Practical IoT Cryptography on the Espressif ESP8266

The Espressif ESP8266 chipset makes three-dollar ‘Internet of Things’ development boards an economic reality. According to the popular automatic firmware-building site nodeMCU-builds, in the last 60 days there have been 13,341 custom firmware builds for that platform. Of those, only 19% have SSL support, and 10% include the cryptography module.

We’re often critical of the lack of security in the IoT sector, and frequently cover botnets and other attacks, but will we hold our projects to the same standards we demand? Will we stop at identifying the problem, or can we be part of the solution?

This article will focus on applying AES encryption and hash authorization functions to the MQTT protocol using the popular ESP8266 chip running NodeMCU firmware. Our purpose is not to provide a copy/paste panacea, but to go through the process step by step, identifying challenges and solutions along the way. The result is a system that’s end-to-end encrypted and authenticated, preventing eavesdropping along the way, and spoofing of valid data, without relying on SSL.

We’re aware that there are also more powerful platforms that can easily support SSL (e.g. Raspberry Pi, Orange Pi, FriendlyARM), but let’s start with the cheapest hardware most of us have lying around, and a protocol suitable for many of our projects. AES is something you could implement on an AVR if you needed to.


MQTT is a lightweight messaging protocol that runs on top of TCP/IP and is frequently used for IoT projects. Client devices subscribe or publish to topics (e.g. sensors/temperature/kitchen), and these messages are relayed by an MQTT broker. More information on MQTT is available on their webpage or in our own getting-started series.

The MQTT protocol doesn’t have any built-in security features beyond username/password authentication, so it’s common to encrypt and authenticate across a network with SSL. However, SSL can be rather demanding for the ESP8266 and when enabled, you’re left with much less memory for your application. As a lightweight alternative, you can encrypt only the data payload being sent, and use a session ID and hash function for authentication.

A straightforward way to do this is using Lua and the NodeMCU Crypto module, which includes support for the AES algorithm in CBC mode as well as the HMAC hash function. Using AES encryption correctly requires three things to produce ciphertext: a message, a key, and an initialization vector (IV). Messages and keys are straightforward concepts, but the initialization vector is worth some discussion.

When you encode a message in AES with a static key, it will always produce the same output. For example, the message “usernamepassword” encrypted with key “1234567890ABCDEF” might produce a result like “E40D86C04D723AFF”. If you run the encryption again with the same key and message, you will get the same result. This opens you to several common types of attack, especially pattern analysis and replay attacks.

In a pattern analysis attack, you use the knowledge that a given piece of data will always produce the same ciphertext to guess what the purpose or content of different messages are without actually knowing the secret key. For example, if the message “E40D86C04D723AFF” is sent prior to all other communications, one might quickly guess it is a login. In short, if the login system is simplistic, sending that packet (a replay attack) might be enough to identify yourself as an authorized user, and chaos ensues.

IVs make pattern analysis more difficult. An IV is a piece of data sent along with the key that modifies the end ciphertext result. As the name suggests, it initializes the state of the encryption algorithm before the data enters. The IV needs to be different for each message sent so that repeated data encrypts into different ciphertext, and some ciphers (like AES-CBC) require it to be unpredictable – a practical way to accomplish this is just to randomize it each time. IVs do not have to be kept secret, but it’s typical to obfuscate them in some way.

While this protects against pattern analysis, it doesn’t help with replay attacks. For example, retransmitting a given set of encrypted data will still duplicate the result. To prevent that, we need to authenticate the sender. We will use a public, pseudorandomly generated session ID for each message. This session ID can be generated by the receiving device by posting to an…

SDR Sniffing Electric Gates

Most wireless OEM hardware traditionally use 433MHz OOK modules to exchange information. The encoding and encryption of this data stream is left as a task for the embedded software designer. In most cases, the system can be hacked using a replay attack where an RF packet is recorded and replayed to emulate a valid user. [Gilad Fride] hacked his parking gate using this technique but decided to go the extra mile of connecting it to the internet.

