Asymmetric encryption implementation in nodes, emonHub and emonCMS

There have been several discussions in different forum topics about the implementation of some kind of encryption. I open this trhead now with the aim of using it as areource for development and discussion about this issue.

Why do we need encryption?

For sensors sending meassurements we want to keep privacy on one hand but also for security. You could easily find out when a house is empty during the day or when everybody has gone to sleep just looking at their electricity consumption.

For base stations sending control signals to the nodes. this is a very important one, if there is not encryption anybody could send control signals to our nodes. To make it even more secure we should have authentication over and encrypted connection, emonhub would only send control packets when an authenticated user asks for it..... but for now we will happy if we get to the encryption.

What kind of encryption
We have two types:

  • Symmetric: the same key is used to encrypt and decrypt the messages. Both the sender and receiver know this key.
    • Pros: require little processing and memmory
    • Cons: in our case wthere is one jey per base station. When we upload the firmware to the node we need to include the key. Another option would be that the node requests the key and the base station sends it ijn a non encrypted message. In this case if somebody catches the key, they will have access to all the communications that this base station is involved.
  • Asymmetric: there are two keys.  you use the public key  to encrypt and the private key to decrypt, if you try to decrypt with the public key what has been encrypted with the public key it doesn't work. That is why it is secure.
    • Pros: each element has its own keys. If a node wants to communicate in a safe way with the base station, it just have to ask for the public key and send the encrypted data, the same in the other direction. Security is not compromised at any time.
    • Cons: generating the encrypted message requires a lot of processing and memmory. As far as i have researched it can take up to 2 seconds to encrypt a messahe (depending on the algorythm you use and how long are the keys)

Where to implement the encryption
Basically everywhere where the communication starts or ends: nodes, emonhub and emoncms. I guess when emonhub and emoncms are in the same pi, it shoud be ok not to encrypt but this need to be explored. I have thought about how to implement this on each element but i will not go through all of them as i am not completely sure we will be able to implement it in the nodes, so until we found this out i wll frget about emonhub and emoncms.

Asymmetric encryption in Arduino
As said before, asymmetric encryption requires lots of processing and memmory. After a good google research i haven't found anybody who has implemented it for Arduino :-(

This is the only thing i found specifically about arduino: http://forum.arduino.cc/index.php?topic=191411.5
and finally the guy uses AES (symmetric encryption)

Then i have found 

https://code.google.com/p/opencryptotoken   

http://www.cmmsigma.eu/products/crypto/crs_avr010x.en.html

But i am not completely sure about how to use them or in fact if they are of any use. I have contacted them asking for some info so hopefully i will have some positive things to feedback.

 i'll carry on working on this and update through this forum thread.

Cheers,

    Carlos

 

 

cagabi's picture

Re: Asymmetric encryption implementation in nodes, emonHub and emonCMS

Hi again,

So things move slowly but they move. As i am not an expert at all, i am learning as i walk. After lots of confusion, studying the Ellyptic Curves over finite fields theory, research on implementations of ECC for Arduino (and other things that now seem a waste of time but have been deeply enjoyable ;-) I got to the conclusion: what we need is an implementation of the "elliptic curve diffie-hellman key exchange" (ECDH), which means that using public-key cryptography we can generate an AES shared key that will only be known by the parties involved (node and base station). So the AES shared key does not need to be handcoded in the node's firmware (main reason for all this mess :-).

AES is already implemented in the radio chip and as far as i have read, if we want to implement it in the Arduino sketch it will not be critical in terms of hardware resources (and there are also several libraries to do it). Once the key exchange is working, the next step will be to use AES.

About opencryptotoken and sigma....

In the previous post i said i was going to look onto this two things. Now i can see there are of no use.

- Sigma library: you have to pay :-(
- Opencryptotoken: i couldn''t really understand the code and that's why i decided to study some theory of ECC, finally I think what they do is to sign and encrypt but doesn't do ECDH, we cannot use it as a library. Also when i tried to get in contact somebody kindly replied "there are implementations of ECC for AVR out there, find them"

MIRACL - bignum library

My research has brought me to a bignum library: MIRACL 

From their website: MIRACL (Multiprecision Integer and Rational Arithmetic C Library – the MIRACL Crypto SDK) is a C software library that is widely regarded by developers as the gold standard open source SDK for elliptic curve cryptography (ECC). 

MIRACL doesn’t need separate codes for different architecture. MIRACL uses a special purpose technique for automatic generation of optimal assembly language that is grounded on a bespoke macro-based system. These macros are already available for the majority of common architectures.

Also they have plenty of examples.

Download Miracl github

Tomorrow, i will give it a go and try to use MIRACL to generate the shared key between an emonTx and Nanode.

Other things to start thinking about

  • Pseudo-random number generators (PRNGs): there will not be a problem to use them in a PC or Pi to generate keys, and what in Arduino?? We need them if we don't want to hand code the keys in the firmaware
  • Which domain parameters shall we use: have a look at the different standards and recommendations: NIST, NSA Suite B, SEC
  • Security issues: how to avoid "man-in-the-middle" attack without a Certificate Authority.
  • Stress tests for Arduino using the library: i cannot think on any for the key exchange, but maybe once we are using AES we could check the longest message that Arduino can encrypt decrypt before running out of memmory.

Good links to learn
In general wikipedia is the source of knowledge, but if you want to know what they are talking about I recommend the tutorial (doable in two evenings while drinking wine ;-)

Cheers

   Carlos

TrystanLea's picture

Re: Asymmetric encryption implementation in nodes, emonHub and emonCMS

Hello Carlos, this is very interesting and thankyou for sharing all your research on this. Im looking forward to hearing how you get on with your next step with the emontx and the nanode!

jmessenger's picture

Re: Asymmetric encryption implementation in nodes, emonHub and emonCMS

I'm just guessing here based on the trouble I've had generating stable sketches for EmonGLCD and to some extent EmonTx: this may be hard to achieve on the hardware we have.  These devices have very limited global variable space and code space. Also exchanging large messages over the packetised radio channel is difficult due to the lack of a network layer.  I'm not saying it can't be done, but it's worth sizing the necessary data exchange early on to help determine feasibility.

cagabi's picture

Re: Asymmetric encryption implementation in nodes, emonHub and emonCMS

Hi jmessenger, thanks for your comment but I hope you are not right ;-)

It seems the asymmetric encryption will push the Arduino board to its limits but it is worth a go. I wonder how long will be be 128 bits key ECC encrypted plus some other ascii characters that will be the message emonTx will get. I'll have a look at that.

By the way if anybody is wondering I got stack building the Miracl library for AVR. Not very exciting news :-(

    Carlos

cagabi's picture

Re: Asymmetric encryption implementation in nodes, emonHub and emonCMS

Right i think we have it!!!

but first a bit of update. I have been able to build Miracl for AVR but it was itself to big for the flash memory, we can cut it down and remove things we wouldn't use. This library has all the encryption functions so it would be great to have it for Arduino but the developer thinks that it requires a minimum of 4k RAM, so make it work would be a great pain.

But the very good news (hopefully) is that i changed the terms of my searches and looked for just ECDH for Arduino instead of ECC (which implies encryption and decryption) I found this library that implements ECDH and comes with Arduino sketches. This must be the one!!! https://github.com/kmackay/micro-ecc

I'll try to give it a go during the weekend.

Cheers everybody,

   Carlos

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.