Encrypted Data Vault: Raspberry Pi Pico + ESP32 Version

by Northstrix in Circuits > Raspberry Pi

6703 Views, 28 Favorites, 0 Comments

Encrypted Data Vault: Raspberry Pi Pico + ESP32 Version

IMG_20220103_154206.jpg

Day after day, it's getting harder to keep your data private. There's too much demand for it coming from multiple sides. Different sides might have different reasons to obtain your data, but does it matter for you? Does it really matter why your data is being taken from you? Because at the end of the day, the result is the same. Your private data is in someone else's possession! I don't think I need to explain all the consequences that can arise from that.

In my opinion, the only way to keep your data private is to raise the costs of unauthorized access to it as high as possible, ideally higher than any possible reward that a third side can get by obtaining your data. By doing so, you're putting away incentives to access your data without your permission.

I did my best to make the data encrypted with this device indecipherable without the keys, but even that won't help if you encrypt or decrypt your data on an infected computer.

Supplies

  • Raspberry Pi Pico x1
  • ESP32 x1
  • 16x2 LCD display x1
  • 100 - 330 Ohm resistor x1
  • 4.7k resistor x1
  • 4.7k variable resistor x1

Install Drivers and Configure Arduino IDE *Optional

If you've never flashed either ESP32 or Raspberry Pi Pico before you need to configure Arduino IDE and install drivers to upload the firmware to the boards, you can download the CP210x driver for ESP32 here: https://www.silabs.com/developers/usb-to-uart-bridge-vcp-drivers

Configuring IDE isn't a part of this tutorial. You can read about it here: https://randomnerdtutorials.com/installing-the-esp32-board-in-arduino-ide-windows-instructions/

and here: https://www.tomshardware.com/how-to/program-raspberry-pi-pico-with-arduino-ide

Install LiquidCrystal Library

l.png

You only need to install one library for this project (if you haven't already installed it before).

To install LiquidCrystal library click Sketch -> Include Library -> Manage Libraries...

Enter LiquidCrystal in the text field, wait till the results of the search appear in the form, and then click Install on the box with the LiquidCrystal name.

Every other required library is already installed in one way or another.

Download Firmware

gh.png

You can download the firmware here: https://github.com/Northstrix/Encrypted_Data_Vault

The firmware for this device is located in the Raspberry_Pi_Pico_plus_ESP32 folder.

I've also included some additional materials that might be useful for you. Check the extra folder.

Generate Keys

c.jpg

You can do it by any means possible.

The best way to do it is to throw 20-sided dice.

If you get a number from 1 to 9, write it down. If you get a number from 10 to 15, write down a letter corresponding to that number.

10 = A;

11 = B;

12 = C;

13 = D;

14 = E;

15 = F.

If you get 20, write down 0.

If you get something else, throw the dice again.

Since I'm going to expose the keys to the whole world, I've used an untested RNG to generate the keys, don't ever do that! That will compromise the security of the device.

Modify Firmware

k.png

Open the file Raspberry_Pi_Pico_plus_ESP32\Firmware_for_Raspberry_Pi_Pico\Firmware_for_Raspberry_Pi_Pico.ino and replace the existing keys with those you've generated.

Note that all keys are in hexadecimal format!

Flash Raspberry Pi Pico

IMG_20211231_165632.jpg

Upload the firmware from the folder Raspberry_Pi_Pico_plus_ESP32\Firmware_for_Raspberry_Pi_Pico into the Raspberry Pi Pico.

*Updated: I figured out that this might be useful for you https://github.com/earlephilhower/arduino-pico/issues/5

Flash ESP32

IMG_20211231_171048.jpg

Upload the firmware from the folder Raspberry_Pi_Pico_plus_ESP32\Firmware_for_ESP32 into the ESP32.

Some boards will flash without any problems.

Unfortunately, that's not the case for all boards. If you configured IDE correctly, installed drivers, selected the corresponding port, and still keep getting this error: A fatal error occurred: Failed to connect to ESP32: Timed out waiting for packet header. Connect a 10µF capacitor to the board while flashing.

Connect the positive lead of the capacitor to the EN pin of the ESP32;

Connect the negative lead of the capacitor (usually indicated by the gray stripe) to the GND pin of the ESP32.

Don't forget to disconnect the capacitor after the board flashes.

