-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature Request: Encryption capabilities #3
Comments
That's a very interesting request. I'm not very familiar with encryption implementations on embedded devices, so I wouldn't be able to recommend a particular one. As for ciphers, AES or ChaCha20 for symmetric encryption would be good starting points, or X25519-ChaCha20 for public-key encryption of data to exfiltrate from the device. Though your keypad use-case would probably need some form of trusted execution / secure enclave on the unsafe side, as we may assume an attacker be able to extract key material from the controller ROM/RAM or perform side-channel attacks. Actually, I had another use-case the other day that may intersect with yours, which was to use a different transport than Serial. It could be possible to change the API to accept a generic stream to write data to / read data from, which could then be just a plain hardware serial interface, or a custom transport, or an encryption middleware. Edit: this stream API is actually already implemented, it's a matter of specifying the Serde class against anything that conforms to the Arduino Stream API (read, write, available, etc). |
Have you considered adding some sort of encryption to the data stream? I realize it is a wired connection, but I'm thinking of scenarios where one MCU is in a secure location and the other isn't, such as a keypad outside and an access controller inside. Or are you aware of any existing libraries that could be added to work with yours?
The text was updated successfully, but these errors were encountered: