EmbeddedRelated.com
Forums
   Forums    More Forums    comp.arch.embedded  

tamper resistant messages on 8051

Started by eugene June 27, 2006
I need to send short RF messages (approx: 2 bytes) between 8051
devices. How do I make sure that the messages are not tampered and that
the message really came from the device?

I was thinking of using CMAC AES. But found out that AES isn't
efficient on 8051.

How do I generate untamperable messages in 8051?

Thanks
Reply by David R Brooks June 27, 20062006-06-27
eugene wrote:

> I need to send short RF messages (approx: 2 bytes) between 8051
> devices. How do I make sure that the messages are not tampered and that
> the message really came from the device?
> 
> I was thinking of using CMAC AES. But found out that AES isn't
> efficient on 8051.
> 
> How do I generate untamperable messages in 8051?
> 

Regardless of the CPU, you are looking at "message authentication" (aka 
"signing"). It's usually done by taking some cryptographic function of 
the message, & sending that along with it.
The first thing you need to determine is, what level of threat do you 
face? A bored student filling in a rainy night, or a major government 
agency which *really* wants to hack your system? A large spectrum in 
between. Where you are on it, determines how much security (read, CPU 
cycles) you need to provide.
Reply by larwe June 27, 20062006-06-27
eugene wrote:

> I need to send short RF messages (approx: 2 bytes) between 8051


If you only have two bytes of bandwidth, your attacker only has to try
65536 messages and he's in, even if you have the most robust
cryptosystem known to man.

An application like this would possibly work well with a rolling-code
algorithm like Microchip's Keeloq (note that it is patented, and you
can't field this commercially unless you either use a Microchip part,
or license the algorithm).
Reply by Chris Hills June 27, 20062006-06-27
In article <44a1021e$0$6628$5a62ac22@per-qv1-newsreader-
01.iinet.net.au>, David R Brooks <davebXXX@iinet.net.au> writes

>eugene wrote:
>> I need to send short RF messages (approx: 2 bytes) between 8051
>> devices. How do I make sure that the messages are not tampered and that
>> the message really came from the device?
>> 
>> I was thinking of using CMAC AES. But found out that AES isn't
>> efficient on 8051.
>> 
>> How do I generate untamperable messages in 8051?
>> 
>Regardless of the CPU, you are looking at "message authentication" (aka 
>"signing"). It's usually done by taking some cryptographic function of 
>the message, & sending that along with it.
>The first thing you need to determine is, what level of threat do you 
>face? 


Exactly!


>A bored student filling in a rainy night, 


and why would they want to hack your system? 


>or a major government 
>agency which *really* wants to hack your system?


In which case there are other methods and they have the resources to try
other methods from "interviewing" you to a small air strike :-). So the
crypto becomes pointless 


> A large spectrum in 
>between. Where you are on it, determines how much security (read, CPU 
>cycles) you need to provide.


You probably don't need AES. Just enough to be a bit more difficult that
it is worth or making it a bit harder than alternative possible attacks. 

It comes back down to the threat level.



-- 
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
\/\/\/\/\ Chris Hills  Staffs  England     /\/\/\/\/
/\/\/ chris@phaedsys.org      www.phaedsys.org \/\/\
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
Reply by Rob Horton June 27, 20062006-06-27
eugene wrote:

> I need to send short RF messages (approx: 2 bytes) between 8051
> devices. How do I make sure that the messages are not tampered and that
> the message really came from the device?
> 
> I was thinking of using CMAC AES. But found out that AES isn't
> efficient on 8051.
> 
> How do I generate untamperable messages in 8051?
> 
> Thanks
> 

What distance are all of the 8051 devices from each other?

Maybe you could get away with using really low power. Any hacker would 
have to get  within a few metres to receive your RF messages. If they 
are stuck outside a building in a car then they simply wouldn't be able 
to receive your RF messages.

Obscure your RF messages in a sea of noise. Transmit more than just 2 
bytes at a time, say, 64. Make the other bogus bytes look like they 
might actually be something when they aren't. Eg. add in a few valid 
checksums.

Send more transmissions than are necessary. Not every transmission 
actually has to mean something.

Lead your hacker up many blind alleys

The only sure way is this:

http://www.geek.com/news/geeknews/2004Aug/bch20040824026626.htm

Although I guess it will take a while for this technology to "trickle 
down" ;)
Reply by Ian Bell June 27, 20062006-06-27
larwe wrote:


> 
> eugene wrote:
>> I need to send short RF messages (approx: 2 bytes) between 8051
> 
> If you only have two bytes of bandwidth, your attacker only has to try
> 65536 messages and he's in, even if you have the most robust
> cryptosystem known to man.
> 
> An application like this would possibly work well with a rolling-code
> algorithm like Microchip's Keeloq (note that it is patented, and you
> can't field this commercially unless you either use a Microchip part,
> or license the algorithm).