Connect ESP32 to Raspberry Pi Pico

IMG_20220103_134847.jpg
IMG_20220103_134304.jpg
IMG_20220103_134707.jpg
IMG_20220103_134756.jpg

You might be wondering what's the purpose of the ESP32 here. Well, It's simple and kinda questionable at the same time. I wanted to use Raspberry Pi Pico's built-in random number generator. Unfortunately, it turned out to be insecure and not random at all. It seems like there is a predefined sequence that the generator presents as random. To resolve this issue I've used ESP32 as a random number generator. There are no advantages of using an external RNG, besides the fact that it at least seems to produce a random output, unlike the built-in one. The interface that I've implemented to connect ESP32 to Raspberry Pi serves its purpose, although it's slow, primitive, and not exactly what I would call a pinnacle of reliability.

The circuit diagram is in the step N9.

Circuit Diagram: ESP32 to Raspberry Pi Pico

Raspberry Pi Pico to ESP32.png

Connect 16x2 LCD to Raspberry Pi Pico

IMG_20220103_154206.jpg

I've added a 16x2 LCD to make this device easier to use. The primary purpose of the display is to inform you of the current operation and the progress of this operation.

The circuit diagram is in the step N11.

Circuit Diagram: 16x2 LCD to Raspberry Pi Pico

Display to Raspberry Pi Pico.png

The resistor connected to the anode sets up the brightness, I've connected four 560-ohm resistors in parallel (1/((1/560)*4)) = 140 0hm.

User Guide

To see the device's menu connect the device to your computer, select the COM port corresponding to the device, open the Serial Monitor, set the baud rate to 115200, enter "0" into the text field, and press send.


Enter the number corresponding to the option into the text field and press send to select the desired option.


By default, AES is set to 256-bit mode.


1. Encrypt data with AES + Serpent - Encrypt data using AES + Serpent encryption algorithm;

2.Decrypt data with AES + Serpent - Decrypt data using AES + Serpent encryption algorithm;

3.Set AES to 128-bit mode - Set AES to 128-bit mode (128-bit key, 10 rounds);

4.Set AES to 192-bit mode - Set AES to 192-bit mode (192-bit key, 12 rounds);

5.Set AES to 256-bit mode - Set AES to 256-bit mode (256-bit key, 14 rounds);

6.Hash data with SHA-512 - Compute the hash for the given string using SHA-512 hash function;

7.Encrypt data in counter mode with AES + Serpent - Encrypt data using AES + Serpent encryption algorithm but increment key after encrypting each block;

8.Decrypt data in counter mode with AES + Serpent - Decrypt data using AES + Serpent encryption algorithm but increment key after decrypting each block;

9.Increment key (IV) n times - Increment both AES keys required number of times, only first 64-bits can be affected by this option;

10.Encrypt data in counter mode with AES + Serpent + AES - Encrypt data using AES + Serpent + AES encryption algorithm but increment key after encrypting each block;

11.Decrypt data in counter mode with AES + Serpent + AES - Decrypt data using AES + Serpent + AES encryption algorithm but increment key after decrypting each block;

12.Test RNG - Test random number generator by generating 16 random hexadecimal strings;

13.Derive part of the key from the string - Literally, derive a part of the key from the input string. In other words - set a master password;

14.Generate random ASCII strings - Generate the requested number of random ASCII strings;


The most secure way to encrypt notes (at least I consider it to be the most secure):

1) Power up the device;

2) Make sure that the RNG works the way it's supposed to by testing it (option N12);

3) Set master password N1 (option N13);

4) Set IV (option N9);

5) Calculate the hash of the note that you want to encrypt (option N6);

6) Encrypt note using AES-256 + Serpent + AES-256 encryption algorithm in counter mode (option N10);

7) Reboot the device (disconnect the power cable and connect it again);

8) Set master password N2 (option N13);

8) Encrypt the IV that you've used in step 4 by using AES-256 + Serpent + AES-256 encryption algorithm in counter mode (option N13);

9) Increment key (IV) 100 times or any other number that is easy for you to remember (option N9);

10) Encrypt hash that you've used in step 5 by using AES-256 + Serpent + AES-256 encryption algorithm in counter mode (option N13);


You can store the hint for the master password N1 alongside the hint for the master password N2, ciphertext from step N6, Encrypted IV from step N8, and encrypted hash from step N10 in the database that I made specifically for this project.


