ESP8266 Community Forum

- Thu May 28, 2015 5:08 pm #18786 Still waiting for my ESP8266 to be delivered but I'm preparing the code for the server that will receive the requests and I'm wondering how I can safely encrypt at least the HTTP body sent from the ESP8266 to the server.

As I understand it SSL is not supported due to requirement of lots of certificates so I wonder if I can simply run an encryption function on the complete HTTP request body with a specific key that is shared with the server which the server then can use to decrypt the body.

If I program C on the ESP8266 directly, are there any built in encryption algorithms that I can use or are there any other algorithms implemented in C that is fast enough to encrypt strings of up to ~200 bytes and still are reasonably safe? Which ones?

- Thu May 28, 2015 9:24 pm #18793 It really depends on what and how you want to encrypt it.
If you control the receiver, you can implement something simple like XTEA or similar.
I saw some parts of ssl were ported to ESP8266 as well: viewtopic.php?f=13&t=100

- Fri May 29, 2015 3:44 am #18825 Moin,

the rom contains aes code.

Code: Select allPROVIDE ( aes_decrypt = 0x400092d4 );
PROVIDE ( aes_decrypt_deinit = 0x400092e4 );
PROVIDE ( aes_decrypt_init = 0x40008ea4 );
PROVIDE ( aes_unwrap = 0x40009410 );


Thats all I know about them ...

Cal

Get your modules here:

https://www.banggood.com/custlink/KvGGhGF4wG

- Fri May 29, 2015 6:24 am #18842 @nochkin I will code both the ESP8266 and the Node.js web server. It will basically be a system where values from sensors attached to multiple ESP8266 will be sent to the server that will log them (data will probably be like "SENS1=1232&SENS2=4322" or JSON or similar before encryption). I would like to group the values from the different ESP8266 clients (by MAC or similar) and want to make sure that no one else can insert fake data into the system, hence the encryption.

I figured that if i have one unique key for each MAC address/ESP8266 that is known by that client and the web server. The web server can then check which MAC address that connected and try to decrypt the data with corresponding key, should be safe enough when full SSL is not available I figure.

I will look at XTEA as a possible solution, thanks!

@cal Thanks, I guess AES would be a more safe option? Not that much into which algorithms to use when. Are there any complete examples of how to use AES encryption on the ESP8266?