Soft Signing vs. the hardware ATSHA
-
@ThetaDev Hi, you are correct in your assumptions. It basically comes down to where you place your nodes and how much effort it would take to replace the hmac key on your network, if it was compromised.
As for the future, atsha204 based security will be obsolete in mysensors v3 (unless you plan to keep using atmga328p based devices).
More powerful chips give us the possibility to use better security schemes.@Anticimex said in Soft Signing vs. the hardware ATSHA:
As for the future, atsha204 based security will be obsolete in mysensors v3 (unless you plan to keep using atmga328p based devices).
More powerful chips give us the possibility to use better security schemes.What mpu's other than the atmega328p does version 3 envision might be used?
-
@Anticimex said in Soft Signing vs. the hardware ATSHA:
As for the future, atsha204 based security will be obsolete in mysensors v3 (unless you plan to keep using atmga328p based devices).
More powerful chips give us the possibility to use better security schemes.What mpu's other than the atmega328p does version 3 envision might be used?
-
@NeverDie Not much different than we already support right now. So there are plenty (nrf5, SAMD, ESP, etc).
@Anticimex Do you happen to know whether the nrf5 has this sort of capability built into it already? It's already so integrated that it would be great if it did.
-
@Anticimex Do you happen to know whether the nrf5 has this sort of capability built into it already? It's already so integrated that it would be great if it did.
@NeverDie What sort of capability?
We are completely rethinking security for v3, and it will be a cross-device compatible format. However, atmega328p is too resource limited to be able to handle this in a good way, so we will not support that particular chip-set. The legacy signing options will remain for those devices. -
So what would be the microcontroller of choice for MySensors V3?
Using an ESP or NRF5 would be useless if you dont need WIFI or bluetooth (which isnt much use for home automation anyway, because bluetooth has a low range and wifi is a power hog).
Maybe the new 32bit ARM stuff?
-
So what would be the microcontroller of choice for MySensors V3?
Using an ESP or NRF5 would be useless if you dont need WIFI or bluetooth (which isnt much use for home automation anyway, because bluetooth has a low range and wifi is a power hog).
Maybe the new 32bit ARM stuff?
@ThetaDev There is no recommended one, since it is totally up to you and your specific needs. What we aim for from a security point of view (and this thread is dealing with that, and not general v3 discussions) is a solution that is device independent (to some extent, it does put requirements on memory and performance, hence the support for atmega328p is dropped from this new security feature).
It will be HW independent in the sense that it won't support any specific security devices, like the ATSHA. It will be a purely software implemented feature. It may leverage chipset features, such as RNGs or HW accelerated calculators though. -
And if it is still undesirable there is always the samd which the SenseBender gateway is based on. Then you get the same freedom of choice as with a atmega since the radio is not built in.
Do you feel secure today? No? Start requiring some signatures and feel better tomorrow ;)
-
And if it is still undesirable there is always the samd which the SenseBender gateway is based on. Then you get the same freedom of choice as with a atmega since the radio is not built in.
@Anticimex said in Soft Signing vs. the hardware ATSHA:
Then you get the same freedom of choice
Actually you still have freedom of choice with the nRF5. You can use its mpu to control other radios, just as you would with an atmega. You could either ignore its existing radio, or you could have a node with two different kinds of radios (i.e. built-in plus add-on). That's the beauty of it. You can learn just one mpu and be done.
-
@Anticimex said in Soft Signing vs. the hardware ATSHA:
Then you get the same freedom of choice
Actually you still have freedom of choice with the nRF5. You can use its mpu to control other radios, just as you would with an atmega. You could either ignore its existing radio, or you could have a node with two different kinds of radios (i.e. built-in plus add-on). That's the beauty of it. You can learn just one mpu and be done.
@NeverDie yes of course. Just seem a bit excessive to drag in a complicated chip if you don't intend to use all of it. Especially for battery powered applications.
But from a security point of view (again, which is what this thread is all about) it does not matter what chip you stick to. But if you want to use the "next level" security, don't expect it to support atmga328p.Do you feel secure today? No? Start requiring some signatures and feel better tomorrow ;)
-
@NeverDie yes of course. Just seem a bit excessive to drag in a complicated chip if you don't intend to use all of it. Especially for battery powered applications.
But from a security point of view (again, which is what this thread is all about) it does not matter what chip you stick to. But if you want to use the "next level" security, don't expect it to support atmga328p.@Anticimex So, to sum it up, will the "next level" be doing all the security inside a more more advanced mpu, or do you envision it will still involve the use of external chips, like the ATSHA chip or similar?
-
@Anticimex So, to sum it up, will the "next level" be doing all the security inside a more more advanced mpu, or do you envision it will still involve the use of external chips, like the ATSHA chip or similar?
