Black Swan V2.0

The Black Swan V2.0 is an ESP32-based, secure, one-way communication channel.

It utilizes a sophisticated encryption algorithm combined with the integrity verification feature to ensure the confidentiality, integrity, and authenticity of the data being transmitted through it.

Once set up, this device can work completely autonomously, without a need to ever be connected to the computer.

You can also read this tutorial on Hackster.

Supplies for the transmitter:

• ESP32 x1
• 2.4 Inch TFT LCD with ILI9341 x1
• PS/2 Keyboard x1
• PS/2 Port x1

Supplies for the receiver:

• ESP32 x1
• 1.77 Inch TFT LCD with ST7735 x1

10µF capacitor x1 *optional

The "3DES + AES + Blowfish + Serpent" encryption algorithm in cipher block chaining mode first appeared in the Midbar V2.5. And since then has been utilized by the Midbar (Raspberry Pi Pico Version), Midbar V3.0, Midbar V4.0, KhadashPay V2.0, Midbar (Raspberry Pi Pico Version) V2.0, KhadashPay V2.0 (Raspberry Pi Pico Version), Midbar V5.0, Midbar (STM32F401CCU6 Version), KhadashPay V3.0 (STM32F401CCU6 Version), KhadashPay V3.0, Midbar (STM32F401CCU6 + Arduino Uno Version), and KhadashPay V3.5.

Although the "3DES + AES + Blowfish + Serpent" encryption algorithm ain't exactly what I would call "a cryptographically weak encryption algorithm," operating it in a weird derivation of the ECB mode, the way it was done by the Midbar V2.0 wasn't the best idea that I had. Even though that wouldn't've allowed the attacker to produce the legitimate ciphertext by swapping the blocks within the ciphertext, an attacker could still make a legitimate ciphertext by replacing the nth block of the ciphertext N1 with the nth block of the ciphertext N2. To fix that vulnerability (instead of just notifying the user that the decrypted ciphertext might've been forged), I made the "3DES + AES + Blowfish + Serpent" encryption algorithm work in CBC mode. So, if an attacker replaces a block of ciphertext, they spoil not just that block but also the subsequent one.

I'll be honest with you, the bit-flipping attack "kinda works," but I doubt that it would ever go unnoticed because of the "HMAC-SHA256"-based integrity verification feature

And let's not forget that this encryption algorithm performs the operation called superencryption.

As defined by NIST, superencryption is an encryption operation for which the plaintext input to be transformed is the ciphertext output of a previous encryption operation.

Such organization of the encryption algorithms makes a combined encryption algorithm that is at least as strong as the strongest one in the cascade, has a longer key, might be more resistant to some attacks, and might produce a ciphertext with higher entropy. Anyway. It won't hurt to have an additional layer of security (or several of them).

Well, it's not exactly a Diffie-Hellman, but still, it's better than the key setup protocol used by the Black Swan V1.0.

The key setup protocol utilized by the Black Swan V2.0 works as follows:

1) After being unlocked, the transmitter generates a random value;

2) Transmitter encrypts the random values using the default keys;

3) Transmitter sends the ciphertext (encrypted random value) to the receiver;

4) Transmitter modifies the default keys based on the random value;

5) Upon receiving the package, the receiver decrypts the package and modifies the keys based on the decrypted value;

6) Receiver generates a random value;

7) Receiver encrypts a random value using the modified keys;

8) Receiver sends the ciphertext (encrypted random value generated by it) to the transmitter;

9) Receiver modifies the keys based on the random value it had just generated;

10) Upon receiving the package, the transmitter decrypts the package and modifies the keys based on the decrypted value;

11) Transmitter generates the second random value;

12) Transmitter encrypts the certain prefix with the second random value concatenated to it;

13) Transmitter sends the ciphertext (encrypted certain prefix with the second random value) to the receiver;

14) Transmitter modifies the keys based on the prefix and second random value;

15) Upon receiving the package, the receiver decrypts the package and modifies the keys based on the received value.

If you've never flashed ESP32 before you need to configure Arduino IDE and install CP210x driver to upload the firmware into the board, you can download the CP210x driver for ESP32 here: https://www.silabs.com/developers/usb-to-uart-bridge-vcp-drivers

Configuring IDE isn't a part of this tutorial. You can read about it here: https://randomnerdtutorials.com/installing-the-esp32-board-in-arduino-ide-windows-instructions/

You can download the firmware for Black Swan from one of these sources.

SourceForge: https://sourceforge.net/projects/black-swan/

OSDN: https://osdn.net/projects/black-swan/

GitHub: https://github.com/Northstrix/Black_Swan

If you just need the firmware for the device alongside the RNG, then I would advise you to download a 1.3 MB archive either from SourceForge or OSDN.

But if you need the firmware for all versions of Black Swan alongside the extra code, photos, and diagrams, in that case, I would advise you to download the 36.6 MB archive from GitHub.

