Signing too heavy for Atmega328 on branch-development. Looking for hints


  • Hardware Contributor

    Hi to all and happy new year!
    I did buy a new RPI3 and I now using itself with a NRF24 PA (ethernet setup gateway).

    I did notice that with branch-development (2.2 rc2) signing is simply... too heavy for atmega328.

    For the nodes that need to be secured (and are powered from wall and not from battery, as the heater relay) I could try the Atmega1284 or nodemcu, but I would mantain also the simplest nodes only with temperature sensors with the atmega328 (and this nodes of course don't need security at all).

    I have some question, that cannot solve reading the forum:

    1 -
    On RC2 if we enable the signing on gateway, need to enable on every node. I'm aware for the flag "MY_SIGNING_WEAK_SECURITY".

    Where need enable this flag? Only on gateway? Only on node? On both? And with this enabled can I remove the signing from some node and leave signing on others?

    2
    "Request signature flag". Is it possible to enable ONLY on secured node and not on gateway? So I can leave the nodes that don't need security free from this flag. What the real scope of requesting a signature? In effect for one or two nodes I would have only the WHITELISTING (and I know that to have whitelist we need enable signing), so it can accept only from my gateway. In effect, I can live without the signature..... or no?

    3
    Using the ./congigure cleans totally previous configure options? Or is better delete also some file (e.g. there is a file .dat created, I don't remember the exact location but if I'm not wrong it mantain all configuration. If I remove it before ./configure is ok to have a perfect new clean installation or no?)

    Thank you very much for the support and for the help!


  • Mod

    @sineverba I don't know about the other questions but https://www.mysensors.org/apidocs-beta/group__memorysavings.html might be useful to get signing to fit on atmega328.


  • Contest Winner

    @sineverba yes, you can set weak security only on gateway and if you do, you can leave some nodes without signing or encryption enabled. You can also only set the require signatures flag on a specific node and omit it on the gateway. Just be aware that any node not having the request flag, will accept unsigned messages.


  • Hardware Contributor

    @anticimex said in Signing too heavy for Atmega328 on branch-development. Looking for hints:

    @sineverba yes, you can set weak security only on gateway and if you do, you can leave some nodes without signing or encryption enabled. You can also only set the require signatures flag on a specific node and omit it on the gateway. Just be aware that any node not having the request flag, will accept unsigned messages.

    Thank you. Is it secure to have a node without signature but with whitelisting enabled? It seems right to me, but what on your experience?


  • Contest Winner

    @sineverba whitelisting depend on signing. Without signing, whitelisting is pointless. The receiver has no way of authenticating the sender


  • Hardware Contributor

    @mfalkvidd Fantastic! 58% of occupied space with DEBUG ENABLED and 31% with debug disabled. I did import the adafruitsi7021 library and watchdog.

    I did disable the splash screen and the signal report!

    Thank you!


  • Hardware Contributor

    @anticimex Sorry, maybe I'm not clear. I mean, is it secure to have enabled:

    • signing
      -whitelisting

    But NO signature request on a node that need to be secured?


  • Contest Winner

    @sineverba that depend on the flow of data. If your node is a lock, it should require signatures to avoid "rouge" senders to unlock it.
    If your node is collecting data (is a sensor) which is sent to your gateway (and controller) that affect the controller state in some sense then your gateway should require signatures from that sensor unless the state change is of less importance.
    Example: a temperature sensor that in the controller just display the temperature, it can be considered less critical. If the sensor trigger some relay or heat pump, it could be considered critical.


  • Hardware Contributor

    @anticimex OK, much more clear! In effect, I can enable request signature on the gateway. So, ALL nodes need to sign their message, also in the case that we did set on gateway "weak security".

    So, what do you mean with "[...]then your gateway should require signatures from that sensor[...]" is following:

    • if applied on a node, only that node require signature
    • if applied on a gateway, ALL sensors in network need to send with a signature.

    And, for enable signature, we need enable the signing also. So we return at the problem of heavy sketch (but, in reality, with the flags posted here the sketch is very very light now! https://www.mysensors.org/apidocs-beta/group__memorysavings.html )


  • Contest Winner

    @sineverba not really. If you set the weak flag on the gateway it will only require signatures from nodes that require signatures themselves. This is described in the signing documentation.


 

483
Online

7.9k
Users

8.8k
Topics

94.3k
Posts