From this article we will learn how to make a secure 4-channel wireless switch for smart home.
The security of a device is determined by its software protection.
Tools and materials: -Module ESP8266 – 2 pcs;
-4-relay module; -Display TM1637; -Resistors 4.7 kOhm – 4 pcs; -Tact button – 4 pcs; -Block 5 V power supply – 2 pcs; -Jumpers; Step one: security
The security of this device is based on four principles:
1) the attacker does not know the recipient's MAC address;
2) The attacker does not know the keys;
3) Each IV * is encrypted with its own key;
4) The attacker does not know the IV.
It works as follows.
1) There is no way to send any instructions to the device if the attacker does not know where to send them;
2) Even if the attacker finds the MAC address, the attacker will still need three keys and three IVs.
3) Even if one key is decrypted, the attacker will still have to guess the other two.
4) Even if the attacker gets the recipient's MAC address and all three keys. An attacker would still need to guess all three IVs. There are 10 to the power of 24 (100000000000000000000000000) possible combinations, and this is a fairly large number.
Encrypted communication channel
Immunity to repeated attacks
Unsuccessful attempts to communicate with the device
Every IV encrypted with its own key
Using SPIFFS (Flash Memory File System) for IV storage
The ability to significantly expand the number of channels by connecting up to 253 Arduino
Ease of use
* In cryptography, an initialization vector (IV) or initial variable is the input to a cryptographic primitive used to provide an initial state. The IV is usually required to be random or pseudo-random, but sometimes the IV only needs to be unpredictable or unique.
Step Two: Install Drivers and Configure the Arduino IDE
Drivers can be downloaded below:
CH340 Driver: https : //sparks.gogo.co.nz/ch340.html
CP210x driver: https: //www.silabs.com/developers/usb-to-uart-brid …
Arduino IDE can be downloaded here :
How to set up the Arduino IDE can be found in the following tutorial:
https://randomnerdtutorials.com/how-to-install-esp8266-board- arduino-ide/Step three: MAC address of the receiving board
To get the MAC address of the board, upload the code below to the board.
#include & lt; ESP8266WiFi.h & gt; void setup () & # 123; Serial.begin (115200); Serial.println (); Serial.print (& # 34; ESP Board MAC Address & # 58; & # 34;); Serial.println (WiFi.macAddress ()); } void loop () & # 123; }
Then you need to open the serial monitor and reboot the board.
If everything is done correctly, the MAC address will be displayed in the console.
The MAC address of this board is 40: F5: 20: 33: 9A: F5.
Step four: firmware and libraries
Download firmware here: https://github.com/Northstrix/Secure_4-channel_Wireless_Switch
The following libraries are also required:
Software Serial: https://github.com/PaulStoffregen/SoftwareSerial
ESP Software Serial: https : //github.com/plerup/espsoftwareserial
GyverBUS: https: //github.com/AlexGyver/GyverLibs/releases/do …
TM 1637: https://github.com/Seeed-Studio/Grove_4Digital_Dis …
The process of unpacking BESIDES GyverBUS libraries is normal. Just unpack the contents of the archive into the folder: … Arduino libraries.
The GyverBus library needs to be unpacked into two folders with thumbnails.
Step Five: Initialization Vector IV
The purpose of the IV is to prevent a re-attack.
The wizard decided to use three IVs to make it even more difficult to implement a replay attack.
There are many ways to generate a random number. The GM decided to roll a 20-sided die. Every time he received a two-digit number, he wrote down the last digit.
In the end, he created these three 8-digit numbers:
Note that every time you press the button, each IV is incremented by one.
The maximum IV value is 99999999.
If you generated something over 99,000,000, then you need to either change the first digit or generate a new IV .
Next, you need to open the sketch in the Secure_4-channel_Wireless_Switch-main IVs folder.
Find the lines fiv, siv, tiv and replace their values with your 8-digit IV. Then upload this sketch to both ESPs.
Step six: keys
You can roll the dice, use “dice roll software”, or hash the picture. The wizard decided to hash the photo because it is the fastest way.
To make things easier, you can copy this array three times and replace Fs with your values.
byte key & # 91; & # 93; = & # 123; 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,};
1c1152b89a61eb609e55059de57e38e98a2bf76ad98c5c5658f451c53364c76f8c4d0792faf54339cdc54453150aea21402e58d8109985992740292405e01d99aligncenter "alt =" Safe 4-channel wireless switch for smart home "src =" https://usamodelkina.ru/uploads/posts/2021-07/1625669426_1-6.jpg "/> Now you need to change the firmware receiver. Open the sketch in the folder
Replace the three keys in this sketch with the created ones.
To change the transmitter firmware, open the following sketch: Secure_4-channel_Wireless_Switch-main Secure_4-channel_Wireless_Switch_Transmitter.
We also replace three keys in it.
You need to make sure that everything three keys match.
Step Seven: Assembling the Transmitter
Now you need to assemble the transmitter according to the diagram. Do not flash the transmitter before the circuit is assembled. Otherwise, the transmitter will transmit a group of packets to nowhere.
Step eight: flashing the boards
To the transmitter module you need to download the firmware from this folder: Secure_4-channel_Wireless_Switch-main Secure_4-channel_Wireless_Switch_Transmitter
To the receiver module from this folder:/Secure_4-channel_Wireless_Switch-main Secure_4-channel_Wireless_Switch_Receiver br> We load the firmware from the folder
Step nine: receiving part of the device
Now you need to assemble the receiving part of the device.
Step ten: testing
Now you need to connect the power and check, try to hack the device.
Next, suppose the attacker somehow discovered the MAC address of the device.
Every time an unsuccessful attempt to attack the device occurs, the number on the display will increase.
All is ready. The master has made every effort to make this device as safe as possible. At the very least, it is invulnerable to normal hacking and protected from repeated attacks. There are ways to hack this device using more sophisticated methods, but most of these methods are only available to world-class hackers or government agencies.