Hey, crypto-nerds. Anybody got a good solution to the following?
I need to authenticate a bunch of devices against a server and then set up an encrypted channel. Catch is that the devices are very simple, so the encryption cannot be too expensive, and I probably have to code the protocol myself in C (and the server component in Java), so I cannot “just” throw in TLS.
I’m thinking just using Diffie-Hellman to set up a session encryption key, authenticate the first packet using a simple HMAC with a pre-configured key, and then use a simple symmetric cipher for the payload. Any issues with this plan?
The devices are simple boxes with sensors and electronics to control windows. All data is sent over an encrypted Wifi connection, so the protection is really just against anybody already on the wifi. Communication is over TCP and I would like to reasonably protect against snooping by hosts already on the network, but mostly protect against hosts impersonating devices (hence the HMAC) or anybody hijacking the connection. The sessions will be relatively long-lived but low-traffic (lifetime of connection is hours, data amount is 1-10 KiB/minute in small packets of < 100 bytes – and yes, I know not to encrypt the packages individually using the same key).
I’ve found a library implementing SHA256HMAC and AES 128/256, which I guess should be secure enough for this use case? The boxes run an ESP8266, which has 64 KiB instruction memory and 96 KiB data memory, and I need the majority free for actual tasks. Power is not really an issue.