An algorithm is a recipe and you cannot patent recipes (in Europe). You can
patent a means of implementing one, like a chip, but not the recipe itself.
Do you have a pointer to the Microchip patent?

Ian
Reply by Ryan Weihl June 27, 20062006-06-27
Rob Horton wrote:


> eugene wrote:
> > I need to send short RF messages (approx: 2 bytes) between 8051
> > devices. How do I make sure that the messages are not tampered and
> > that the message really came from the device?
> > 
> > I was thinking of using CMAC AES. But found out that AES isn't
> > efficient on 8051.
> > 
> > How do I generate untamperable messages in 8051?
> > 
> > Thanks
> > 
> What distance are all of the 8051 devices from each other?
> 
> Maybe you could get away with using really low power. Any hacker
> would have to get  within a few metres to receive your RF messages.
> If they are stuck outside a building in a car then they simply
> wouldn't be able to receive your RF messages.
> 
> Obscure your RF messages in a sea of noise. Transmit more than just 2
> bytes at a time, say, 64. Make the other bogus bytes look like they
> might actually be something when they aren't. Eg. add in a few valid
> checksums.
> 
> Send more transmissions than are necessary. Not every transmission
> actually has to mean something.
> 
> Lead your hacker up many blind alleys
> 
> The only sure way is this:
> 
> http://www.geek.com/news/geeknews/2004Aug/bch20040824026626.htm
> 
> Although I guess it will take a while for this technology to "trickle
> down" ;)


how would a secure 8051 suit this requirment, like the DS2252(T)?
expensive.
rw

--
Reply by larwe June 27, 20062006-06-27
Ian Bell wrote:


> > An application like this would possibly work well with a rolling-code
> > algorithm like Microchip's Keeloq (note that it is patented, and you
>
> An algorithm is a recipe and you cannot patent recipes (in Europe). You can
> patent a means of implementing one, like a chip, but not the recipe itself.


They only restrict encoder implementations, the decoder is free.

The encoder datasheets (e.g. HCS300) specify:
Code hopping encoder patents issued in Europe, USA and RSA - USA:
5,517,187; Europe: 0459781; RSA: ZA93/4726
Secure learning patents issued in the USA and RSA - USA: 5,686,904 -
RSA: 95/5429.

Here is the license agreement for Keeloq:
<http://www.microchip.com/stellent/idcplg?IdcService=SS_GET_PAGE&nodeId=77&useSecondary=true>
Reply by Ryan Weihl June 28, 20062006-06-28
eugene wrote:


> I need to send short RF messages (approx: 2 bytes) between 8051
> devices. How do I make sure that the messages are not tampered and
> that the message really came from the device?
> 
> I was thinking of using CMAC AES. But found out that AES isn't
> efficient on 8051.
> 
> How do I generate untamperable messages in 8051?
> 
> Thanks


use a secure 8051 which prevents anybody to change code.
we use the DS2252T for that purpose
rw

--
Reply by June 28, 20062006-06-28
eugene wrote:

> I need to send short RF messages (approx: 2 bytes) between 8051
> devices. How do I make sure that the messages are not tampered and that
> the message really came from the device?
>
> I was thinking of using CMAC AES. But found out that AES isn't
> efficient on 8051.
>
> How do I generate untamperable messages in 8051?
>
> Thanks


How fast do you need it to be? If you write the code in assembler you
can do AES encryption in about 1ms on an 8051 (I'd have to find my old
notes to check what speed part that was, but it wasn't anything fancy,
just a Phillips LPC of some sort).

- Charles
You might also like... (promoted content)
Upcoming Course - Python Applications for Digital Design and Signal Processing
Upcoming Course - Python Applications for Digital Design and Signal Processing
Upcoming Course - Python Applications for Digital Design and Signal Processing
The 2024 Embedded Online Conference - Register Early and Save with Promo Code ER2024!
The 2024 Embedded Online Conference - Register Early and Save with Promo Code ER2024!
The 2024 Embedded Online Conference - Register Early and Save with Promo Code ER2024!
Check out Memfault's New Sandbox!
Check out Memfault's New Sandbox!
Check out Memfault's New Sandbox!