Sunday, January 21, 2024

ESP32-C3 Exploring Embedded Security with ESP32 inbuilt modules


Random Number Generator: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/random.html


Random Numbers are very important in Secuirty and a true random number generator is essential for generating a high entroy randomly generated Security Key.

So, ESP32-C3 has a random number generator module in built we will be using that to generate Random key.
Sample code to generate random key with Random number generator 



#include <stdio.h>
#include "freertos/FreeRTOS.h"
#include "freertos/task.h"
#include "driver/gpio.h"
#include "esp_log.h"
#include "led_strip.h"
#include "sdkconfig.h"

//random gen
#include <stdint.h>
#include "esp_random.h"


static const char *TAG = "randomGen";

void generate_random_key(uint8_t *key, size_t key_length) {
size_t i;
for (i = 0; i < key_length / sizeof(uint32_t); ++i) {
((uint32_t *)key)[i] = esp_random();
}
}



void app_main(void)
{
while (1) {
// Example: Generate a 128-bit random key
uint8_t random_key[16];
generate_random_key(random_key, sizeof(random_key));

// Print the generated key
ESP_LOGI(TAG,"Random Key: ");
for (size_t i = 0; i < sizeof(random_key); ++i) {
printf("%02X", random_key[i]);
}
vTaskDelay(5000 / portTICK_PERIOD_MS);
printf("\n");

}
}

Output:




SHA: Generating Hash for given data on ESP32

SHA, or Secure Hash Algorithm, is a family of cryptographic hash functions designed by the National Security Agency (NSA) and published by the National Institute of Standards and Technology (NIST) in the United States. The SHA family consists of several hash functions with different bit lengths, such as SHA-1, SHA-256, SHA-384, SHA-512, and more. Each variant produces a fixed-size hash value, which is typically expressed as a hexadecimal number.

Key Characteristics of SHA:

Collision Resistance: One of the primary objectives of a cryptographic hash function is collision resistance. A collision occurs when two different inputs produce the same hash output. A secure hash function should make it computationally infeasible to find collisions.


Deterministic: For the same input, a SHA function will always produce the same output (hash). This property is essential for verifying data integrity and authenticity.


Fixed Output Size: Each SHA variant produces a fixed-size hash value, regardless of the size of the input data. For example, SHA-256 always produces a 256-bit (32-byte) hash.


Pre-image Resistance: It should be computationally infeasible to reverse the hash function, meaning it should be challenging to find an input that corresponds to a given hash output.

Common Use Cases:

Data Integrity: SHA functions are commonly used to ensure the integrity of data. By comparing the hash of the original data with the hash of received or stored data, one can verify whether the data has been tampered with or corrupted.


Digital Signatures: In digital signatures, a hash of a message is signed to prove the authenticity of the sender and the integrity of the message. The recipient can verify the signature using the sender's public key.


Password Hashing: In password security, storing actual passwords is a security risk. Instead, systems store the hash of passwords. During login, the system hashes the entered password and compares it with the stored hash.


Blockchain and Cryptocurrencies: Cryptocurrencies like Bitcoin use SHA-256 for hashing blocks and creating digital signatures. The immutability of the blockchain relies on the cryptographic properties of the SHA function.


Certificate Authorities: In SSL/TLS and other secure communication protocols, SHA functions are used in digital certificates to verify the authenticity of public keys.

SHA is a fundamental building block of modern cryptography and information security. Its properties make it suitable for a wide range of applications where data integrity, authenticity, and security are paramount.

Below is an Example of how to do it with IDF in ESP32-C3
#include <stdio.h>
#include <string.h>
#include <esp_log.h>
#include <mbedtls/sha256.h>

static const char *TAG = "Hello-SHA";

void sha_example(const char *input, size_t input_len) {
mbedtls_sha256_context sha_ctx;
unsigned char output[32]; // SHA-256 produces a 32-byte hash

mbedtls_sha256_init(&sha_ctx);
mbedtls_sha256_starts(&sha_ctx, 0);

// Update hash with input data
mbedtls_sha256_update(&sha_ctx, (const unsigned char *)input, input_len);

// Finish the hash calculation
mbedtls_sha256_finish(&sha_ctx, output);

// Print the result
ESP_LOGI(TAG, "SHA-256 Hash:");
for (int i = 0; i < 32; i++) {
printf("%02x", output[i]);
}
printf("\n");

mbedtls_sha256_free(&sha_ctx);
}

void app_main() {
// Your input data
const char *input_data = "A quick brown fox jump over the lazy dog!";

// Calculate SHA-256 hash
sha_example(input_data, strlen(input_data));
}

Output:





Check if the generated Hash is correct:


No comments:

Post a Comment

ESP32-C3 Exploring Embedded Security with ESP32 inbuilt modules

Random Number Generator: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/random.html Random Numbers are ver...