{"id":4,"date":"2015-10-05T21:26:09","date_gmt":"2015-10-05T21:26:09","guid":{"rendered":"http:\/\/10.11.12.20\/wordpress\/?p=4"},"modified":"2020-04-07T14:17:31","modified_gmt":"2020-04-07T21:17:31","slug":"yet-another-garage-door-opener","status":"publish","type":"post","link":"https:\/\/www.casler.org\/wordpress\/yet-another-garage-door-opener\/","title":{"rendered":"Yado – A Secure Door Opener"},"content":{"rendered":"

There’s been many DIY IoT garage door openers but none of them offered the level of security that is required to secure my home. While it’s true that most are “good enough” placed behind a secure Wifi router, that level of security is unacceptable for a device that is on the publicly facing internet. I trust this device enough where the URL is actually publicly accessible. The only real vulnerability would be a Denial of Service attack. There’s not much that can be done to secure against that on a uC that costs $2 in unit quantities on eBay.<\/p>\n

This project is being published not only to enable you to remake this for yourself, but to also share the novel way of securing payloads between devices without the expensive overhead of TLS\/SSL.<\/p>\n

While this was made for the ESP8266, the code and required computation would also be easily ported (I performed some proof of concept tests of this) to an 8 bit Atmel uC.<\/p>\n

For a full feature set, take a look at at the front page of the Yado project on GitHub<\/a>.<\/p>\n

\"\"<\/a>  <\/p>\n

Open Source<\/h2>\n

All the files can be downloaded from the Yado repository on GitHub<\/a>.<\/p>\n

Update 1 (May 8, 2016) – Source has been revised to support the v2.0.0 Arduino ESP8266 API. Don’t build with any version of Arduino ESP8266 API<\/a> prior to v2.0.0.<\/p>\n

How it works – Basics<\/h2>\n

\"Yado<\/a><\/p>\n

Built around the ESP8266 at a cost of about $20-$30 to produce in single unit quantities, Yado uses multiple layers of one way SHA1 message digesting to secure the payload being transmitted. At no time is your password sent in clear text. You can also configure multiple passwords through the Admin UI for the people in your household.<\/p>\n

How it works – Security<\/h2>\n

The message exchange methodology implemented is similar to the (yet custom) implementation to what is used by the SAML Single Sign On<\/a>  Specification. Other than digesting the network payloads, the other form of attack that had to be addressed was that of packet replay attacks specifically around the inability generate cryptography secure  random numbers. A solution was implemented which uses the time required to acquire and log into a WiFi AP as part of the seed of a random number generator. This protocol is also resistant to brute force attacks. This is real security!<\/p>\n

How it works – Psudocode<\/h2>\n

Client to Server (Initial Request)<\/b><\/p>\n

> Get \/<\/span><\/p>\n

Server<\/b><\/p>\n

Timestamp = 999<\/span><\/p>\n

Secret = \u201cSecret\u201d<\/span><\/p>\n

Password = \u201cletmein\u201d<\/span><\/p>\n

preDigest = \u201c999xSecret\u201d<\/span><\/p>\n

serverDigest = sha1(\u201c999xSecret\u201d)<\/span><\/p>\n

                       8a2ca83d614812d6fa9d49650601b143baf8ef66<\/span><\/p>\n

Server to Client (Response)<\/b><\/p>\n

Timestamp = 999<\/span><\/p>\n

serverDigest = 8a2ca83d614812d6fa9d49650601b143baf8ef66<\/span><\/p>\n

Client<\/b><\/p>\n

clientTime = Timestamp<\/span><\/p>\n

Password = letmein<\/span><\/p>\n

requestPassword = sha1(Password + serverDigest)<\/span><\/p>\n

requestPassword = sha1(letmein + 8a2ca83d614812d6fa9d49650601b143baf8ef66)<\/span><\/p>\n

requestPassword = sha1(letmein8a2ca83d614812d6fa9d49650601b143baf8ef66)<\/span><\/p>\n

requestPassword = d738f7baa6a3fa5c3013dedea9ef76831e59469b<\/span><\/p>\n

Client to Server (Request)<\/b><\/p>\n

> Get \/?requestPassword=d738f7baa6a3fa5c3013dedea9ef76831e59469b&clientTime=Timestamp<\/span><\/p>\n

Server<\/b><\/p>\n

# Is request too old? If no, continue<\/span><\/p>\n

If clientTime+60 < Timestamp<\/span><\/p>\n

Continue<\/span><\/p>\n

Else<\/span><\/p>\n

Go Away<\/span><\/p>\n

# Recompute server, this time with the associated password.<\/span><\/p>\n

Server Hash Recompute<\/b><\/p>\n

Timestamp = 999<\/span><\/p>\n

Secret = \u201cSecret\u201d<\/span><\/p>\n

preDigest = \u201c999xSecret\u201d<\/span><\/p>\n

serverDigest = sha1(\u201c999xSecret\u201d)<\/span><\/p>\n

                       8a2ca83d614812d6fa9d49650601b143baf8ef66<\/span><\/p>\n

serverDigestWithPassword = sha1( \u201cletmein\u201d + \u201c8a2ca83d614812d6fa9d49650601b143baf8ef66\u201d)<\/span><\/p>\n

                                            d738f7baa6a3fa5c3013dedea9ef76831e59469b<\/span><\/p>\n

# requestPassword came from client<\/span><\/p>\n

clientDigestWithPassword = requestPassword<\/span><\/p>\n

if clientDigestWithPassword == serverDigestWithPassword<\/span><\/p>\n

You\u2019re in! YAY!<\/strong><\/em><\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

There’s been many DIY IoT garage door openers but none of them offered the level of security that is required to secure my home. While it’s true that most are “good enough” placed behind a secure Wifi router, that level of security is unacceptable for a device that is on the publicly facing internet. I trust this device enough where the URL…<\/p>\n","protected":false},"author":1,"featured_media":43,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"wprm-recipe-roundup-name":"","wprm-recipe-roundup-description":"","footnotes":""},"categories":[15],"tags":[],"class_list":["post-4","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-iot"],"gutentor_comment":0,"jetpack_featured_media_url":"https:\/\/www.casler.org\/wordpress\/wp-content\/uploads\/2016\/04\/img_6583.jpg","_links":{"self":[{"href":"https:\/\/www.casler.org\/wordpress\/wp-json\/wp\/v2\/posts\/4","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.casler.org\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.casler.org\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.casler.org\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.casler.org\/wordpress\/wp-json\/wp\/v2\/comments?post=4"}],"version-history":[{"count":0,"href":"https:\/\/www.casler.org\/wordpress\/wp-json\/wp\/v2\/posts\/4\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.casler.org\/wordpress\/wp-json\/wp\/v2\/media\/43"}],"wp:attachment":[{"href":"https:\/\/www.casler.org\/wordpress\/wp-json\/wp\/v2\/media?parent=4"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.casler.org\/wordpress\/wp-json\/wp\/v2\/categories?post=4"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.casler.org\/wordpress\/wp-json\/wp\/v2\/tags?post=4"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}