Adafruit-GFX-Library: https://github.com/adafruit/Adafruit-GFX-Library

Adafruit_BusIO: https://github.com/adafruit/Adafruit_BusIO

Adafruit_ILI9341: https://github.com/adafruit/Adafruit_ILI9341

Adafruit-ST7735-Library: https://github.com/adafruit/Adafruit-ST7735-Library

PS2KeyAdvanced: https://github.com/techpaul/PS2KeyAdvanced

PS2KeyMap: https://github.com/techpaul/PS2KeyMap

The process of unpacking libraries is typical. You can unpack the content of the archive into the folder: ...\Arduino\libraries. Or open the Arduino IDE, click to the Sketch -> Include Library -> Add .ZIP Library... and select every archive with libraries.

Other required libraries are already present in one way or another.

To get the board's MAC address, upload this code into the board.

#include <WiFi.h>

void setup(){
  Serial.begin(115200);
  Serial.println();
  Serial.println(WiFi.macAddress());
}

void loop(){

}

Then open the Serial Terminal, and reboot the board.

If done correctly, you should see the MAC address in the console.

I've got the following MAC addresses:

Transmitter's MAC: EC:94:CB:67:3A:4C

Receiver's MAC: 94:E6:86:37:FF:D8

*Optional:

Some boards will flash without any problems.

Unfortunately, that's not the case for all boards. If you configured IDE correctly, installed drivers, selected the corresponding port, and still keep getting this error: A fatal error occurred: Failed to connect to ESP32: Timed out waiting for packet header. Connect a 10µF capacitor to the board while flashing.

Connect the positive lead of the capacitor to the EN pin of the ESP32;

Connect the negative lead of the capacitor (usually indicated by the gray stripe) to the GND pin of the ESP32.

Don't forget to disconnect the capacitor after the board flashes.

To make the unauthorized deciphering of your data computationally infeasible - It is crucial to generate your own keys and never reuse them

It's entirely up to you how to generate the keys. I can only offer you an option to do so.

I've modified one of my previous projects to work as a random number generator, the generated output seems "random enough" for me, but I haven't run any tests. So, I can't guarantee that it's random.

Use it at your own risk!

To generate the keys - launch gen.exe from the "V2.0\Untested RNG" folder and click the "Generate keys for Black Swan V2.0" button. The background turns from dark gray to light gray when you press that button.

Open the "Firmware_for_transmitter.ino" and "Firmware_for_receiver.ino" files from the "V2\Firmware_for_transmitter" and "V2\Firmware_for_receiver" folders and replace my keys and MAC addresses with yours.

You have to switch the partition scheme to the "Huge APP (3MB No OTA/1MB SPIFFS)" before you continue working with ESP32 because the firmware for the transmitter is too big for the default partition.

Upload the previously modified firmware into both boards (just don't accidentally swap them).

It shouldn't be hard because you only need to connect the display and PS/2 port to the ESP32. In my opinion, the hardest part of the process is to map the PS/2 port.

That should be even easier than the transmitter assembly.

Just like the Midbar V5.0, Black Swan V2.0 has twelve lock screens. Black Swan V2.0 randomly chooses the lock screen at startup.

*Credit for photos:

Colorado Springs:

Photo by Kevin Bree on Unsplash

Dallas:

Photo by Perry Merrity II on Unsplash

Denver:

Photo by Bill Griepenstroh on Unsplash

Field:

Photo by Eva Varlioglu on Unsplash

Houston:

Photo by Austin Hervias on Unsplash

Kansas City:

Photo by Darren Hibbs on Unsplash

Mexico City:

Photo by Anton Lukin on Unsplash

Milan:

Photo by Samuel Agbetunsin on Unsplash

Minneapolis:

Photo by Daniel McCullough on Unsplash

Montreal:

Photo by Michael Beener on Unsplash

Tel Aviv:

Photo by Shai Pal on Unsplash

Vancouver:

Photo by Albert Stoynov on Unsplash

Unlike the transmitter, the receiver only has one lock screen (just like Midbar V2.5).

*Credit for the photo of Dublin:

Photo by Guillaume Henrotte on Unsplash

It may seem complicated, but in practice, you only need to press any key on the PS/2 keyboard after you've powered up both the transmitter and the receiver.

Once the keys have been set, you can send a string from the transmitter to the receiver. To do so, enter the desired string on the PS/2 keyboard that's connected to the transmitter and press "Enter."

And although only 312 characters can fit on the transmitter screen, you can send a 364-character-long string without any problems.

While the Black Swan V2.0 can verify the integrity of packets and has a more efficient key setup protocol compared to its predecessor, it still suffers from a relatively short communication range (roughly 650 feet or 200 meters), and it's still not a 100% guarantee of anything. Don't forget that.

I did my best to make the Black Swan V2.0 as secure, sophisticated, and impenetrable as I could, and hopefully, I made it good enough for you to actually use it.

It's also worth mentioning that Black Swan's source code is distributed under the MIT license. That grants you the freedom to customize and modify Black Swan according to your preferences. So if you want to make your own version of Black Swan or use it as a base for your own project, don't wait for anyone else to do it for you. Take the initiative into your own hands and do it.

If you found this tutorial to be useful, please consider sharing it.

Thank you for reading this tutorial.