Continue to Site

Welcome to our site!

Electro Tech is an online community (with over 170,000 members) who enjoy talking about and building electronic circuits, projects and gadgets. To participate you need to register. Registration is free. Click here to register now.

  • Welcome to our site! Electro Tech is an online community (with over 170,000 members) who enjoy talking about and building electronic circuits, projects and gadgets. To participate you need to register. Registration is free. Click here to register now.

Intelligent Security codes

Status
Not open for further replies.

Mosaic

Well-Known Member
Hi:
I'd like to create an asm method that takes a random (between 4 to 8 digit) Hex or Decimal number as a security code and then generates a return 4 digit hex or decimal number that decodes using the orig. random number into a desired value.

So if u have a random number 048364 and you process it thru the security code s'ware that returns something like 49AC which when processed in conjunction with the org. code as a key can result in a desired value...like 200 etc.

It's meant to permit secure comms between 2 MCUs. One sends a random code, the other returns the 4 digit response which is then decoded with the orig. random number as the key.

Need some advice...
 
How secure?

You could use something as simple as the following (which is simply obfuscated rather than secure - replace the crc16 with some better method for better security)
Code:
int makeKey(char *secCode, int length, int desiredValue)
{
    int crc = 0xFFFF;
    
    while(length--)
        updateCrc16(&crc, *secCode++);
        
    return desiredValue ^ crc;
}

int getDesiredValue(char *secCode, int length, int key)
{
    return makeKey(secCode, length, key);
}
 
Last edited:
Of the top of my head. Use a 32 bit random number generator (I've posted an asm version here somewhere) to generate a random number. Send to second MCU. Second MCU seeds its own random number generator and generates 32 (or more) new bits, adds the desired value and sends it back. First MCU can also generate the new 32 bits and subtract from the received number to get the sent data.

It's not very secure and relies on the intercepting person not knowing what is happening in the software.

Edit, if you use this method then you may as well send 32 bits each time.

Mike.
 
Last edited:
@ Pommie: How does the 1st MCu generate the same 32 bits to do the subtraction? Is it that the random number will be the same if the seed is the same?
 
So somehow the seed has the be transferred with the random #?
device A sends the random number 'X' to device B. Device B uses 'X' as the seed, and generates the next random number 'Y', such that "Y = f(X)", then adds the number to be encoded to 'Y', e.g. "Z = Y + d" to device A.

Device A can calculate 'Y' as it has 'X' (it generated it in the first place). So device A then subtracts 'Y' from the number device B sent ('Z') and ends up with 'd', which was the data value.

So:
Device A sends 'X'
Device B sends "Z = f(X) + d"
Device A calculates "d = Z - f(X)"

PS f(x) is the random number generator function that calculates the next number in the sequence after 'x'
 
That could be simplified to one way comms, since the base functionality of that is that both devices have the same encrypt engine and same key. In other words, it does not matter security wise which device sends the initial random starter key;

Like this with one-way comms;
Device B makes the random key
Device B sends random key to device A
Device B sends encrypted data to device A

Which can be sent as one neat data packet.

If you want to improve security above that we need to know what this does and how someone would try to crack it.
 
I am not quite sure what the overall goal is. Is it authentication of the communicating devices, like in https://en.wikipedia.org/wiki/Challenge–response_authentication ?
Or do you want to encrypt the actual data stream? Do the two devices need to generate the key each time, or can they use the same key every time?
What is the data rate and what is the microcontroller?

Anyway if you want it to be secure, stay with proven encryption algorithms and techniques like for example RSA and AES. Inventing your own "secure" encryption typically doesn´t work very well.
 
If key is say 3567 why not do it simple like send 2544697800 only the uC has the math to decode so the chance of decoding is slim.

Receiver uC A gets 2544697800 it then divides by it's key 2544697800/3567= 713400/ 3567= 200

Sender is told to send 200 so it does the math to get 2544697800 which is 200 x key = 713400 x key =2544697800

you could even do a subtraction on one side and addition of a fixed to make it even harder to crack that could be the same key 2544694233+ Key /3567= 713400/ 3567= 200
 
Status
Not open for further replies.

Latest threads

New Articles From Microcontroller Tips

Back
Top