To decrypt the note encrypted that way and to check its integrity:

1) Power up the device;

2) Set master password N2 (option N13);

3) Decrypt the IV (option 11);

4) Increment the key (IV) by 100 or a number that you've used in the step N9 of the encryption process;

5) Decrypt hash (option N11);

6) Reboot the device (disconnect the power cable and connect it again);

7) Set master password N1 (option N13);

8) Increment IV by the number you've obtained from the step N3;

9) Decrypt ciphertext by using AES-256 + Serpent + AES-256 encryption algorithm in counter mode (option N13);

10) Calculate the hash of the decrypted note (option N6);

11) Compare the calculated hash with the hash from step N5. If both hashes match, that means that your note wasn't altered while being stored. If hashes don't match, that means that someone had tampered with your note!

Test RNG

gb.png

To test the random number generator:

1) Open the Serial Monitor;

2) Enter 12 into the text field;

3) Press Send button.


If the output looks random, that means that RNG works the way it's supposed to.

If there's a repeating sequence or too many zeroes, check the connection between the boards.


The first output is an example of the working RNG and working interface.

The second and third outputs are examples of the bad connection between the boards. If you're getting something like that, my advice to you would be to disassemble the whole circuit, flash ESP32 again, check every wire, and then assemble the entire thing again.

Set Master Password

IMG_20220103_150518.jpg
mp.png

The purpose of the master password is to prevent the third side from deciphering your notes by simply getting physical access to the device. The master password is used to derive a part of the key. The master password isn't stored in the permanent memory. You need to enter it every time you're powering up the device. After you disconnect power from the device, every modified part of the key will be lost because it's stored in the volatile memory.

After the master password is entered, it's hashed with SHA-512, then this hash goes through Serpent 576 times, and after that, the obtained result is used to modify the parts of two AES's keys.

One of the numbers derived from the master password is used as a verification number. The verification number must always be the same for the same password.

You might be wondering why the number of iterations is 576. The answer is not as straightforward as it can be. At first, it was 50, then I increased it to 100, after increasing it to 100 I realized that it's still not enough, and increased it to 1000, after that I realized that 1000 is too much and decreased it to 500, then 500 appeared "not enough" for me. I increased it to 550, and again it appeared "not enough" to me, I increased it to 575, then I realized that I will never find a "perfect number". So, I increased the number of iterations by one and finally stopped wasting my time on "looking for a perfect number of iterations".


To set a master password:

1) Enter 13 into the text field;

2) Press Send button;

3) Enter your master password;

4) Press Send.


I've used this master password:

It c@n b3 as lon6 and as we1rd as y0u wan7 it to be. You can set different master passwords for different sets of notes.

And obtained the verification number 200

Set IV

IMG_20220103_150557.jpg

The purpose of the initialization vector is the same as the purpose of the master password. It just works differently - instead of deriving a part of the key from the input string, the initialization vector (in that case) sets the number of iterations of the first eight sections of the key. It works as a counter. Each section of the AES's key can have a value between 0 and 255. IV only affects the first eight sections of the key. It works as follows: iterate the current section until it reaches 255, on the next iteration set the current section equal to zero and increment the next section by one. The same principle applies to every section.

Now let me explain why I wrote (in that case) - IV is supposed to be a number that is used as a starting point for the counter. In that case, it is a starting point for the counter (in the counter mode), but instead of being a starting point itself, it increments the key by itself! That's the key difference between that case and what IV is supposed to be. And by the way, you can only call the number of the key incrementations an IV only in cases where cipher uses counter mode. In the case of AES + Serpent without counter mode, the number of the key incrementations is exactly what I called it.

I hope I wrote an explanation that's clear enough. Anyway, if you don't get something, you can always ask a question in the comment section.

I've used 123456 as an IV.

Hash Data

IMG_20220103_150735.jpg

To prevent unauthorized modification of the note or forgery of a fake note using already obtained ciphertexts you should hash the note and then store the hash in an encrypted form!

To hash a string enter 6 into the text filed, press Send, paste the string that you want to hash, and then press Send.

I came up with these results:

Input:

Day after day, it's getting harder to keep your data private. There's too much demand for it coming from multiple sides. Different sides might have different reasons to obtain your data, but does it matter for you? Does it really matter why your data is being taken from you? Because at the end of the day, the result is the same. Your private data is in someone else's possession! I don't think I need to explain all the consequences that can arise from that. In my opinion, the only way to keep your data private is to raise the costs of unauthorized access to it as high as possible, ideally higher than any possible reward that a third side can get by obtaining your data. By doing so, you're putting away incentives to access your data without your permission. I did my best to make the data encrypted with this device indecipherable without the keys, but even that won't help if you encrypt or decrypt your data on an infected computer. With all the flaws and inconveniences that come with this device, it does its job and doesn't cost like it's covered in gold. Even the weakest encryption algorithm utilized by this device is capable of making your data indecipherable without the keys, not to mention that the combination of the strongest encryption algorithm, master password, and the initialization vector can make your notes indecipherable even if the attacker gets the physical access to the device. While the primary purpose of this device is to protect your private data from unauthorized access, it can do more than that. This device can also give you the ability to detect if your data had been tampered with and the ability to generate random strings in both ASCII and hexadecimal formats.

