Skip to content
  • MySensors
  • OpenHardware.io
  • Categories
  • Recent
  • Tags
  • Popular
Skins
  • Light
  • Brite
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo
  1. Home
  2. Development
  3. [security] Introducing signing support to MySensors

[security] Introducing signing support to MySensors

Scheduled Pinned Locked Moved Development
security
491 Posts 48 Posters 424.7k Views 30 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • A Anticimex

    @ahmedadelhosni in your specific case, I would suggest, in order for you to not risk exposing your gateway serial to a thief, that you don't use whitelisting at the node at risk (the one outside). Then it won't reveal anything about your security if stolen, assuming you use an atsha204a.
    Your gateway on the other hand, has a whitelist of every node in your system (if you so choose), so you can, as soon as you notice your node being stolen, remove its entry on the gateway, and it would be rejected. The attacker would then have to try to guess its way into figuring out a serial that match any other node the gateway accept in order to be able to "get in".
    That way, your hmac, at least in theory, will still be secure and usable (and you shouldn't need to redo personalization on your network).

    A Offline
    A Offline
    ahmedadelhosni
    wrote on last edited by
    #469

    @Anticimex Second : Don't you think that the whitelisting need to be more robust ?

    I mean that I don't like the idea of reflashing. Why don't you implement an API that can be used to securely add or revoke serials during run time ?

    Also another idea which I would like to discuss. Maybe when a node is started, it sends it's serial number securely to the gateway and it is added to the whitelist for example.

    The whole idea is that I don't really know how do other commerial products handle security for private and public nodes. All I know is usually you scan a QR code which is on the box. Do you have any idea ?

    A 1 Reply Last reply
    0
    • A Anticimex

      @ahmedadelhosni no, if you directly target another node, I do not believe it will pass through the gateway.
      I would say that if something like that is desired, you target your controller and have the controller relay the message to the other node. Everything to/from the controller pass through the gateway. That becomes controller specific behavior though.

      A Offline
      A Offline
      ahmedadelhosni
      wrote on last edited by
      #470

      @Anticimex Actually something now came to my mind. Can't the attacker flash a gateway sketch easier and control all nodes now ? :D He has a trusted ATSHA with HMAC.
      Am I missing something ?

      A 2 Replies Last reply
      0
      • A ahmedadelhosni

        @Anticimex Second : Don't you think that the whitelisting need to be more robust ?

        I mean that I don't like the idea of reflashing. Why don't you implement an API that can be used to securely add or revoke serials during run time ?

        Also another idea which I would like to discuss. Maybe when a node is started, it sends it's serial number securely to the gateway and it is added to the whitelist for example.

        The whole idea is that I don't really know how do other commerial products handle security for private and public nodes. All I know is usually you scan a QR code which is on the box. Do you have any idea ?

        A Offline
        A Offline
        Anticimex
        Contest Winner
        wrote on last edited by
        #471

        @ahmedadelhosni signing has no (and will not have) a dependency to encryption so serial will never be sent OTA.
        For MySensors v3 a complete new security scheme will obsolete the current one, so I won't make significant changes to the existing framework. Of course pull requests are always welcome for review.

        Do you feel secure today? No? Start requiring some signatures and feel better tomorrow ;)

        A 1 Reply Last reply
        0
        • A ahmedadelhosni

          @Anticimex Actually something now came to my mind. Can't the attacker flash a gateway sketch easier and control all nodes now ? :D He has a trusted ATSHA with HMAC.
          Am I missing something ?

          A Offline
          A Offline
          Anticimex
          Contest Winner
          wrote on last edited by
          #472

          @ahmedadelhosni nodes still need to be included and your existing gateway needs to be blocked out since they will have conflicting addresses.
          But as I already said, if you get your devices stolen, the recommendation is to distrust your network and replace the keys.
          These are the limitations when implementing security for systems as limited in resources as the atmga328p.

          Do you feel secure today? No? Start requiring some signatures and feel better tomorrow ;)

          1 Reply Last reply
          0
          • A ahmedadelhosni

            @Anticimex Actually something now came to my mind. Can't the attacker flash a gateway sketch easier and control all nodes now ? :D He has a trusted ATSHA with HMAC.
            Am I missing something ?

            A Offline
            A Offline
            Anticimex
            Contest Winner
            wrote on last edited by
            #473

            @ahmedadelhosni also, if your public node is stolen and your gateway had a whitelist (and your other nodes has whitelists) the attacker would not know the serials of your other nodes, and therefore not be able to sign messages to them (assuming your other nodes require signed and whitelist enabled messages).

            Do you feel secure today? No? Start requiring some signatures and feel better tomorrow ;)

            1 Reply Last reply
            0
            • A Anticimex

              @ahmedadelhosni signing has no (and will not have) a dependency to encryption so serial will never be sent OTA.
              For MySensors v3 a complete new security scheme will obsolete the current one, so I won't make significant changes to the existing framework. Of course pull requests are always welcome for review.

              A Offline
              A Offline
              ahmedadelhosni
              wrote on last edited by
              #474

              @Anticimex aha so you mean that since our message frame contains the payload (not encrypted ) + signature so it is not applicable to send it OTA ?