He used an RTL-SDR dongle and ook-decoder by [jimstudt] to sniff out…

Synaptics warns that fingerprint spoofing makes laptops vulnerable

In the wake of the WannaCry ransomware computer virus attack, here’s one more thing to worry about. The fingerprint identification systems that some modern laptops employ to recognize users can be easily compromised with a spoofing process.

Synaptics, which makes fingerprint identification sensors and touchpad technology, earlier this month issued a warning that some computer makers, seeking to save about 25 cents per machine, have chosen to use insecure smartphone fingerprint sensors instead of more secure laptop sensors, said Godfrey Cheng, vice president of product for the Santa Clara, Calif.-based company, in an interview with VentureBeat.

“Fingerprint identification has taken off because it is secure and convenient when it’s done right,” he said. “When it’s not secure all of the way through, then that’s an exposure that an attacker can exploit.”

The smartphone fingerprint sensors typically use unencrypted methods to store and send the fingerprint to a central processing unit (CPU) for processing. That makes the data vulnerable to snooping software and other hacks. Synaptics sensors, by contrast, use encryption and a secondary host processor to do the recognition work.

That encryption makes it a lot harder for hackers to copy the fingerprint and use it to unlock a computer remotely, Cheng said. Synaptics will demo the fingerprint insecurity at the Computex trade show in Taiwan this week.

The insecure fingerprint sensors are disturbing because modern laptop users are conditioned to believe that fingerprints are unique and are much safer than passwords. This is largely true, but a laptop manufacturer’s choice in sensors can potentially lead to the theft of your fingerprint image. That makes a user’s laptop secrets vulnerable, as well as those of an entire enterprise, if it’s a work computer.

“There are two types of fingerprint sensors in the notebook market today,” Cheng said. “Those that are encrypted and safe, and those that are unencrypted and unsafe.”

Cheng showed that thieves can use typical phishing methods to take control of your computer and can plant a software program to sniff out your fingerprint when you use the laptop’s fingerprint scanner. Once…

Economists have figured out how to extract the most profit from ransomware

Economists have figured out how to extract the most profit from ransomware

Ransomware is a type of malware that impairs the functionality of a computer (for example, by encrypting files on the hard drive), and then demands the victim pay a ransom in order to return their system to normal.

It’s frighteningly common. The term ‘Ransomware’ first entered the Oxford English Dictionary in 2012. We have seen several ugly and dangerous permutations of it, including CryptoLocker, CryptoWall, and most recently, WannaCry.

But it’s not the cash cow you probably think it is.

Take WannaCry, for example. This specimen devastated the UK National Health Service, as well as countless private sector businesses, like Spain’s Telefonica and Banco Santander. It took roughly a week for the Bitcoin wallets associated with the malware to reach $100,000 in payments. That’s not a huge amount when you compare it to the chaos it caused.

A recent paper from three University of Kent researchers, called “Economic Analysis of Ransomware” published in March of this year, makes several suggestions at how ransomware developers can increase their bottom line.

The researchers note that the money earned from ransomware is largely contingent upon people’s willingness to pay to recover their files. This is influenced…

How to Decrypt and Rip DVDs With Handbrake

You’ve got a bunch of DVDs sitting around your house, but you can’t even remember when you last saw your DVD player, and your laptop doesn’t even have a disc drive anymore. It’s time to modernize your collection. Here, we’ll show you how to rip your DVDs to your computer using the swiss army knife of video conversion tools: Handbrake.

Decrypt and Rip DVDs the Easy Way with WinX DVD

The problem with ripping a DVD using Handbrake is that it’s confusing and requires installing a bunch of other stuff just to get it working. You’re much better off getting a solution like WinX DVD ripper, which can not only rip just about any DVD, but can convert it into any format you want really easily.

It’s literally as simple as inserting your DVD and clicking a button.

