in lots of 16. In other words, not secure.

You could use the AES cypher, after all its reference source is available as are many implementations in C and C++.

[quote author=Nick Gammon link=topic=175627.msg1304068#msg1304068 date=1372980957] XOR against a constant is not a particularly secure form of encryption. Basically you replace a simple substitution cypher (where A becomes M and B becomes Z etc.) with a series of substitution cyphers. That is, if you have a 16-byte string you XOR against, your adversary first determines how long the string is (ie. when it repeats) and then applies the normal techniques for cracking a substitution cypher in lots of 16. In other words, not secure. [/quote]

As far as I understood it, you need a peace of known plaintext to easily crack xor and if the Arduino simply doesn't respond on a wrong psw it shouldn't be that unsecure (of course nothing compared to AES and Co.)

[quote author=Nick Gammon link=topic=175627.msg1304068#msg1304068 date=1372980957] You could use the AES cypher, after all its reference source is available as are many implementations in C and C++. [/quote]

Do you maybe know a good tut how to do this on an Arduino?

However the data I want to send isn't that secret anyway. I just don't want anyone to be able to read it that easily. The reason why I want to use a psw-hash and not just plaintext is only to keep my psw secret which is more important for me then the message itself.

Anyway at the moment the biggest problem I see to get a really secure communication is that Charlie could simply record a message, send it again and looks what happens. This wouldn't even change with AES. At the moment this means for me, that the client can't be allowed to do any changes in the system and can just be a listener. Any (simple) solutions for that?

That's called a Replay Attack, and the simple solution is to imbed serial numbers, and have the receiver not respond to the same serial number twice.

Well, I can’t really store the used serial numbers because I want to use the client on different machines but I think a simple time and date embedded in the message should do it too or do I forgetting something?

Oh by the way thank you very much for your help :wink:

banick: or do I forgetting something?

The techniques you're describing are useful steps towards secure communication but woefully short of being secure. If you just want to stop the kids next door from messing with your stuff then any form of obfuscation is probably all you need. However, if the data you're securing has any value then I strongly recommend you read up on secure communications algorithms.

PeterH:

banick: or do I forgetting something?

The techniques you're describing are useful steps towards secure communication but woefully short of being secure. If you just want to stop the kids next door from messing with your stuff then any form of obfuscation is probably all you need. However, if the data you're securing has any value then I strongly recommend you read up on secure communications algorithms.

Absolutely.

If you XOR against a secret key more than once, you lose all security properties. This is why its called a "one-time pad".

banick: Well, I can't really store the used serial numbers because I want to use the client on different machines but I think a simple time and date embedded in the message should do it too or do I forgetting something?

Generally the serial numbers would be per machine. That is, you would use a different key per client, so the replay shouldn't work on a totally different machine, and each client could remember the last used serial number.

However as PeterH says security is a complex issue, and "amateur" attempts are only likely to fool yourself into thinking it is secure rather than really being secure.

Thx for the comments so how is this:

Client: 1) enter psw -> HASH (PSW + Salt) 2) enter message -> encrypt AES ( message + current time) with HASH as key

transmit

Arduino: 1) decrypt with stored HASH 2) compare time: older then 1min ignore

The reply would work the other way round.

I really see no way to hack/crack this if the arduino is physically secure.

Thanks again for all the helpfull comments.

Lg banick

banick: I really see no way to hack/crack this if the arduino is physically secure.

Comms security is a huge subject and I don't think it is realistic of you to suppose that a scheme you have concocted in your first week of thinking about it is actually secure. Some very smart people have spent decades creating and breaking secure communication algorithms.

You need to decide how secure you want to make this i.e. how much knowledge and effort you want to be necessary to bypass your security, and then read up on secure communications algorithms and choose one that meets your requirements for security and is capable of being implemented by you within the constraints of an Arduino. Bear in mind that there are some algorithms which would require too much runtime resource or code to be practical on an Arduino, and you're going to have to make a compromise between security and practicality. Again, if you're just trying to stop next door's kids from messing with your stuff then you probably just need a bit of obfuscation; at the other end of the scale if you're dealing with data that has significant real-world value then you need real security.

At the very least you need to read and understand “Practical Cryptography” by Schneier+Ferguson.

Also with a real-time clock and a source of good randomness you cannot produce a secure comms node anyway,
so securing an Arduino is a “challenge”…

@PeterH

well most of this decades were spend on developing a encryption algorithm like AES. That's a never ending challenge yes but I don't want to do that. So for example I simple assume that AES is "uncrack able" and at least at moment I’m pretty sure that’s the case.

And it's not that difficult to get a scheme like this. I'm mean basically there are only two facts you have to make sure:

1) Nobody can read or change your message without you noticing it. 2) Nobody sends you an old message again.

And using a clock and not a random code doesn't make a reply attack impossible but very difficult because it would only work during a small time slot. And changing the PC clock f.e. wouldn't help in my case because the Arduino time matters.

So clearly you understand the concepts. How about you simply select a secure comms protocol that is secure enough for your needs (which you still haven't stated) and simple enough for you to implement on an Arduino?

Nobody can read ... your message without you noticing it.

I don't think you can achieve that part. I would never know if someone is reading my messages, encrypted or not. Being encrypted they might not understand them, but you can't prevent them being read.

PeterH: So clearly you understand the concepts. How about you simply select a secure comms protocol that is secure enough for your needs (which you still haven't stated) and simple enough for you to implement on an Arduino?

Well for my needs probably a simple xor would be enough but you don't really know this for sure until something goes wrong. I want to use it to get the status of a self-build alarm system. I simple send a couple of bytes which don't make any sense without the client (I defined the meaning of each byte in the message by myself). So I don't think anyone could understand it even if they were unencrypted. But because I want to arm and disarm the system over Ethernet too I would feel a lot better if it was encrypted. We are only talking about 9 byte / message (9 chars) here so not a lot to do for the Arduino.

The reason why I want to build the encryption more or less by myself is mostly because of the challenge ;)

How about using key pair encryption? Ask the arduino (in plain text) for its public key, use it to encrypt the command message.

[quote author=Nick Gammon link=topic=175627.msg1313205#msg1313205 date=1373585097]

I don't think you can achieve that part. I would never know if someone is reading my messages, encrypted or not. Being encrypted they might not understand them, but you can't prevent them being read. [/quote]

Well it's not really reading if you just see a mix of 1s and 0s and can't understand it at all.

wildbill: How about using key pair encryption? Ask the arduino (in plain text) for its public key, use it to encrypt the command message.

Something like PGP you mean? Well I thought about that but it’s not necessary in my case. Using a public/private key system only makes sense if you can't or don't want to tell your (private) password to anyone else, even the one who sends you the message. Not really the case if both sides are basically the same person: me ;). And because you have to work with this extremely large prim numbers it's so slow even a couple of bytes would be a lot of work for my little Arduino. AES is a lot faster ( I don’t know it exactly but a 100 times at least).

banick: Well for my needs probably a simple xor would be enough but you don't really know this for sure

Well, I don't have the slightest idea because you still haven't explained what you're trying to achieve or what degree of protection you need to achieve it, so all I can do is agree with you.