Cryptography between an ESP and an Android phone with UDP
Posted: Tue Jul 05, 2016 11:50 pmHello,
I am doing a project with which I am sending data either from an ESP8266, or an Android phone to another ESP8266. The communication between the two ESPs I do with ESP-NOW which is both secure for the fact that the data send is encrypted and second because the communication is peer-to-peer and in order one device to connect to the master of the communication it needs to know a 16-bytes key. That pretty much makes the communication secure and fast because it is designed for ESPs.
However, I cannot do the same with the Android device. In order to meet the speed requirements I need to use UDP as a network protocol. Currently I use XXTEA in order to encrypt the data I send, however I face a serious problem. Another user can still connect to my network and send some random data which can lead to mistakes in the ESP receiving the data. Is there a way in which I can make sure that the data I receive is from a particular device? Up to now I have ideas about using the MAC address, but it can also be easily faked. I also have password on my WiFi network, but I am not sure if this is secure enough.
Thank you in advance!!!
I am doing a project with which I am sending data either from an ESP8266, or an Android phone to another ESP8266. The communication between the two ESPs I do with ESP-NOW which is both secure for the fact that the data send is encrypted and second because the communication is peer-to-peer and in order one device to connect to the master of the communication it needs to know a 16-bytes key. That pretty much makes the communication secure and fast because it is designed for ESPs.
However, I cannot do the same with the Android device. In order to meet the speed requirements I need to use UDP as a network protocol. Currently I use XXTEA in order to encrypt the data I send, however I face a serious problem. Another user can still connect to my network and send some random data which can lead to mistakes in the ESP receiving the data. Is there a way in which I can make sure that the data I receive is from a particular device? Up to now I have ideas about using the MAC address, but it can also be easily faked. I also have password on my WiFi network, but I am not sure if this is secure enough.
Thank you in advance!!!