Keep reading about Handbrake and you’ll understand why WinX DVD Ripper is a much better solution.

Step Zero: Install Handbrake and libdvdcss So You Can Decrypt DVDs

The main tool we’ll be using to rip DVDs is called Handbrake, which you can download here. Out of the box, Handbrake can rip any DVD that isn’t copy protected…but almost all DVDs you buy in the store are copy protected. Getting around this is a weirdly gray area legally, so applications like Handbrake can’t legally include the software needed to decrypt copy protected DVDs. You can, however, download it separately—as long as you’re just using this to watch a movie on your computer and not starting a bootlegging business, we promise we won’t tell on you.

We’ll be using a free DVD playback library called libdvdcss. This will let Handbrake read your encrypted DVDs and rip them to your computer. The process is a little different for Windows and Mac users, so we’ll go through each one individually. Note that you don’t have to do this every time you rip a DVD—once libdvdcss is installed, you can skip to Step One each time you rip a new disc.

How to Install libdvdcss on Windows

First, you’ll need to download libdvdcss to your computer. For 32-bit versions of Windows, download this version. 64-bit users should download this version. If you aren’t sure which version of Windows you have, check out this article.

Copy the .dll file to your Handbrake program folder. If you used the default installation settings, this should be in C:\Program Files\Handbrake.

After this, Handbrake will be able to read your encrypted DVDs.

How to Install…

22-Year-old Who Stopped Global Cyberattack Donates His Reward to Charity

The British youth who was awarded $10,000 for accidentally stopping an international cyberattack has just announced that he will be donating the cash to charity and education.

The 22-year-old, who goes by the pseudonym MalwareTech, shut down the spread of the malicious online program by activating the “kill-switch” last week after the cyberattack was reported in over 100 countries.

Organizations worldwide were infected by the malicious ransomware known as “WannaCry” – a program that encrypts the users files and holds them for ransom. If the user does not pay the several hundred dollar ransom in bitcoin on time, then all of the data and files stored on the computer are deleted. The National Health Organization, FedEx, Telefonica, and Nissan are all examples of corporate giants who were affected by the malware in addition to hospitals and businesses worldwide.

CHECK OUT: Man Saves 70 People From ISIS Sniper Fire Using His Bulletproof BMW

When MalwareTech and his friends heard of the epidemic, they started investigating the malware’s code. The 22-year-old Brit then found an unregistered domain name in the source of the code that acted as an “abort” button for the malware. When he registered the domain name, the attack ceased.

Though he has preferred to keep his…

How to Encrypt Your Mac’s Time Machine Backup

You encrypt your Mac’s system drive like you should: if your computer is stolen, your data is safe from prying eyes. But on your desk, right next to your Mac, is a carbon copy of everything on your hard drive: your Time Machine backup. Wouldn’t anyone who grabbed that drive have access to all the same information?

Yes they would, which is why it’s important to encrypt your Time Machine drive. There are two ways to do this, and both are relatively straightforward. You can retroactively encrypt your existing Time Machine backup, which allows you to keep your old backups. The downside: this retroactive encryption can take a long time, which is why you might want to simply create an encrypted partition using Disk Utility and back up to that. Let’s go over both options.

The Slow, But Non-Destructive Option: Encrypt Your Current Backups

If you have Time Machine set up on your Mac already, you can encrypt your drive retroactively. The process is going to take a while—for a one terabyte mechanical drive, the process could take more than 24 straight hours—but you can start and stop the process as many times as you like.

Head to System Preferences > Time Machine, then click “Select Disk.”

Select your current backup drive, then click “Remove Disk.”

Yes, we have to remove the drive before we can start encrypting, but don’t worry: your backups will remain on the drive. Click the “Select Backup Disk” button.

Click your old Time Machine drive in the list of options, then check the “Encrypt backups” option.

