I am trying to use Spark to securely communicate with a client application. I was happy to see that TropicSSL libraries are already part of the firmware, which provides me with all the necessary AES and HMAC primitives.
I am not using Cloud for this project, so the security will need to be enforced entirely on the Spark Core.
It is particularly important for me to defend against all kinds of Replay Attacks, and this is where I am experiencing some challenges. After considering all attack scenarios I could think of, I have concluded that the only way to make this secure is to go with timed challenge/response, or one-time key approaches.
Challenge/Response would be similar to this: http://en.wikipedia.org/wiki/Challenge–response_authentication#Cryptographic_techniques
whereas one-time key could be something like Diffie-Hellman key exchange, or even generating an RSA key pair for every request, although that sounds grotesquely expensive.
In any case, both of these strategies require the Spark Core to either generate large random numbers, or implement a PRGA (Pseudo-random generation algorithm), which I would have to seed with pre-computed random seeds.
Before I pick either direction, I wanted to see if anyone here might have some experience in this area.
Is there a way to generate cryptographically secure randomness on the Spark? If not, is there a suggested method for implementing a PRGA? In case of using a PRGA, my plan would be to fill the external flash with about 32K or so of pre-computed random seeds. Spark would keep the index of last used seed in external flash as well, and increment it on every reboot.
I can think of one alternative approach w/o pseudo-randomness on the Spark. Using a simple linear nonce counter used as part of the challenge to the client would work since the nonce does not need to be random, but then I would have to update external Flash on every request in order to make sure that the nonce is unique and resistant to reboots (my attacker would have the ability to cut power to the Spark, so this is important). This approach sounds simpler to implement, but I don’t know whether its a good idea to write into flash so often and what the repercussions of doing so might be.
Any thoughts would be appreciated!