I am working on a replacement for webrepl (based on utelnet) using a symmetric encryption layer. My assumption is that every node I am maintaining has a unique "secret" key used as base for the symmetric encryption. I consider this safer than SSL with non working certificate validation. Most of my nodes will be ESP8266 based - in the future some might be esp32.
I found a couple of pure AES python implementations as well as implementations for speck, simon, and salsa20. I think I could adapt these to micropython. I was considering trying to access AES from axtls - as it is compiled into the firmware, but have no idea how to do so.
Do you have any pointers or suggestions for me how to start, maybe there is even somewhere a simple, secure, and lean symmetric block cipher somewhere available for micropython (however, I did not find it yet) or an easy way to access the block cipher form axtls.
Speed is not too important as it's mainly for communication with the repl - however code size and memory consumption is.
Potential pure implementations which could be converted:
- https://github.com/ricmoo/pyaes
- https://github.com/boppreh/aes
- https://github.com/inmcm/Simon_Speck_Ci ... ter/Python
- http://www.tiac.net/~sw/2010/02/PureSalsa20/index.html
encryption, block cipher, simple (micro-)pythonic way to access
-
- Posts: 81
- Joined: Fri Sep 02, 2016 9:26 am
Re: encryption, block cipher, simple (micro-)pythonic way to access
Thanks, need to take a closer look - I ported a native chacha implementation now, but as it's native, it's pretty slow of course (but workable for a command prompt):
https://github.com/ulno/ulnoiot/blob/ma ... /chacha.py
If anybody wants to try, you can also use the provided netrepl to do encrypted console access and file updates with upy, but I will post about this here in the forum, after I finish teaching my IoT introduction class this month:
https://github.com/ulno/ulnoiot/tree/master/lib/netrepl
https://github.com/ulno/ulnoiot/blob/ma ... /chacha.py
If anybody wants to try, you can also use the provided netrepl to do encrypted console access and file updates with upy, but I will post about this here in the forum, after I finish teaching my IoT introduction class this month:
https://github.com/ulno/ulnoiot/tree/master/lib/netrepl