Lightweight Encryption Key Exchange Protocol

Question

Lightweight Encryption Key Exchange Protocol

I have an embedded system sending data to the JSON REST service via HTTP. I am currently using HMAC-SHA1 for authentication, much like Amazon AWS .

Now I am exploring options for encrypting data in transit. HTTPS It seems like a logical choice, since the server end will be very little changed. However, my microcontroller has a relatively small flash (256KB) and RAM (96KB), and the only customers I can find are commercial products. The microcontroller simplifies encryption with built-in "AES encryption lookup tables", but I assume I need a secure way to exchange keys.

I looked over SSL and it looks pretty complicated. Any other lighter options?

+3

ssl https embedded encryption

Tim Mar 09 '11 at 13:59

source share

2 answers

SSL Diffie-Hellman (DH) . , (DH) . , , - , DH "--" (MITM). . , .

0

Eugene Mayevski 'Allied Bits 09 . '11 14:24

Thomas Pornin · Accepted Answer · 2011-03-09T14:26:42+0000

Most of the complexity of SSL comes from high modularity. A client can support several “cipher suites” and the server selects them. Data can be compressed. The client can authenticate by submitting its own certificate and using the corresponding private key. The server public key is sent as an X.509 certificate, and verifying the X.509 certificate is complex.

SSL . , , , . TLS_RSA_WITH_AES_128_CBC_SHA256. . , . , TLS 1.2, - (SHA-256) (MD5 SHA-1) (TLS - SSL, TLS 1.0 - SSL 3.1).

() TLS, AES, 3DES, X.509 ( RSA). 21 ( ARM, C, ), 19 , 16 ( SSL, , 16 ). , SSL .

SSL , , , : . - , - .

, PolarSSL (GPLv2). , . CyaSSL, GPLv2, , 30- ( ).

Lightweight Encryption Key Exchange Protocol

More articles: