Sensebender Gateway and ATSHA204



  • Hey now Sense Bender Gateway arrived and I was going to start using ATSHA204- But am a bit worried to lock something in the circuit so that I destroy it. So a few questions I have after I read https://forum.mysensors.org/topic/1021/security-introducing-signing-support-to-mysensors/2

    What locks must be locked to make it work with ATSHA204. I also resolve ATSHA204 I played a little bit with. And I have run SecurityPersonalizer.ino then after that I locked configuration. Then, I generated a key without a lock to replace the key if I want to. And if I have understood everything correctly so it will be good so? Then you come to put the key in other ATSHA204 should then edit the file SecurityPersonalizer.ino and paste the key you got from the first ATSHA204?

    PF8F
    UseFlag00 | UpdateCount00 | UseFlag01 | UpdateCount01 | FF | 00 | FF | 00
    UseFlag02 | UpdateCounC2 42 | AF 8F
    UseFlag00 | UpdateCount00 | UseFlag01 | UpdateCount01 | FF | 00 | FF | 00
    UseFlag02 | UpdateCount02 | UseFlag03 | Upd
    UseFlag00 | UpdateCount00 | UseFlag01 | UpdateCount01 | FF | 00 | FF | 00
    UseFlag02 | UpdateCount02 | UseFlag03 | UpdateCount03 | FF | 00 | FF | 00
    UseFlag04 | UpdateCount04 | UseFlag05 | UpdateCount05 | FF | 00 | FF | 00
    UseFlag06 | UpdateCount06 | UseFlag07 | ‘…Ñ•
    ½Õ¹ÑÁ7 | FF | 00 | FF | 00
    LastKPersonalization sketch for MySensors usage.
    -------------------------------------------
    Device revision: 00000004
    Device serial: {0x01,0x23,0x3F,0x99,0xAA,0x5B,0xA5,0xCE,0xEE}
    01233F99AA5BA5CEEE
    Skipping configuration write and lock (configuration already locked).
    Chip configuration:
    EEPROM DATA:
    SOFT_HMAC_KEY | FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
    SOFT_SERIAL | FFFFFFFFFFFFFFFFFF
    AES_KEY | FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
    ATSHA204A DATA:
    SN[0:1] | SN[2:3] | 01 23 | 3F 99
    Revnum | 00 04 05 00
    SN[4:7] | AA 5B A5 CE
    SN[8] | Reserved13 | I2CEnable | Reserved15 | EE | 55 | 00 | 00
    I2CAddress | TempOffset | OTPmode | SelectorMode | C8 | 00 | 55 | 00
    SlotConfig00 | SlotConfig01 | 8F 80 | 80 A1
    SlotConfig02 | SlotConfig03 | 82 E0 | A3 60
    SlotConfig04 | SlotConfig05 | 94 40 | A0 85
    SlotConfig06 | SlotConfig07 | 86 40 | 87 07
    SlotConfig08 | SlotConfig09 | 0F 00 | 89 F2
    SlotConfig0A | SlotConfig0B | 8A 7A | 0B 8B
    SlotConfig0C | SlotConfig0D | 0C 4C | DD 4D
    SlotConfig0E | SlotConfig0F | C2 42 | AF 8F
    UseFlag00 | UpdateCount00 | UseFlag01 | UpdateCount01 | FF | 00 | FF | 00
    UseFlag02 | UpdateCount02 | UseFlag03 | UpdateCount03 | FF | 00 | FF | 00
    UseFlag04 | UpdateCount04 | UseFlag05 | UpdateCount05 | FF | 00 | FF | 00
    UseFlag06 | UpdateCount06 | UseFlag07 | UpdateCount07 | FF | 00 | FF | 00
    LastKeyUse[0:3] | FF FF FF FF
    LastKeyUse[4:7] | FF FF FF FF
    LastKeyUse[8:B] | FF FF FF FF
    LastKeyUse[C:F] | FF FF FF FF
    UserExtra | Selector | LockValue | LockConfig | 00 | 00 | 55 | 00
    Take note of this key, it will never be the shown again:
    #define MY_HMAC_KEY
    0x25,0x8B,0x49,0xD7,0x2E,0x43,0x2F,0x3A,0x61,0xF5,0x4A,0xB9,0x9F,0x93,0x05,0x32,\
    0x55,0xB9,0xF6,0xF2,0x9A,0x4C,0xD7,0x4E,0x52,0x12,0xAC,0x58,0x03,0xAE,0xCD,0x6F
    Writing key to slot 0...
    Data not locked. Define LOCK_DATA to lock for real.
    --------------------------------
    Personalization is now complete.
    Configuration is LOCKED
    Data is UNLOCKED```
    

    My goal with my network are able to both have ATSHA204 nodes and ordinary nodes without ATSHA204. As the temperature and the like nodes.

    Or is it better to use ATSHA204 on all nodes?

    //Mattias


  • Contest Winner

    @MLs
    Signing is supported using both atsha204a and pure software. They are perfectly compatible so you can mix all you want.
    What is important to understand is that if you use software based signing, if someone gets physical access to your node, they can dump eeprom and obtain your secret hmac key (PSK) and using that they can potentially compromise your node network.
    The benefit of a atsha is that the key is securely stored and cannot be extracted from the chip. At least it is according to Atmel. So if you plan to put your node "outside" it is recommended to use atsha. On your gateway it is less important as you would typically have your gateway placed "securely". If you do not, then your network would be compromised as an attacker could tap in to the communication between gateway and controller, which is not secured.
    This limitation is not accidental. Supporting security between gateway and controller mean a dependency which would limit the ability to support a wide range of controllers and is therefore undesirable. And personally I don't really see a usecase for it anyway as gateways generally are placed indoors and are hooked up to a LAN in one way or another.


Log in to reply
 

Suggested Topics

23
Online

11.2k
Users

11.1k
Topics

112.5k
Posts