Differences

This shows you the differences between two versions of the page.

--- proiecte:encrypted-communication [2017/01/22 23:49]
veronica.velciu
+++ proiecte:encrypted-communication [2017/01/23 22:30] (current)
veronica.velciu [Resources]
@@ Line 40: / Line 40: @@
 <code C>
 void encryptECB(uint8_t *key, uint8_t *plaintext, uint8_t len, uint8_t *ciphertext);
+</code>
+This function encrypts (using AES in ECB mode) //len// bytes of the //plaintext// buffer using the given //key// and writes the result to the //ciphertext// buffer.
+<code C>
 void decryptECB(uint8_t *key, uint8_t *ciphertext, uint8_t len, uint8_t *plaintext);
+</code>
+This function decrypts (using AES in ECB mode) //len// bytes of the //ciphertext// buffer using the given //key// and writes the result to the //plaintext// buffer.
+<code C>
 void encryptCBC(uint8_t *key, uint8_t *iv, uint8_t *plaintext, uint8_t len, uint8_t *ciphertext);
 </code>
+This function encrypts (using AES in CBC mode) //len// bytes of the //plaintext// buffer using the given //key// and writes the result to the //ciphertext// buffer.
+As it can be observed, there is no function for AES in CBC mode decryption. This is due to the lack of support in the ATmega128RFA1 Security Module for this functonality.
+**Testing the AES library**
+In order to test the implemented interface, I created 6 tests:
+  - Encryption of a single block using ECB mode:
+    * **Plain text**: 00000000000000000000000000000000
+    * **Key**: 00000000000000000000000000000000
+    * **Cipher text**: 66e94bd4ef8a2c3b884cfa59ca342b2e
+  - Decryption of a single block using ECB mode:
+    * **Cipher text**: 66e94bd4ef8a2c3b884cfa59ca342b2e
+    * **Key**: 00000000000000000000000000000000
+    * **Plain text**: 00000000000000000000000000000000
+  - Encryption of a single block using CBC mode:
+    * **Plain text**: 00000000000000000000000000000000
+    * **Key**: 00000000000000000000000000000000
+    * **IV**: 00000000000000000000000000000000
+    * Cipher text: 66e94bd4ef8a2c3b884cfa59ca342b2e
+  - Encryption of two blocks using ECB mode:
+    * **Plain text**: 000102030405060708090a0b0c0d0e0f 101112131415161718191a1b1c1d1e1f
+    * **Key**: 000102030405060708090a0b0c0d0e0f
+    * **Cipher text**: 0a940bb5416ef045f1c39458c653ea5a 07feef74e1d5036e900eee118e949293
+  - Decryption of two blocks using ECB mode:
+    * **Plain text**: 0a940bb5416ef045f1c39458c653ea5a 07feef74e1d5036e900eee118e949293
+    * **Key**: 000102030405060708090a0b0c0d0e0f
+    * **Cipher text**: 000102030405060708090a0b0c0d0e0f 101112131415161718191a1b1c1d1e1f
+  - Encryption of two blocks using CBC mode:
+    * **Plain text**: 000102030405060708090a0b0c0d0e0f 101112131415161718191a1b1c1d1e1f
+    * **Key**: 000102030405060708090a0b0c0d0e0f
+    * **IV**: 66e94bd4ef8a2c3b884cfa59ca342b2e
+    * **Cipher text**: c58522244df6eff9c84cf1f84ec8609a 8de9747eb509687e1337028614be3893
+The test vectors were generated using [[http://aes.online-domain-tools.com/|an AES online encryption tool]].
+===== Encrypted communication =====
+The encrypted communication was implemented by extending the SparrowTransfer library with two functions:
+<code C>
+void sendEncData(uint8_t* key);
+uint8_t receiveEncData(uint8_t *key);
+</code>
+The **sendEncData** function receives a key as first parameter, which will be used in order to encrypt the data prior to sending it. The implementation follows these steps:
+  - Set the header and the size of the message. Please note that the size represents a multiple of 16 bytes (as this is the size of the AES encryption block).
+  - Copy the data structure to be sent to a message buffer.
+  - Pad the message buffer with 0, until its length is a multiple of 16.
+  - Encrypt the payload of the message using **encryptECB** with the given key (the header and the size are not encrypted in order to keep the receive functionality).
+  - Compute and add the checksum to the message.
+  - Send the message.
+The **receiveEncData** function receives a key as first parameter, which will be used in order to decrypt the payload of the incoming message. The implementation follows these steps:
+  - Continue reading bytes until the header is encountered.
+  - Read the size of the message and check that it corresponds to the size needed for the data structure to be encrypted (the first number greater than the size which is also a multiple of 16).
+  - Continue reading byte by byte until the payload is received.
+  - Receive the checksum and check it.
+  - Decrypt the message by using **decryptECB** with the give key and save the plain text to the user data structure.
+**Testing the encrypted communication**
+In order to demonstrate the implemented functionality, I created three Arduino projects:
+  * **EncTransmitter**: Sends encrypted messages using the **sendEncData** function and a hard-coded key.
+  * **EncReceiver**: Receives encrypted messages using the **receiveEncData** function and the same key.
+  * **BadReceiver**: "The bad guy" - Tries to listen to what the other two nodes talk. Receives messages using the **receiveData** function, as he does not know the secret key.
+{{ :proiecte:enc-comm.jpg?800 | Encrypted communication}}
 ===== Results =====
+The below picture shows the output of the implemented project. In the upper left corner you can see the output of **EncTransmitter** and in the upper right the output of **EncReceiver**. Below them is the attacker, represented by the **BadReceiver** project.
+{{ :proiecte:enc-comm-demo.png?1200 |}}
 ===== Resources =====
+  * AES library implementation: {{:proiecte:aes.zip|}}
+  * AES library tests: {{:proiecte:aes_test.zip|}}
+  * Modified SparrowRadio library: {{:proiecte:sparrowradio.zip|}}
+  * **EncTransmitter**, **EncReceiver** and **BadReceiver**: {{:proiecte:enccommunication.zip|}}

WSN Wiki

User Tools

Site Tools

Differences

Page Tools