Encrypt sensitive data sent to the ESP8266
Posted: Sat Oct 29, 2016 5:17 pmHi, I want to be able to configure the network to which my ESP8266 module connects to from an app. For that, I must send the SSID and password for the desired network to the ESP8266, using the open WiFi that is hosted by default by the ESP8266. But that means I am sending sensitive data over a medium that anyone can eavesdrop on, so I want to encrypt this data and decrypt it on the ESP8266.
I have thought of a scheme where I generate a public/private key pair and hardcode those into my sketch file. The public key can then be retrieved by anyone by making a web call to http://ipaddress/publickey. With the public key, the app can encrypt the SSID and password, send it to http://ipaddress/configure and the ESP8266 will be able to decrypt it and apply the changes. Of course I am open to other solutions as well, as long as the sensitive data can not be read by malicious eavesdroppers.
The problem I have is that I have no clue how to do this encryption/decryption on the ESP8266. I probably need an external library, but which one and how do I use that?
Can anyone help me with this?
I have thought of a scheme where I generate a public/private key pair and hardcode those into my sketch file. The public key can then be retrieved by anyone by making a web call to http://ipaddress/publickey. With the public key, the app can encrypt the SSID and password, send it to http://ipaddress/configure and the ESP8266 will be able to decrypt it and apply the changes. Of course I am open to other solutions as well, as long as the sensitive data can not be read by malicious eavesdroppers.
The problem I have is that I have no clue how to do this encryption/decryption on the ESP8266. I probably need an external library, but which one and how do I use that?
Can anyone help me with this?