Welcome to EDAboard.com

Welcome to our site! EDAboard.com is an international Electronic Discussion Forum focused on EDA software, circuits, schematics, books, theory, papers, asic, pld, 8051, DSP, Network, RF, Analog Design, PCB, Service Manuals... and a whole lot more! To participate you need to register. Registration is free. Click here to register now.

Register Log in

Security for IoT

Andrzej_N

Newbie
Joined
Jan 15, 2021
Messages
3
Helped
0
Reputation
0
Reaction score
0
Trophy points
1
Activity points
37
Hello everyone,

I think HTTPS for IoT (especially 8-bit uC) is difficult or even impossible. TLS certificates for small devices are impossible (internal IP). Messages from the browser are confusing for normal users. I have developed a concept for secure login and symmetrical encryption of the data transmission (see pic in attachment). Would like to discuss that.

Thanks for the effort in advance.
 

Attachments


MichalP

Junior Member level 1
Joined
Jul 16, 2018
Messages
17
Helped
1
Reputation
2
Reaction score
1
Trophy points
3
Location
Krakow
Activity points
78
I think keys are good thing to consider and lite ones I would go in this idea
 

Andrzej_N

Newbie
Joined
Jan 15, 2021
Messages
3
Helped
0
Reputation
0
Reaction score
0
Trophy points
1
Activity points
37
If nobody has any objections it has to be perfect :)

Thanks.
 

BradtheRad

Super Moderator
Staff member
Joined
Apr 1, 2011
Messages
13,885
Helped
2,755
Reputation
5,507
Reaction score
2,663
Trophy points
1,393
Location
Minneapolis, Minnesota, USA
Activity points
103,603
It's a modern-day paradox when you think about it...
People wanting supreme ease of connectivity, instantly, between their devices...
yet this aim is supposed to be compatible with safeguards to block any unwanted connections to their devices.

You may have a solution today for a certain device, but tomorrow someone will invent a malware app that bypasses your safeguard.
 

KlausST

Super Moderator
Staff member
Joined
Apr 17, 2014
Messages
18,920
Helped
4,209
Reputation
8,421
Reaction score
4,151
Trophy points
113
Activity points
124,366
Hi,

Sometimes it makes sense to use simple encryption. It depends on the application. When there is a propriate system often there is not much interest to "hack" the data stream.
The bigger the system (internet communication via Windows) the more people try to find out how to decrypt the data ... investing some time and maybe money.

But for your homebrew air condition control (for example) the neighbours probably won't spend much effort to get into your system.

Klaus
 

Andrzej_N

Newbie
Joined
Jan 15, 2021
Messages
3
Helped
0
Reputation
0
Reaction score
0
Trophy points
1
Activity points
37
Thanks for answer BradtheRad, Morgen Klaus.

Of course, absolute security is an illusion. There are security apostles who have never written a line of source code and unsettle users. Does a light switch have to be encrypted? Who makes the effort to attack it.

I wanted to make a protocol that was simple, implementable and "invisible" to users. It's shure not HTTPs.
It cost 5kB ROM and 50B RAM (8bit PIC). The access has become irrelevantly slower.
 

Part and Inventory Search

Welcome to EDABoard.com

Sponsor

Top