Browse Source

Update 'README.adoc'

master
kasdimos 5 years ago
parent
commit
20bff53e1c
  1. 100
      README.adoc
  2. 2
      README.md

100
README.adoc

@ -0,0 +1,100 @@
Secure IOT (NodeJS Server)
----------
There are many ways to secure and authenticate a networking communication, but not all solutions will run on a microcontroller, where processing power and memory is a scarce resource.
How does it work?
~~~~~~~~~~~~~~~~~
+Server -> the iot device that will receive the command+
+Client -> the command sender+
. The Client connects to the Server.
. [ Optional: The Client sends a predefined ammount of data for the Server to wake up. (Some libraries need the client to send first data, else they will not recognize that a connection was just made.) ]
. The Server sends a challenge to be solved.
. The Client send the solved challenge with the command.
. The Server extracts the command from the response/solution, executes it [Optional: sends back the response ].
. [ Optional: The Client extracs the execution response from the Server response. ]
Implementation
~~~~~~~~~~~~~~
Server + Client Requirements
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
- set the same initial data length (0-n)
- set the same hashing function
- set the same symmetric password
Data
^^^^
. [ Optional: Client Sends: 1-n bytes (wake up packet) ]
. Server: Sends Challenge (1-n bytes)
. Client: Sends solved challenge ( Len(hash) bytes)
. [ Optional: Server: Sends Response ( Len(hash) bytes) ]
Methodology
^^^^^^^^^^^
. [ Optional: The Client after connection, sends a predefined number of bytes. ]
. The Server generates and sends a random number (bigger -> more secure) for each connection.
. The Client calculates and sends the HMAC of (random server data + command) using the shared secret password
. The Server tries to find what possible command could the Client have sent
(calculates HMAC of random server data + possible command, using the shared secret password and compares them)
and then calls the corresponding function. [ Optional: The response of that function is then calculated
(HMAC of random server data + response, using the shared secret password) and sent to the Client. ]
. [ Optional: The Client tries to find what possible response command could the Server have sent
(calculates HMAC of random server data + response command, using the shared secret password) ]
Considerations
~~~~~~~~~~~~~~
Pros
^^^^
- Minimalistyc nor verbose
- minimal memory usage*
- minimal cpu usage*
- fast**
- authentication
- confidentiality
- replay protection
*with the use of appropriate hashing functions
**when a limited ammount of commands is used
Cons
^^^^
- uses symetric cryptography
- is not designed to send multiple bytes (1 byte commands recommended)
- requires a random seed
Proof of Concept
~~~~~~~~~~~~~~~~
Tested and fully working demo is attached!
This demo was implemented on a pc (Node.JS Client) and an arduino pro mini with an ethernet shield (Server).

2
README.md

@ -1,2 +0,0 @@
# SecureIoT
Loading…
Cancel
Save