I have ordered some devices today. I’m going to check if the device is powerful enough to use the diffie-hellman key exchange protocol. Diffie–Hellman key exchange - Wikipedia
Great.
Maybe it is “good enough” that keys is transferred unencrypted during inclusion/key exchange. Encryption should probably be optional per sensor.
We also need to introduce some kind of counter in header to prohibit replay attacks.
I’m leaning towards using the following AES library
http://forum.arduino.cc/index.php/topic,88890.0.html
But I’m so security expert so please come with feedback and/or suggesstions.
Yes, maybe the keys could be transferred in the clear then the sensor is included in the network.
We also need some IV or random in the data to not have the same crypto blocks.
The AES library looks good.
Can the power of the radio be set from software? This way it would not matter if the initial key exchange is done unencrypted, the attacker would have to be really close to get the keys. This would also emulate the z-wave pairing process.
Yes… it is possible to set radio power. I don’t know how far the “LOW” setting will transmit… this needs to be tested.