In my project, there will be about 500 Bluetooth devices installed over the city and about 20 PDAs used to update these devices.
The devices should be not be visible to anything except the PDAs and I'd like to avoid the troubles or pairing each device to each PDA.
Is there any way to pregenerate 10,000 link keys (for each device-PDA pair), knowing their device addresses, so that link keys for each of the devices could be uploaded all at once during the firmware upload process?
define a shared secret and use the mac-addresses as salt.
with this, you are able to generate a key, which is known on both systems.
or something like that :)
pseudo:
key = int(private part (shared secret) + public part (mac-address))
Related
Question
I tried to search for a solution, with google and here at StackOverflow, but no success.
What I looking for:
I need API to generate a new keypair, like
//publicKey is either Buffer or string, so I can use it in `createPublicKey` call.
let publicKey = await impl.generate("keypairUniqueName");
Decrypt some data with key by key name
let decryptedBuffer = await impl.decrypt("keypairUniqueName", encryptedBuffer);
sign data with private key
let signatureBuffer = await impl.sign("keypairUniqueName", rawDataBuffer);
delete key by unique name
await impl.deleteKeypair("keypairUniqueName");
keys storage should be scoped to specific device, local user account, and (my) app, and ideally, with some other string parameter like in-app account or profile id, so I can call on Electron installation:
let implHive = await ImplFactory.ensureForKeysHive();
and later on adding local user record:
let impl = await implHive.createKeystore(userAccountId, localPinCode);
and on login:
let impl = await implHive.openKeystore(userAccountId, localPinCode);
ideal requirement: I should be able to do it at Windows desktop, Linux desktop, Android, iOS. Most likely context is Electron App or nodejs based CLI.
I understand I can save an encrypted files to paths like ~/.appName/keystore/userId.slot, but I need to be sure this file can not be used on other device if copied to other device with ctrl+c - ctrl+v or cp command. So for file-based impl anyway question comes where to save password or other device-scoped encryption data or device-specific keypair to make sure only my app can use that device-scoped keypair.
Does the safeStorage of electron is what I looking for regarding per-device and per platform user as way to store something that only and instance of my app on same machine can save and load?
From documentation I understood electron 's safeStorage is specific to user, not to device-user-app intersection.
In this regard I can implement something like larger password model, where account-specific key of my app stored as original password with some app-specific salt added, like
//example purposes-only
let fullAppSpecificKeysVaultPassword = "vendor-alias/my-app/account_${localPinCode}_${purposeCode}";
inside storage represented by safeStorage provided electron, but I not sure is this strategy good enough, or may be there some npm package or electron API I overlooked?
It is important that local keys vault for the app under question should be usable across installations/deinstallations/re-installations/upgrades of same app.
Is something like that exists with exact features?
All this resembles very much the Android Keystore - https://developer.android.com/training/articles/keystore#WhichShouldIUse
Especially per-app scoping.
But it is unclear is there something like that to be used in cross-platform manner by an electron and/or nodejs app.
Context, goals, Purpose, and Why
For self-education purposes I thinking about making some small app with 2 features:
public keys mapping to user aliases, random device ids and optional readable device aliases, with small profiles like name, avatar, and 1 sentence user-self description, may be more fields in profiles eventually - limited variation of keybase, with federation like Mastodon, but with rule to keep keys catalogue in sync across federation relays when joining to "relays federation" to make sure profiles intact if relay server who created them gone offline or left keys federation, or relays not available, and only profiles cached by clients are available. I find it interesting to make in context of keybase being eaten by Zoom.
end-to-end encrypted chat app that would work in environments like LAN, WiFi, and Bluetooth, and other local networking to be used both with internet and when standard internet access not available. You may say that such projects are exists already like Serval or Thali or some other, and yeah, I was inspired by them to some extent.
So, self-education aspect, and question like How much of that can I do myself using only Electron or nodejs? are main motivations behind this idea.
one advantage of NFC vs QR code is that unlike QR code which can be photographed and accessed from anywhere later, an NFC binds you to scan the NFC chip from close distance in order to access the info.
