| View previous topic :: View next topic |
| Author |
Message |
cagacug
Joined: 14 Apr 2004
Posts: 5
|
| how to secure communication? DES or what? |
 Posted: Wed Apr 12, 2006 3:22 am |
 |
|
Hi,
I want to secure some functions in client PICs which are connected to a non-secure network. If I use some ecryption algorithm with key, OK the PICs are secure but the asking PIC will have to send the same encrypted data everytime it communicates with another client. If a hacker listens the net and re-transmits this encrypted data without knowing the de-crypted password, the client will accept this also.
How this problem can be solved in C?
Any idea... |
|
 |
VanHauser
Joined: 03 Oct 2005
Posts: 88
Location: Ploiesti, Romania
|
|
| Posted: Thu Apr 13, 2006 1:09 am |
|
|
| You can use a 16- or 32-bit counter value that is sent encrypted and updated after every successful reception both at the transmitter and at the receiver side. The transmitter and the receiver should be syncronised with this counter and it should be equal on both sides. This way, a captured and re-sent packet is very unlikely to be accepted as the counters will not match. The Keeloq algorithm from Microchip uses a scheme like this. |
|
|
cagacug
Joined: 14 Apr 2004
Posts: 5
|
|
| Posted: Thu Apr 13, 2006 3:14 am |
|
|
| Seems to be a good way, thanks lot. |
|
|
jds-pic
Joined: 17 Sep 2003
Posts: 205
|
|
| Posted: Thu Apr 13, 2006 9:59 am |
|
|
| cagacug wrote: | | Seems to be a good way, thanks lot. |
the problem you describe is called a "replay attack":
http://en.wikipedia.org/wiki/Replay_attack
this is a well understood, well characterized problem in modern cryptography. don't reinvent the wheel; instead, get yourself a copy of the bible, called "Applied Cryptography: Protocols, Algorithms, and Source Code in C" by Bruce Schneier. this book has theory, examples, and C code snippets for you.
http://www.amazon.com/gp/product/0471117099/103-5648865-8321415
| Quote: | | Cryptographic techniques have applications far beyond the obvious uses of encoding and decoding information. For Internet developers who need to know about capabilities, such as digital signatures, that depend on cryptographic techniques, there's no better overview than Applied Cryptography, the definitive book on the subject. Bruce Schneier covers general classes of cryptographic protocols and then specific techniques, detailing the inner workings of real-world cryptographic algorithms including the Data Encryption Standard and RSA public-key cryptosystems. The book includes source-code listings and extensive advice on the practical aspects of cryptography implementation, such as the importance of generating truly random numbers and of keeping keys secure. |
jds-pic |
|
|
cagacug
Joined: 14 Apr 2004
Posts: 5
|
|
| Posted: Thu Apr 13, 2006 11:56 am |
|
|
| You are absolutely right, seems to be a good book and I never regret to pay for books. But does this book have a PIC side look? (just asking as you seem to read this book) I mean the code used in internet w TCP/IP is an example but not a solution for PICs. |
|
|
jds-pic
Joined: 17 Sep 2003
Posts: 205
|
|
| Posted: Thu Apr 13, 2006 12:33 pm |
|
|
| cagacug wrote: | | I mean the code used in internet w TCP/IP is an example but not a solution for PICs. |
you will need to scale the solutions to fit the limitations (RAM, speed, etc) of your chosen processor. this is always the case. there are more than enough examples in the noted text which will aid in implementing a solution. you don't have to go all out, just follow the principles in the text.
jds-pic |
|
|
GUEST
Guest
|
|
|
|
FAQ 
Search
Register
Profile 
Log in to check your private messages 
Log in
