Doomsday Messenger With a Sophisticated Encryption Scheme

by Northstrix in Circuits > Microcontrollers

601 Views, 2 Favorites, 0 Comments

Doomsday Messenger With a Sophisticated Encryption Scheme

IMG_20210818_153106_hdr.jpg

In this tutorial, you'll learn how to build a doomsday messenger with a sophisticated encryption scheme.

Let's suppose that there was a natural disaster (or something worse).
Power lines are down, so does the mobile network. ISP also stopped providing Internet access for a while.
It's impossible to text your neighbor in these conditions, or is it?

The device that I developed allows you to communicate without any external network. In addition to this, every message you send is encrypted. And there's no way to decipher your messages without obtaining the keys.
Furthermore, the device is protected from the: replay attack, chosen-plaintext attack, brute-force attack.

After you've configured this device, it works autonomously.

Supplies

  • ESP8266 x2
  • PS/2 Keyboard x1
  • 16x2 LCD Displays x2
  • 16x2 LCD Adapters x2
  • Arduino Nano/Uno/Compatible board x1
  • 470 ohm resistor x1

Encryption Algorithm

M9DES+Serpent.png

The device employs a very sophisticated encryption scheme that consists of four main parts:

1) Serpent
Serpent is a 32-round Substitution–permutation network operating on four 32-bit words. Serpent has a higher security margin than Rijndael (AES).

2) 3DES
The Data Encryption Standard is a symmetric-key algorithm developed in the early 1970s. This encryption scheme employs tripled version of DES called 3DES.

3) Rijndael S-boxes
The Rijndael S-box is a substitution box that maps an 8-bit input to an 8-bit output. In combination with other parts of the encryption scheme, it increases the entropy of the ciphertext.

4) IVs
The integration of the Initialization Vectors protects the cipher from the replay attack, and at the same time, prevents the attacker from learning about the content of the captured packets by implementing the chosen-plaintext attack. Even if you encrypt the same combination of characters more than once, the output will be different every time because of the IVs. IV5 is used to adjust the IVs on the receiver.

Install the Drivers and Configure Arduino IDE *optional

If you've never flashed ESP8266 before, you'll need to configure Arduino IDE and install drivers to upload the firmware to the boards. You can find drivers here:

CH340 driver: https://sparks.gogo.co.nz/ch340.html

CP210x driver: https://www.silabs.com/developers/usb-to-uart-brid...

In case you don't have Arduino IDE, you can download it here:

https://www.arduino.cc/en/software/

Configuring IDE isn't a part of this tutorial, you can read about it here:

https://randomnerdtutorials.com/how-to-install-esp...

Download the Firmware

You can download the firmware here: https://github.com/Northstrix/Doomsday_Messenger

Download and Install the Libraries

f.png

You can download the libraries here:

DES_Library: https://github.com/fcgdam/DES_Library

Serpent: https://github.com/peterferrie/serpent

Software Serial: https://github.com/PaulStoffregen/SoftwareSerial

ESP Software Serial: https://github.com/plerup/espsoftwareserial

GyverBUS: https://github.com/GyverLibs/GyverBus/archive/refs...

LiquidCrystal_I2C: https://github.com/fdebrabander/Arduino-LiquidCrystal-I2C-library

The process of unpacking libraries besides Serpent is typical.

You can unpack the content of the archive into the folder: ...\Arduino\libraries. Or open the Arduino IDE, click to the Sketch -> Include Library -> Add .ZIP Library... and select every archive with libraries.

Serpent library has to be extracted into two folders with sketches.

Get the MAC Address of the Receiver Board

FO3KY49KOPREDIQ.png

To get the MAC address of the board upload this code to the board.

#include <ESP8266WiFi.h>
void setup(){
  Serial.begin(115200);
  Serial.println();
  Serial.println(WiFi.macAddress());
}
void loop(){}

Then open the serial monitor, and reboot the board.

If done correctly, you should see the MAC address in the console.

The MAC address of this board is 5C:CF:7F:FD:85:1D

Generate the IVs

IMG_20210818_150554.jpg

There are lots of methods to generate Initialization Vectors. I've decided to throw 20-sided dice to do this. Every time I was getting a number with two digits, I was writing down the last digit. Eventually, I've generated these five 8-digit numbers:

74167432
83624730
31637439
35095347
39298901

The maximum value of IV is 99999999. If you've generated something more than 99000000, I would advise you to either change the first digit or generate the new IV.

Upload the IVs Into Both ESPs

1.png

Open the sketch called IVs and replace the IVs in this sketch with the ones you've generated.

After that, upload the modified sketch into both ESPs.

If you did everything right, you should see the IVs in the Serial Monitor.

Generate the Keys

IMG_20210817_193254.jpg

You can generate the keys with a random number generator or hash a photo, but I've decided to do it the hard way, with the dice.

If I got a number from 0 to 9, I would write it down.

If I got a number from 10 to 15, I would write down a letter corresponding to that number.
10 = A;
11 = B;
12 = C;
13 = D;
14 = E;
15 = F.

If I got 20, I would write down 0.

If I got something else, I wouldn't write anything and throw the dice again.

