Exchanging keys securely?

arao23
Posts: 30
Joined: Tue Dec 13, 2016 4:44 pm

Exchanging keys securely?

Postby arao23 » Fri Dec 16, 2016 4:38 am

Suppose I want to transfer my home WiFi password to the ESP32 (which is in AP mode) so that the ESP32 can then switch to station mode and connect to my home network. I thought about using a hard-coded key to "encrypt" the data, but this can easily be hacked and the data sniffed and decrypted over the airwaves.

Then I thought about setting up SSL communication, but again, anyone with access to my product can read off the chip to find the private key and use that to steal information by sniffing the airwaves.

So, what's a good way to transfer sensitive information to esp32, or will I need to somehow alter the manufacturing process so that an open WiFi connection isn't used, but a unique AP password is hardcoded into the chip for every produced unit of the end product?

arao23
Posts: 30
Joined: Tue Dec 13, 2016 4:44 pm

Re: Exchanging keys securely?

Postby arao23 » Fri Dec 16, 2016 4:51 am

This article seems to be a good read:
http://depletionregion.blogspot.com/201 ... ducts.html

Although, setting up bluetooth pairing is a bit of a pain (relatively speaking), and requires the end-user to have a BT capable device, not just a router. Any other ideas?

User avatar
kolban
Posts: 1683
Joined: Mon Nov 16, 2015 4:43 pm
Location: Texas, USA

Re: Exchanging keys securely?

Postby kolban » Fri Dec 16, 2016 6:38 am

I had assumed that if an ESP32 was setup as an access point and I connected a WiFi device (eg. my phone) to the ESP32 then the data transmitted from my phone to the ESP32 was encrypted if I use WPA or WPA2 to authenticate? Wouldn't that secure access to the data?

In my models, I have an ESP32 boot up as an access point with a well known SSID and pre-defined static password. It then runs a Web Server. I then connect from my phone to the ESP32 (as an access point) and bring up the web page. I enter the SSID and password of my local WiFi access point/router and reboot the ESP32. Because it has saved the SSID and password in non volatile storage, it remembers the data and is able to connect to my home access point. In this is accurate, I don't see that my SSID/password pair ("the secret") was ever transmitted in an open or decryptable form. The worst that could happen is that someone "gets into" my ESP32 after it boots in access point mode and tries to set bad information for the target SSID/password.
Free book on ESP32 available here: https://leanpub.com/kolban-ESP32

arao23
Posts: 30
Joined: Tue Dec 13, 2016 4:44 pm

Re: Exchanging keys securely?

Postby arao23 » Fri Dec 16, 2016 7:31 am

Yes, that was my original approach. Thing is, if it's a pre-configured AP password, capturing all the airwaves into a dump and then using your known key to decrypt the packets and retrieve the SSID and password of your home wifi is a trivial task.

Thing is, none of us want our products to show up on the news tomorrow for being hacked and thousands of passwords stolen.

arao23
Posts: 30
Joined: Tue Dec 13, 2016 4:44 pm

Re: Exchanging keys securely?

Postby arao23 » Fri Dec 16, 2016 7:33 am

What I mean is, if it's a default / known AP password with e.g. WPA2, those airwaves can all be captured into a dump and then anybody can use the default password to decrypt the packets. Wireshark supports this, I believe.

User avatar
kolban
Posts: 1683
Joined: Mon Nov 16, 2015 4:43 pm
Location: Texas, USA

Re: Exchanging keys securely?

Postby kolban » Fri Dec 16, 2016 2:42 pm

One way to potentially get an answer to our question is to search through existing products that we can find on the Internet and see what their setup procedures may be. Here is an example:

http://www.gelinkbulbs.com/downloads/GE ... lGuide.pdf

With this product,one seems to use Bluetooth from your mobile device to connect to the "WiFi IoT product" (which in our case might be an ESP32). We then use Bluetooth to interact with the ESP32 ... and in that conversation supply "the secret" which is then used by the ESP32 at next boot to connect to the local router.

Many thanks for pointing out that known passwords on an ESP32 when it is an access point could pose a vulnerability. I for one wasn't aware of that.
Free book on ESP32 available here: https://leanpub.com/kolban-ESP32

WiFive
Posts: 3529
Joined: Tue Dec 01, 2015 7:35 am

Re: Exchanging keys securely?

Postby WiFive » Sat Dec 17, 2016 5:39 am

arao23 wrote:but a unique AP password is hardcoded into the chip for every produced unit of the end product?
Yes, you have to read/program the Mac address and serial number anyway so this is probably easy.

Who is online

Users browsing this forum: awegel and 114 guests