But, once scanned and your browser is ready to open the URL, what prevents the user from sharing the URL so that others can use it and access it remotely (or to use it twice, when already away from the NFC tag)?
My use case is to let a person who is physically near the NFC device, to submit some input, via a URL obtained from scanning the NFC.
However, I don't want to allow other persons to access that same URL, since this will enable them to submit data remotely (such as false data), and this will "contaminate" the info I'm trying to gather.
There is no way to dynamically change the URL as it is written once onto the NFC tag and that's it (to alter the URL every minute for example, the NFC must be re-written by physically accessing it, so this is not feasible).
I can't think of some extra token that can be applied here, since I can't physically pass such token to the user, and I also don't want to make it hard for the user to use the system, by introducing another security layer and ask him to make another action.
This is now possible using the new NTAG 424 DNA chipset, the feature you need is called Secure Unique NFC Message (SUN) which can generate a dynamic URL each time the card is read
https://www.nxp.com/products/rfid-nfc/nfc-hf/ntag/ntag-for-tags-labels/ntag-424-dna-424-dna-tagtamper-advanced-security-and-privacy-for-trusted-iot-applications:NTAG424DNA
The only way I can think of doing this is not with an NFC card but with an NFC enabled device running Custom Host Card Emulation (HCE) software (Possible on an Android Device and may be possible with a PC and USB card reader)
As the device is emulating an NFC card when another device comes in to NFC range the HCE device will respond as if it was a card and send out an NDEF message with the custom URL.
The URL will be visible in the browser that a standard phone will launch given the right NDEF message but these URL's can be one time use as once the HCE device has sent the NDEF message, it can use the time or another method to generate a new URL for the next time somebody tries to read it's emulated card.
I can think of other methods that would require custom software of the scanning device to work either to hide the URL.
Or I think it might be possible with some of the Advanced NFC cards you can run applications on the card to generate a unique URL for the NDEF message, but that is very advanced stuff.
Host Card Emulating is complicated but possible for a non specialist programmer. The only problem is the item you are leaving for people to scan needs to be secured and powered.
Update
As mentioned in my Comment that using a JavaCard could dynamically Generate the NFC Data and recent I came across https://github.com/OpenJavaCard/openjavacard-ndef which is the code for a Java Card to dynamically generate NFC Data.
I am making an app using NFC tags and I have to prevent the NFC tag from cloning. I have seen many other NFC tags which when tried to be cloned, shows a pop up message "Cloning is restricted, tag is secured by secret key", I want the same security for my NFC tag.
That depends on what type of tag you use and what level of protection against cloning you want.
NFC tags (as defined by the NFC Forum) have no protection against cloning. Such tags are intended as containers for freely readable data (so called NDEF messages). Anyone could read an NDEF message from one tag and duplicate it to another tag.
Many NFC tags also contain a unique identifier that is pre-programmed by the tag manufacturer and cannot be modified on normal tags. You could use this unique identifier to determine if a tag was issued by you (i.e. you know its id) or forged (i.e. you don't know its id). Instead of using a list of genuine ids, you could also create a digital signature over the tag's id and its data. THat way, you could find out if data and signature are used on a tag with a different unique identifier. However, all data can still be extracted from your tag. Therefore, you should be aware of the fact, that specialized hardware (e.g. Proxmark, etc) and ready-made tags are available where an attacker can change the unique identifier to the value of your tag's id. So this is certainly not perfect cloning protection.
You could use a contactless smartcard/tag that provides communication encryption and shared-key based access control (e.g. MIFARE DESFire). With this approach, you could store data that you do not want an attacker to be able to clone in a key-protected memory area. However, if you want to be able to read that data from within your app (i.e. without having an online backend that directly communicates with the card), you would need to store the key to access the memory area within your app. Consequently, in an offline scenario (i.e. key stored in app), an attacker might be able to extract that key and use it to clone the tag.