Eventually, I came up with these results:

byte key[] = {

0x4e, 0xe9, 0xbd, 0x97, 0xf8, 0xc5, 0x4d, 0x8e,

0xac, 0x43, 0xa2, 0xd5, 0xcd, 0x18, 0x52, 0xf7,

0x81, 0x7d, 0xff, 0x21, 0x4c, 0x4f, 0x16, 0xf4,

};

byte key[] = {

0x4b, 0xfc, 0x25, 0xb2, 0x6a, 0x71, 0x16, 0xa4,

0x2f, 0x68, 0xd3, 0xa3, 0x86, 0x8b, 0x44, 0x6d,

0xd3, 0x1a, 0xaf, 0x1e, 0xe3, 0xc7, 0xea, 0x1e,

};

byte key[] = {

0xd1, 0xb1, 0xf4, 0xdd, 0xa9, 0x7f, 0x19, 0x82,

0xc8, 0x75, 0x66, 0x78, 0xf7, 0xfc, 0xc9, 0xd9,

0x17, 0x3a, 0x51, 0x14, 0xdf, 0xab, 0x13, 0xb6,

};

byte key[] = {

0xa2, 0xa7, 0xfc, 0x7c, 0x56, 0xda, 0x76, 0x1a,

0x13, 0xf4, 0x4e, 0x57, 0x1d, 0xa9, 0xdc, 0x65,

0x36, 0x12, 0x73, 0x11, 0x69, 0x9d, 0xcb, 0xc9,

};

char *keys[]=
{"B166E2803021464AA14587B13F0429F83918118D2830CA2D33D2EC4D1A02A74F"};

It took me about an hour to generate this stuff.

As you might've noticed, there are no zeroes in the keys for 3DES. I forgot to define a number that I would use to write down zero. I only realized it after I generated the keys. Do not repeat my mistake!

Modify the Firmware

Untitled.png

Open the files ESP_transmitter.ino and ESP_receiver.ino

Replace the receiver's MAC address in the sketch ESP_transmitter.ino with your MAC address

 uint8_t broadcastAddress[] = {0x5C, 0xCF, 0x7F, 0xFD, 0x85, 0x1D};

Replace the keys in the both sketches with the ones you've generated.

Flash the Transmitter Board

t.png

Upload the firmware from the folder \Doomsday_Messenger-main\ESP_transmitter into the transmitter board.

Flash the Receiver Board

r.png

Upload the firmware from the folder \Doomsday_Messenger-main\ESP_receiver into the receiver board.

Flash the Arduino

a.png

Upload the firmware from the folder \Doomsday_Messenger-main\Firmware_for_Arduino into the transmitter board.

Build the Transmitter

IMG_20210818_150925_hdr.jpg

You can find a Schematic diagram for the transmitter in step 14.
You can find a Circuit diagram for the transmitter in step 15.

Schematic Diagram

Schematic_diagram.png

Circuit Diagram

Circuit_diagram.png

Build the Receiver

IMG_20210818_151221_hdr.jpg

You can find a Schematic diagram for the receiver in step 17.
You can find a Circuit diagram for the receiver in step 18.

You might've noticed a 3.5 mm jack socket. It's a remnant from one of the previous projects.

Schematic Diagram

Schematic_diagram.png

Circuit Diagram

Circuit_diagram.png

Test the Device

IMG_20210818_151642.jpg
IMG_20210818_151724.jpg
IMG_20210818_151745.jpg
IMG_20210818_151829.jpg
IMG_20210818_151851.jpg

Power up the receiver first, then power up the transmitter.

You should see the inscription "Delivery success" in the display connected to the transmitter and the inscription "IVs adjusted!" in the display connected to the receiver. Type the message on the keyboard, press "Backspace" to remove the last character, press "Enter" to send the message.
The blue display (on the right) is connected to the transmitter, the yellow display (on the left) is connected to the receiver.

Due to the poorly implemented PS/2 keyboard-to-ESP interface, I would recommend you to type no faster than one symbol per second.

Important note: The receiver only accepts the IV5 which is more than the stored IV5 but no more than the stored IV5 + 50. The transmitter increases IVs by two each time it is powered up. Don't turn the transmitter on without the receiver more than 24 times in a row.

Final Thoughts

IMG_20210818_153027.jpg

This project is more than just an offline messenger. It also provides you with a very sophisticated encryption scheme.

Although the distance between the receiver and the transmitter can barely reach 200 meters (650 yards), this downside is fairly compensated with the ability to operate completely autonomously in the middle of nowhere.

The communication channel between the devices is protected from third parties as long as the third party doesn't have the keys and IVs that you've generated for your particular devices.
Since keys are stored on the devices and never send between them, there are only two ways to compromise the security of the communication channel:
1) Third-party gets one of the devices into its physical possession;
2) Third-party gets access to the keys and IVs that you've generated.

The first option is obvious.

The second option can mean anything that leads to obtaining the keys and IVs, including, but not limited to, providing you with the backdoored random number generator, capturing your keystrokes, taking the screenshots of your monitor while you're modifying the firmware.

If you like this tutorial, please share it.

Thank you for reading this tutorial.