difference between encryption with personalization and simple password
-
@Anticimex is there a way to use both methods in one network? So to personalize nodes with the AES key (0x12; 0x34; 0x56; 0x00;...) and use SIMPLE_PASSWD "123456" (or some other derivativ)?
-
wow... to be honest I didn't expected it to be so easy... what flags are those "under the hood" settings?
-
@Anduril said in difference between encryption with personalization and simple password:
#define MY_RFM69_ENABLE_ENCRYPTION
@Anticimex
Interesting, I'm going to make a remote control for my gate with an RFM69HCW, obviously I don't want the signal to be sniffed and copied.I am new to MySensors, Is :
#define MY_RFM69_ENABLE_ENCRYPTION #define MY_SECURITY_SIMPLE_PASSWD "testpass"is simply enough?
What to add if not secure enough? -
@Anduril said in difference between encryption with personalization and simple password:
#define MY_RFM69_ENABLE_ENCRYPTION
@Anticimex
Interesting, I'm going to make a remote control for my gate with an RFM69HCW, obviously I don't want the signal to be sniffed and copied.I am new to MySensors, Is :
#define MY_RFM69_ENABLE_ENCRYPTION #define MY_SECURITY_SIMPLE_PASSWD "testpass"is simply enough?
What to add if not secure enough?@SuperNinja if memory serves me, you only need the simple flag. You can read more in the doxygen site: https://www.mysensors.org/apidocs/group__SecuritySettingGrpPub.html
-
@SuperNinja you only need
#define MY_SECURITY_SIMPLE_PASSWD "testpass". The other one would be needed for encryption wih personalization (so keys saved in eeprom or atsha-chip)@Anticimex is there a way to give the
SIMPLE_PASSWDin hex? As far as I understand the AES key in the personalizer sketch is a hex and the password in sketch would be ASCII. Therefor even if looking identical they would not match. Or do I have to create a password first and convert that to hex to be used in personalization... -
@SuperNinja you only need
#define MY_SECURITY_SIMPLE_PASSWD "testpass". The other one would be needed for encryption wih personalization (so keys saved in eeprom or atsha-chip)@Anticimex is there a way to give the
SIMPLE_PASSWDin hex? As far as I understand the AES key in the personalizer sketch is a hex and the password in sketch would be ASCII. Therefor even if looking identical they would not match. Or do I have to create a password first and convert that to hex to be used in personalization...@Anduril I do not thing there is a limitation as long as the value of the define is in legal c code initializer format. The preprocessor will "paste" your define where it is mentioned so you can search the code for it to see where it is used. I do not recall there being any logic that assume ascii in the define.
-
In the past, I did several tests about signing and encryption.
The results and my thoughts, you can find them here: https://forum.mysensors.org/topic/10382/security-signing-messages-and-encryption-of-messages-a-guide-or-more-a-summary-of-my-tests?_=1604220215583
Maybe it can help :-) -
In the past, I did several tests about signing and encryption.
The results and my thoughts, you can find them here: https://forum.mysensors.org/topic/10382/security-signing-messages-and-encryption-of-messages-a-guide-or-more-a-summary-of-my-tests?_=1604220215583
Maybe it can help :-)@Anticimex , @Anduril Thanks for this response
@evb great job, here is an easy to understand summary for beginners like me. Thanks