You could use a tag/smartcard that contains a secret asymmetric key and provides a command to sign a cryptographic challenge with that key. In that case, in order to verify if the tag is genuine, you could request such a signature from the tag for a random challenge and verify the signature against the tags corresponding public key. This would certainly be the most secure solution as you do not need to store any shared secret within your app. The only ready-made NFC tag solution (that I'm currently aware of) that provides such functionality seems to be Inside Secure's VaultIC. Though you could create one yourself based on the asymmetric crypto functionality of a contactless smartcard (e.g. a Java Card).
Note that for all of the above cloning-protection scenarios you would have to create an app that checks if a tag is genuine or cloned. By default NFC phones only use the information in (1) and therefore do not perform any such checks.
Yes it's possible meanwhile to prevent cloning a Tag.
There is a new tag called the NTAG 413 - which can generate a new NDEF message every single time you tap it. (using AES krypto) This way it's not necessary to have a seperate app installed on your smartphone. You can incorporate the encryption in the URL of a NDEF for example and the host server can encrypt it with the same key. In case of copy the server will recognize it.
Some companies already offer them in different form factors, for key cards (hotels or access). More info can be found in this link but it's german..
https://www.variuscard.com/plastikkarten/chipkarten/nfc-ntag-413-dna/
While the original answer was correct it's getting a little bit out of date. Michael's addition (Oct 10, 17) added the NTAG413. There's now another additional NTAG424 DNA authentication NFC chip, which works in the same way. HID's Trusted Tag works in a similar way and there increasingly others.
Essentially the chips create a new unique code based on a stored key on each tap/scan. Code can be verified from a server.
There is no guaranteed way to restrict the nfc tag from getting clone as all nfc tags are by default . Other apps use secret key with in a nfc tag but that also can be cracked.
I have asp.net web api used by mobile app. In facebook I see notifications like "access to your account from new device". I want to implement the same. Device could be connected to different wi-fi or 3G so to use ip addrress is not good. How to define access from new device and remember it for future in "trusted devices"?
You could look at a combination of pieces of data to uniquely identify see EFF's website on browser fingerprinting.
But the common approach is to set a cookie and check if it is present in future visits.
You need a unique identifier for each device.
In case of a computer it could be a mac address, if it's a mobile device they each have a unique identifier you could send together with the request.
You would then keep a list of these IDs on the API side and every time a request comes in, just check if that ID is in the list you already have. If not then there it is .. new device.
Here is another discussion which could be relevant to your scenario : What is a good unique PC identifier?
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 9 years ago.
Improve this question
Let's have N devices each has a unique name DEVICE_1, DEVICE_2, .. , DEVICE_N
Devices broadcast their names so that other devices can start communication with another device from the same group (according to the format of the name).
The device name is encrypted so that nobody else who is not in the group can see the name and thus can't fake the name.
There's one key for symmetric encryption used by all devices to encrypt their names and decrypt names of other devices.
The problem is that the key for symmetric enctyption is stored in the device. So if somebody hack into the device, reads the key, decrypt the name, change its name to existing name
of other device and ecrypt it, everybody else think that it's somebody else.
EDIT the idea below is wrong since the device must be able to decrypt the name offline
I came with a solution of storing the key in database on server so the name is encrypted on server once the device has registered to the service. This will work even when the name of the device has
changed since the change of name is always uploaded to server so we can do the encryption on the server again.
The only vulnerability left is if somebody breaks into the database and reads the key...
EDIT END
Any idea how to solve this?
Oh, I forgot, the devices can't communicate before they know each other's name so assymetric cryptography wouldn't help because I even don't know there's some device from my group out there.
First of all, it seems that you try to achieve authentication and integrity by encryption - it is a mistake. Even if you use more relevant cryptographic primitives like signature or MAC (Message Authenticated Code), while you use the same key for all the devices, you are exposed to problems when you use them if one of the devices is being hacked.
I think each device should have a public key, and the database should distribute them (with the corresponding identities) to the other devices.
The public keys might be signed by a trusted party (for example CA), such that given a public key and a signature, it is possible to detect corruptions.
Then, using the public keys and the identities, you can create pairwise symmetric keys (notice that every device should store N symmetric keys - exactly as the number of public keys it stored in this solution), and use them to communicate efficiently.
You can use only one key, but again - this is very problematic.