0

I have a pair of board, which includes the Bearssl library to do some encryption.

I use the br_rsa_i15_keygen to sucessfully generate a pair of the RSA key, which includes the public key and the private key.

And I want to sent the key to the client board which are the same model.

I originally write some code like below to send the key to the client:

bool trans_pk(WiFiClient &client, br_rsa_public_key &t_pk)
{
    char t_pkn[t_pk.nlen] = {0};
    for (int i = 0; i < t_pk.nlen; i++)
    {
        t_pkn[i] = (char)t_pk.n[i];
    }

    // The function to do Socket Transfer
    // transfer_sock(WiFiClient &client, const char *data, uint8_t dsize)
    transfer_sock(client, t_pkn, t_pk.nlen);

    //...the "e" part of the code same as the "n” part, only changes some variable name
    return true;
}

But I assumes maybe to prevent some time attack so the "n" array will change after few time so it not works, which method can I use to sucessfully transfer key?

Edit 1: I also tried to add this code into the trans_pk and before transfer_sock to see the data and I observed the data of the array seems like changes constantly:

for (int i = 0; i < t_pk.nlen; i++)
{
    Serial.printf("%02x ", t_pk.n[i]);
}
Serial.printf("\n");

delay(1000);

for (int i = 0; i < t_pk.nlen; i++)
{
    Serial.printf("%02x ", t_pk.n[i]);
}
Serial.printf("\n");
ysPan
  • 11
  • 1
  • 1
    `n` is the modulus of the public key. That's not sufficient. You also need to send the exponent, normally denoted with `e`. And what kind of attack are you worried about? it's the *public* key. All anyone can really do with it is encrypt data so that only you can decrypt it with your private key, or verify signatures that you created with that same private key. The entire point of the public key is that it can be, well, public. – Andrew Henle Jun 14 '23 at 15:54
  • I also tried to send the e but with no luck, the `e` and the `n` seems like changes constantly of this library. – ysPan Jun 14 '23 at 18:07
  • How do you know your `transfer_sock()` function (and the receiving code) are bug-free? – Andrew Henle Jun 14 '23 at 22:39
  • I use two for loop and delay 1s between each loop, and put the `Serial.printf()` in to print the data(Like the code below "Edit1:"), and I observe the data of each loop's print not the same. – ysPan Jun 15 '23 at 04:25
  • If you can't count on data like that in a key to remain constant, your system won't work. You need to find the cause of the data changing. Are you running a multithreaded process? – Andrew Henle Jun 15 '23 at 19:23
  • I not write the mine's process to do multiprocessing... maybe the codes in the library causes? I looking the library's [documentation](https://www.bearssl.org/apidoc/bearssl__rsa_8h.html) about the RSA part, and I see the this hint: `They are constant-time. This means that the execution time and memory access pattern may depend on the lengths of the private key components, but not on their value, nor on the value of the operand. Note that this property is not achieved through random masking, but "true" constant-time code.` Maybe this will cause that problem? – ysPan Jun 16 '23 at 04:57

0 Answers0