gioblu / cape Goto Github PK
View Code? Open in Web Editor NEWString encryption for Arduino, limited microcontrollers and other embedded systems.
String encryption for Arduino, limited microcontrollers and other embedded systems.
following the discussion present here: #13 as correctly suggested by @Pharap, should be evaluated if to keep Cape ports in the src dir in this repo or create other repos to store them. For me is fine to host the python implementation in the src dir and examples in the examples dir. It should not interfere with the examples listing within the Arduino IDE and could be handy.
If @colinta is ok with that and prefer to leave to me the maintainance, and @Pharap does not see any additional downsides the inclusion of py scripts within this repo should be fine in my opinion.
Let me know what you think about it.
Hi, so I continue my work using you script and I hit a problem. I'm not 100% this is an issue, because the logic changed and I'm still trying to wrap my head around the code. So here we go:
I prepared a simple script which:
encrypts 2bytes (0xAA 0xEE
)
uses 10 iterations
#include <Cape.h>
Cape cape("oEpHgSPFvZ6TzrzkaKMX", 10);
#define DO_ENCRYPT 1
#define DO_DECRYPT 1
void setup() {
Serial.begin(115200);
}
void loop() {
#if DO_ENCRYPT
char in[] = {0xAA, 0xEE};
cape.encrypt(in, 2);
byte enPacket_1 = cape.result[0];
byte enPacket_2 = cape.result[1];
byte enPacket_3 = cape.result[2];
Serial.print("0x");
Serial.print(enPacket_1, HEX);
Serial.print(" | ");
Serial.print(enPacket_2, HEX);
Serial.print(" | ");
Serial.println(enPacket_3, HEX);
delay(1000);
#endif
#if DO_DECRYPT
char out[] = {enPacket_1, enPacket_2, enPacket_3};
//char out[] = {0xC9, 0xE2, 0x3B};
cape.decrypt(out, 2);
byte dePacket_1 = cape.result[0];
byte dePacket_2 = cape.result[1];
Serial.print("0x");
Serial.print(dePacket_1, HEX);
Serial.print(" | ");
Serial.println(dePacket_2, HEX);
delay(1000);
#endif
}
If I set DO_ENCRYPT 1
and DO_DECRYPT 1
I get this
0xC1 | EA | 33
0xAA | EE
0x81 | AA | 73
0xAA | EE
0x5B | 70 | A9
0xAA | EE
0x17 | 3C | E5
0xAA | EE
0xDF | F4 | 2D
0xAA | EE
0xEF | C4 | 1D
0xAA | EE
0xAB | 80 | 59
0xAA | EE
which is correct.
Then I set set DO_ENCRYPT 1
and DO_DECRYPT 0
and I get this
0xC1 | EA | 33
0x9 | 22 | FB
0x15 | 3E | E7
0xAB | 80 | 59
0xEB | C0 | 19
0x23 | 8 | D1
0x3B | 10 | C9
0x7B | 50 | 89
I then:
char out[]
with this values like so char out[] = {0xAB, 0x80, 0x59};
DO_ENCRYPT 0
and DO_DECRYPT 1
0xF3 | B7
0xB6 | F2
0xB6 | F2
0xB6 | F2
0xB6 | F2
Any ideas why data is not decrypted to the same value. As far I understand 3th byte is initialization byte which just "mangles" data.
See here: https://www.reddit.com/r/crypto/comments/7rpvur/cape_can_you_break_it/dsyx1w8/
I suggest a banner at the top of the readme explaining that this algorithm is for research and educational purposes only and that it shouldn't be used in production.
Missing minor, and not being full semver the actual versioning make the library not compatible with the Arduino IDE library registry. It obviously would be nice to be part of the libraries listed there. I see it is possible to edit the version number related to a certain release and add to each the missing .0, do you think this is a possible solution?
I've been thinking.
The iv has to be recovered before the data can be decrypted, but at the moment it's at the end of the data - so the last byte has to be read before the first byte, which is inefficient.
If the iv was moved to the start of the encrypted data, then decrypting might be more efficient because the whole operation would then be one traversal through the data instead of skipping to the end and then backtracking.
(It would also allow more efficient implementations in languages that use (one-way) streams or iterators.)
I have implemented cape in mmbasic for my PicoMite :)
https://github.com/pgrobelniak/cape-mmbasic
Make a npm library of Cape
If you output index on line Cape.cpp:83
Serial.println(i % _key_length - 1);
You will see that for first i
there is always -1
which means that _key[i % _key_length - 1]
is undefined/unset, therefore data is not encrypted correctly.
p.s.: I decided to go ahead and implement my own version of cipher because there was just to many differences and modifications for my specific project (constantly changing encryption key, optional use of vector,...). But I will keep my eye on this project because I'm working on another project which is more suitable for this implementation.
I was tweaking the Serial Hash code (removed the random function of key and salt). Upon running the code my Serial Monitor output is like this,
I tried to take serial output in tera term, and my output like this,
I tried changing the baud rate, but it's no use.
Works fine with other key/salt/message combination.
Any Suggestion/Advice would be helpful. TIA
Is there a limit on strength? If I run example with strength=10 decode message is not 0K
Being the present algorithm weak, It would be cool to discuss about the next iteration, and educational to develop a new algorithm to see how much better can perform if analyzed by great experts.
I am still taken developing examples showing how the present algorithm can be easily broken also if the code is run on small microcontrollers like the Arduino UNO, but feel free to share your point of view.
Thank you for your support :)
Is there a means of changing the key once the program is running that uses the Cape library? I have the instantiation working fine, but wish to change keys periodically for security reasons without aneed to restart and find a means to load a new key at start up.
Thanks.
Please provide an example that eats this technique.
it will be a bitter remover for beginners.
Ho does anyone know how could ai retreive the python version of this library.
I was intending to communicate a microcontroller with a raspberry pi sort of securely by using this library.
I have it working on the microcontroller end but the raspberry is using python and the repo
https://github.com/colinta/Cape.py is not available right now.
Thank you so much
I'm looking for a way to encrypt a string which I then POST to a remote server. This looks like a good start but is there a way that I can decrypt the string once I have it on a remote server?
Looks like a useful and simple library and ESP8266 is lacking basic crypto tools.
Any chance to make the library compatible with ESP8266?
Once I try to compile, I get the following warning:
WARNING: library Cape claims to run on [avr] architecture(s) and may be incompatible with your current board which runs on [esp8266] architecture(s).
And then, a bunch of errors related to the swap macro.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.