              So do you have any documentation for tracking 3.0 progress ?

              A 1 Reply Last reply
              0
              • A ahmedadelhosni

                @Anticimex aha so you mean that since our message frame contains the payload (not encrypted ) + signature so it is not applicable to send it OTA ?

                So do you have any documentation for tracking 3.0 progress ?

                A Offline
                A Offline
                Anticimex
                Contest Winner
                wrote on last edited by
                #475

                @ahmedadelhosni no, I mean that I don't want features relating to signing to depend on encryption. Things like serials and hmac keys must never be sent OTA even with encryption enabled since the current encryption available (at least in SW) is very weak due to protocol limitations.

                Progress on v3 is currently not moving because the core team is busy with other things.
                We want to make a security solution that is robust, easy to use and properly secure so we do not want to rush anything. We are well under way with deciding the core principles but I will not publish the working documents because we quite frankly do not have time to handle questions from the public. Especially when we have not finalized the design.

                Rest assured fully qualified people are investigating and discussing the matter. In due course the results will become public as we are working with an open source project so anything concrete will show on github.

                Do you feel secure today? No? Start requiring some signatures and feel better tomorrow ;)

                A 1 Reply Last reply
                0
                • A Anticimex

                  @ahmedadelhosni no, I mean that I don't want features relating to signing to depend on encryption. Things like serials and hmac keys must never be sent OTA even with encryption enabled since the current encryption available (at least in SW) is very weak due to protocol limitations.

                  Progress on v3 is currently not moving because the core team is busy with other things.
                  We want to make a security solution that is robust, easy to use and properly secure so we do not want to rush anything. We are well under way with deciding the core principles but I will not publish the working documents because we quite frankly do not have time to handle questions from the public. Especially when we have not finalized the design.

                  Rest assured fully qualified people are investigating and discussing the matter. In due course the results will become public as we are working with an open source project so anything concrete will show on github.

                  A Offline
                  A Offline
                  ahmedadelhosni
                  wrote on last edited by
                  #476

                  @Anticimex Great. Thanks for your time.

                  A 1 Reply Last reply
                  0
                  • A ahmedadelhosni

                    @Anticimex Great. Thanks for your time.

                    A Offline
                    A Offline
                    Anticimex
                    Contest Winner
                    wrote on last edited by
                    #477

                    @ahmedadelhosni don't mention it. I strive to be as transparent as possible when it comes to security. And please, please let me know if there is anything missing from the documentation or things that can be improved in it.

                    We keep the next level security somewhat under wraps for now since we are not completely sure ourselves on how it is supposed to work just yet. Once we decide on that, we may publish something to get general feedback from anyone who might have input on the design (if so it will be a highly technical document) but most likely this will be a development process where anyone can test and evaluate it on a branch (like the development branch today) long before anything becomes an official release.
                    We will try to document it continuously as it evolves once we get to start doing actual code.

                    Do you feel secure today? No? Start requiring some signatures and feel better tomorrow ;)

                    1 Reply Last reply
                    1
                    • A Anticimex

                      @ahmedadelhosni
                      We lock the atsha to make sure it can't be readable.
                      It does not matter that samd supports locking or not. The atmega328p does not. For now, we have a security scheme that supports any target, so we have to have a system that works for all.
                      For MySensors v3, an entirely new security scheme is under consideration. But it will mean dropping support for the atmga328p as it is not powerful enough.
                      As for what others do, I suggest you ask them :)
                      Security can be implemented in many ways. Each with drawbacks and benefits. The one currently in use is a scheme that can work on basically any target with reasonable security and performance. It has drawbacks, yes, but at the time of implementation, these were considered acceptable.
                      For the future, more sophisticated schemes can be used which are easier to use, arguably more secure but more complex in terms of computational power and protocol. The core team is investigating various solutions.

                      skywatchS Offline
                      skywatchS Offline
                      skywatch
                      wrote on last edited by
                      #478

                      @Anticimex said in [security] Introducing signing support to MySensors:

                      @ahmedadelhosni

                      For MySensors v3, an entirely new security scheme is under consideration. But it will mean dropping support for the atmga328p as it is not powerful enough.

                      Eeekk... Does that mean any nodes based on the pro-mini etc will no longer work with v3.0 signing? Or will there be backwards compatibility to still use these with ATSHA204 as we do today?

                      A 1 Reply Last reply
                      0
                      • skywatchS skywatch

                        @Anticimex said in [security] Introducing signing support to MySensors:

                        @ahmedadelhosni

                        For MySensors v3, an entirely new security scheme is under consideration. But it will mean dropping support for the atmga328p as it is not powerful enough.

                        Eeekk... Does that mean any nodes based on the pro-mini etc will no longer work with v3.0 signing? Or will there be backwards compatibility to still use these with ATSHA204 as we do today?

                        A Offline
                        A Offline
                        Anticimex
                        Contest Winner
                        wrote on last edited by
                        #479

                        @skywatch The security solution known as "signing" and "encryption" today will still be available in v3, but will then be referred as "legacy" signing. It will be considered obsolete and only bugfixing will take place, but it will still be supported. Also for the current newer devices, but it might not be ported to upcoming platforms with higher performence.

