Welcome to EDAboard.com

Welcome to our site! EDAboard.com is an international Electronics Discussion Forum focused on EDA software, circuits, schematics, books, theory, papers, asic, pld, 8051, DSP, Network, RF, Analog Design, PCB, Service Manuals... and a whole lot more! To participate you need to register. Registration is free. Click here to register now.

Security for IoT

Status
Not open for further replies.

Andrzej_N

Newbie
Joined
Jan 15, 2021
Messages
3
Helped
0
Reputation
0
Reaction score
0
Trophy points
1
Activity points
41
Hello everyone,

I think HTTPS for IoT (especially 8-bit uC) is difficult or even impossible. TLS certificates for small devices are impossible (internal IP). Messages from the browser are confusing for normal users. I have developed a concept for secure login and symmetrical encryption of the data transmission (see pic in attachment). Would like to discuss that.

Thanks for the effort in advance.
 

Attachments

  • Verschlüsselung.gif
    Verschlüsselung.gif
    34.8 KB · Views: 168

MichalP

Junior Member level 1
Joined
Jul 16, 2018
Messages
17
Helped
1
Reputation
2
Reaction score
1
Trophy points
3
Location
Krakow
Activity points
78
I think keys are good thing to consider and lite ones I would go in this idea
 

Andrzej_N

Newbie
Joined
Jan 15, 2021
Messages
3
Helped
0
Reputation
0
Reaction score
0
Trophy points
1
Activity points
41
If nobody has any objections it has to be perfect :)

Thanks.
 

BradtheRad

Super Moderator
Staff member
Joined
Apr 1, 2011
Messages
14,537
Helped
2,851
Reputation
5,712
Reaction score
2,837
Trophy points
1,393
Location
Minneapolis, Minnesota, USA
Activity points
108,533
It's a modern-day paradox when you think about it...
People wanting supreme ease of connectivity, instantly, between their devices...
yet this aim is supposed to be compatible with safeguards to block any unwanted connections to their devices.

You may have a solution today for a certain device, but tomorrow someone will invent a malware app that bypasses your safeguard.
 

KlausST

Super Moderator
Staff member
Joined
Apr 17, 2014
Messages
22,254
Helped
4,613
Reputation
9,242
Reaction score
4,880
Trophy points
1,393
Activity points
147,017
Hi,

Sometimes it makes sense to use simple encryption. It depends on the application. When there is a propriate system often there is not much interest to "hack" the data stream.
The bigger the system (internet communication via Windows) the more people try to find out how to decrypt the data ... investing some time and maybe money.

But for your homebrew air condition control (for example) the neighbours probably won't spend much effort to get into your system.

Klaus
 

Andrzej_N

Newbie
Joined
Jan 15, 2021
Messages
3
Helped
0
Reputation
0
Reaction score
0
Trophy points
1
Activity points
41
Thanks for answer BradtheRad, Morgen Klaus.

Of course, absolute security is an illusion. There are security apostles who have never written a line of source code and unsettle users. Does a light switch have to be encrypted? Who makes the effort to attack it.

I wanted to make a protocol that was simple, implementable and "invisible" to users. It's shure not HTTPs.
It cost 5kB ROM and 50B RAM (8bit PIC). The access has become irrelevantly slower.
 

Status
Not open for further replies.

Similar threads

Part and Inventory Search

Welcome to EDABoard.com

Sponsor

Top