Hash:

8624b52c3334d65571654b98e7d7be617be3e29e98cc92cc5099377fd60ccbe3a957acc12aaa43ab0417dfc4109d46922ff23bf359599c1c132a9bb54b121047


AES + Serpent Encryption Algorithm

AES + Serpent Encryption algorithm.png

The first encryption algorithm requires two keys; AES's key, and Serpent's key. It takes eight characters (64 bits) as an input (if the input length isn't multiple of eight ASCII characters, padding is applied), generates 64 random bits (eight characters), and passes 128 bits to the AES (Advanced Encryption Standard) cipher. After that, the AES's ciphertext split into two half, 64 bits each. Each half of the AES's ciphertext then passed to the Serpent cipher alongside 64 random bits. Finally, the resulting ciphertext is the concatenation of the two ciphertexts from the Serpent cipher. Random bits generated during the encryption process are disregarded during the decryption process. And by the way, if you give the algorithm the same input more than once, the output will be different every time.


You can find more diagrams in the same repository in GitHub.

AES + Serpent Encryption Algorithm in Counter Mode

AES + Serpent Encryption algorithm.png

Basically, It's everything that I wrote in the previous step but in addition to that, this version of the AES + Serpent increments the AES's key each time a block is encrypted or decrypted

AES + Serpent + AES Encryption Algorithm in Counter Mode

AES + Serpent + AES in counter mode Encryption algorithm.png

Finally, Let's get to the strongest encryption algorithm utilized by this device. It requires three keys to function: Two AES' keys and one Serpent's key. This algorithm takes eight characters (64 bits) and three keys as an input, generates 192 random bits in the encryption process, and produces a sixty-four-character string in the hexadecimal format as an output. If the length of the input block isn't equal to eight, then the padding is applied. The number of rounds performed by the AES and the key length of the AES's keys depend on the chosen mode.

The encryption process goes as follows:

1) The algorithm takes an input block;

2) If the length of an input block isn't equal to eight, then the padding is applied;

3) Input block is passed to the AES alongside 64 random bits;

4) AES encrypts obtained 128-bit block using the first key;

5) The result of the previous step is split into two equal 64-bit halves;

6) 64 random bits are concatenated to each half;

7) Each of the 128-bit halves is encrypted using Serpent;

8) Each ciphertext from the Serpent is encrypted using AES with the second key;

9) Concatenation of two ciphertexts produced by the AES using the second key is the resulting ciphertext.

AES's key is incremented each time after the algorithm uses that key.

Encrypt Your Data Using AES + Serpent + AES in Counter Mode

IMG_20220103_152033.jpg
IMG_20220103_152048.jpg
IMG_20220103_152100.jpg

At this point, I've changed the display to compensate for the worsening room illumination.

This device encrypts passwords, notes, phone numbers, and whatever you feed to it.

To encrypt a record:

1) Enter 10 into the text field;

2) Press Send button;

3) Enter the stuff that you want to encrypt;

4) Press Send.


I was able to encrypt and decrypt a 14 500-character long record without any problems!


Eventually, I came up with these results:


Plaintext:

Day after day, it's getting harder to keep your data private. There's too much demand for it coming from multiple sides. Different sides might have different reasons to obtain your data, but does it matter for you? Does it really matter why your data is being taken from you? Because at the end of the day, the result is the same. Your private data is in someone else's possession! I don't think I need to explain all the consequences that can arise from that. In my opinion, the only way to keep your data private is to raise the costs of unauthorized access to it as high as possible, ideally higher than any possible reward that a third side can get by obtaining your data. By doing so, you're putting away incentives to access your data without your permission. I did my best to make the data encrypted with this device indecipherable without the keys, but even that won't help if you encrypt or decrypt your data on an infected computer. With all the flaws and inconveniences that come with this device, it does its job and doesn't cost like it's covered in gold. Even the weakest encryption algorithm utilized by this device is capable of making your data indecipherable without the keys, not to mention that the combination of the strongest encryption algorithm, master password, and the initialization vector can make your notes indecipherable even if the attacker gets the physical access to the device. While the primary purpose of this device is to protect your private data from unauthorized access, it can do more than that. This device can also give you the ability to detect if your data had been tampered with and the ability to generate random strings in both ASCII and hexadecimal formats.