                        Do you feel secure today? No? Start requiring some signatures and feel better tomorrow ;)

                        1 Reply Last reply
                        0
                        • skywatchS Offline
                          skywatchS Offline
                          skywatch
                          wrote on last edited by
                          #480

                          That was a fast reply! :) - Thank you, at least I can carry on building now :)

                          Where are the latest docs for signing and encryption for ver 2.2.0-rc.1? A few links on the site no longer work and I am having trouble finding what to do (eg HW signing, attach ATSHA204 like this, then do this, then do the other thing and in your sketch do this etc.....) You get the idea! ;)

                          A 1 Reply Last reply
                          0
                          • skywatchS skywatch

                            That was a fast reply! :) - Thank you, at least I can carry on building now :)

                            Where are the latest docs for signing and encryption for ver 2.2.0-rc.1? A few links on the site no longer work and I am having trouble finding what to do (eg HW signing, attach ATSHA204 like this, then do this, then do the other thing and in your sketch do this etc.....) You get the idea! ;)

                            A Offline
                            A Offline
                            Anticimex
                            Contest Winner
                            wrote on last edited by
                            #481

                            @skywatch you have the links at the very top of this thread :)

                            Do you feel secure today? No? Start requiring some signatures and feel better tomorrow ;)

                            1 Reply Last reply
                            0
                            • skywatchS Offline
                              skywatchS Offline
                              skywatch
                              wrote on last edited by
                              #482

                              Wouldn't you believe it? - I just found this....

                              https://www.mysensors.org/apidocs-beta/group__MySigninggrpPub.html

                              A 1 Reply Last reply
                              0
                              • skywatchS skywatch

                                Wouldn't you believe it? - I just found this....

                                https://www.mysensors.org/apidocs-beta/group__MySigninggrpPub.html

                                A Offline
                                A Offline
                                Anticimex
                                Contest Winner
                                wrote on last edited by
                                #483

                                @skywatch :+1:

                                Do you feel secure today? No? Start requiring some signatures and feel better tomorrow ;)

                                1 Reply Last reply
                                0
                                • skywatchS Offline
                                  skywatchS Offline
                                  skywatch
                                  wrote on last edited by
                                  #484

                                  :)

                                  Lots to read today!

                                  1 Reply Last reply
                                  0
                                  • skywatchS Offline
                                    skywatchS Offline
                                    skywatch
                                    wrote on last edited by
                                    #485

                                    Just had a quick look and that is a good explaination and example code too - This should be on the main site as it is much clearer and more user friendly than the current content.... Just my 0.02€

                                    A 1 Reply Last reply
                                    0
                                    • skywatchS skywatch

                                      Just had a quick look and that is a good explaination and example code too - This should be on the main site as it is much clearer and more user friendly than the current content.... Just my 0.02€

                                      A Offline
                                      A Offline
                                      Anticimex
                                      Contest Winner
                                      wrote on last edited by
                                      #486

                                      @skywatch it is intended to replace the main site documentation. But as master and development branches differ significantly currently, we are awaiting v2.2.0 release first.

                                      Do you feel secure today? No? Start requiring some signatures and feel better tomorrow ;)

                                      1 Reply Last reply
                                      0
                                      • skywatchS Offline
                                        skywatchS Offline
                                        skywatch
                                        wrote on last edited by
                                        #487

                                        No problems. I have enough to learn a lot from now! :)

                                        Just curious though as to what would be replacing the AT328p for v3.0 and signing and encryption - thinking to maybe order some now and get used to them..... Raspberry pi zeros everywhere or ...?

                                        A 1 Reply Last reply
                                        1
                                        • skywatchS skywatch

                                          No problems. I have enough to learn a lot from now! :)

                                          Just curious though as to what would be replacing the AT328p for v3.0 and signing and encryption - thinking to maybe order some now and get used to them..... Raspberry pi zeros everywhere or ...?

                                          A Offline
                                          A Offline
                                          Anticimex
                                          Contest Winner
                                          wrote on last edited by
                                          #488

                                          @skywatch nRF5 is a versatile, powerful option to an atmga328p plus nrf24 radio.

                                          Do you feel secure today? No? Start requiring some signatures and feel better tomorrow ;)

                                          1 Reply Last reply
                                          1

                                          Hello! It looks like you're interested in this conversation, but you don't have an account yet.

                                          Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.

                                          With your input, this post could be even better 💗

                                          Register Login
                                          Reply
                                          • Reply as topic
                                          Log in to reply
                                          • Oldest to Newest
                                          • Newest to Oldest
                                          • Most Votes


                                          19

                                          Online

                                          12.0k

                                          Users

                                          11.2k

                                          Topics

                                          113.4k

                                          Posts


                                          Copyright 2025 TBD   |   Forum Guidelines   |   Privacy Policy   |   Terms of Service
                                          • Login

                                          • Don't have an account? Register

                                          • Login or register to search.
                                          • First post
                                            Last post
                                          0
                                          • MySensors
                                          • OpenHardware.io
                                          • Categories
                                          • Recent
                                          • Tags
                                          • Popular