Secure Messaging App Showdown: WhatsApp vs. Signal

So, you’re interested in secure, encrypted chat apps. You have a few different choices, but as with any chat app, what all your friends are using is important. To that end, Signal and WhatsApp are easily the most popular. Here’s how they compare.

The Contenders

Secure messaging apps are growing in popularity as we all come to realize how much data companies collect about us every day. Unlike phone calls, it’s much easier to imagine some giant corporate entity or government getting ahold of one of your chat transcripts and using it for nefarious means. While many apps out there that do this, including Apple’s iMessage, WhatsApp and Signal lead the way in both popularity, platform availability, and features. Aside from messaging, both apps also include voice and video calling, though we’ll be concentrating on the text messaging capabilities of both here. Let’s break down how both work:

  • Signal: While WhatsApp has the most users between these two, you’ve probably heard about Signal more often in the news whenever people are talking about encryption. Pretty much any article you read about security, from Snowden to Russia, includes a mention of Signal. That’s because every message that’s sent over Signal supports end-to-end encryption (we’ll get into exactly what this means below). This security measure means that if someone intercepted your messages, or found them on a server somewhere, they would see gibberish, not the actual text of a conversation. Signal is also open-source, peer-reviewed, and routinely audited, which means it’s pretty much always up to date from a security standpoint.
  • WhatsApp: WhatsApp has more than 1 billion users, which is an insane number, all things considered. What’s also crazy is the fact that WhatsApp partnered with the company behind Signal, Open Whisper Systems, to integrate the same end-to-end encrypted chat protocol as Signal. Unlike Signal, which bills itself as a security app, WhatsApp bills itself as a messaging application first, which means it has all sorts of silly chat stuff like stickers and GIFs. While the Signal protocol that WhatsApp uses for encryption is open-source, the rest of the app isn’t, so we don’t know everything that happens behind the scenes.

Broad strokes don’t mean much when it comes to actually comparing how these two apps work though, so let’s dig in, starting with the most important part, encryption.

Both Support End-to-End Encryption, But Signal Doesn’t Save Anything It Doesn’t Have To

End-to-end encryption is a term we hear a lot these days, but how it works and why it’s important for security isn’t always clear. Long ago, we sent messages in plain text, meaning that anyone could see the contents of a message if they caught it while it travelled from sender to receiver. Nowadays, many messaging apps using end-to-end encryption. When done correctly, end-to-end encryption prevents a third party from viewing a conversation. It does so by securing a message with a lock, then giving the key to the sender and receiver.

This also means that even the provider, in this case, WhatsApp and Signal, cannot see the contents of a message. So, if a third party, like a government, attempts to access those messages, they can’t see the content of that message; they’ll see a garbled bunch of characters. Both WhatsApp and Signal use the same exact protocols for encryption. That means you can assume your messages are safe and secure regardless of which service you use. How they store personal information and message metadata differs though.

Metadata is the important…

5 Quick And Easy Ways To Encrypt Your Life Safely In Less Than An Hour.

The use of mobile and computers’ become so common that we probably don’t even know our personal information secretly leaks to others.

Just try to recall how many public figures’ personal information or photos leaked to the public over the last 10 years. And look at what’s just recently happened to Emma Watson and Amanda Seyfriend with their private photos on the phone got hacked.

In fact, the leakage of personal information has become so easily that even the FBI director covered his personal laptop’s webcam with a piece of tape. He suggested us to cover our in-computer webcam with a tape because this is an essential security step that everyone should take.

Director James Comey said during a conference at the Center for Strategic and International Studies,[1]

“There’s some sensible things you should be doing, and that’s one of them. You go into any government office and we all have the little camera things that sit on top of the screen. You do that so that people who don’t have authority don’t look at you. I think that’s a good thing.”

So, how what do we do to protect our privacy and encrypt our life?

Doubling up the safeness – Use two-factor authentication for your email account.

Lots of our social media or online tools accounts are connected with our email account. If your email account gets hacked, besides having your email information and contact list leaked, all the other connected accounts will…