Ciphertext:



Add Record to the Database

db.png

To make it easier for you to store and organize your notes. I made a database specifically for this project.

The database is located in the same repository in the folder Raspberry_Pi_Pico_plus_ESP32\DB for the Vault

The installation process is very similar to this https://www.instructables.com/Twinkle-Installation-and-User-Guide/

To use a database, you need to create a table for the data by pressing Create table button. You only need to press this button in two cases:

1) You've never pressed it before;

2) You've deleted the file called records.db

In case of the successful creation of the table, you will see the corresponding message.

After the table is created you can start adding records to the database. Press Add record button and then enter the desired name of the record and hint for the master password, but not the master password itself! After that, paste the encrypted IV, ciphertext, and encrypted hash.

Make sure there are no commas "," in the record name.

If you're not going to use some fields, insert - there.

Delete Record From the Database

d.png

To delete the record:

1) Press the Delete record button;

2) Select the record that you want to delete;

3) Press Delete.

You can only delete one record at a time.

Extract Records From the Database

FG42B6YKXYP1VNZ.png

To access your stored records, you need to export them first. To do so, press the Export records into .csv file button. Then navigate to the folder with the database and open the records.csv file.

I've only had one stored record, and apparently, I was too lazy to add the encrypted IV and encrypted hash.

Decrypt Your Data Using AES + Serpent + AES in Counter Mode

IMG_20220103_152524.jpg
IMG_20220103_152530.jpg
IMG_20220103_152539.jpg
IMG_20220103_152548.jpg

To decrypt a record:

1) Enter 11 into the text field;

2) Press Send button;

3) Enter the ciphertext that you want to decrypt;

4) Press Send.


I came up with these results:


Ciphertext:




Plaintext:

Day after day, it's getting harder to keep your data private. There's too much demand for it coming from multiple sides. Different sides might have different reasons to obtain your data, but does it matter for you? Does it really matter why your data is being taken from you? Because at the end of the day, the result is the same. Your private data is in someone else's possession! I don't think I need to explain all the consequences that can arise from that. In my opinion, the only way to keep your data private is to raise the costs of unauthorized access to it as high as possible, ideally higher than any possible reward that a third side can get by obtaining your data. By doing so, you're putting away incentives to access your data without your permission. I did my best to make the data encrypted with this device indecipherable without the keys, but even that won't help if you encrypt or decrypt your data on an infected computer. With all the flaws and inconveniences that come with this device, it does its job and doesn't cost like it's covered in gold. Even the weakest encryption algorithm utilized by this device is capable of making your data indecipherable without the keys, not to mention that the combination of the strongest encryption algorithm, master password, and the initialization vector can make your notes indecipherable even if the attacker gets the physical access to the device. While the primary purpose of this device is to protect your private data from unauthorized access, it can do more than that. This device can also give you the ability to detect if your data had been tampered with and the ability to generate random strings in both ASCII and hexadecimal formats.

Generate Random Strings

IMG_20220103_151752.jpg
IMG_20220103_151616.jpg
IMG_20220103_151804.jpg
IMG_20220103_151807.jpg
IMG_20220103_151647.jpg
IMG_20220103_151609.jpg
IMG_20220103_151625.jpg

To generate random strings in the hexadecimal format, you need to simply test RNG (option N12).

To generate a random string in the ASCII format:

1) Enter 14 into the text field;

2) Press Send button;

3) Enter the number of strings to generate;

4) Press Send.

Final Thoughts

$RTQNFTD.jpg
IMG_20220103_153101.jpg
IMG_20220103_151801.jpg
IMG_20220103_150144.jpg

With all the flaws and inconveniences that come with this device, it does its job and doesn't cost like it's covered in gold. Even the weakest encryption algorithm utilized by this device is capable of making your data indecipherable without the keys, not to mention that the combination of the strongest encryption algorithm, master password, and the initialization vector can make your notes indecipherable even if the attacker gets the physical access to the device. While the primary purpose of this device is to protect your private data from unauthorized access, it can do more than that. This device can also give you the ability to detect if your data had been tampered with (by calculating hashes) and the ability to generate random strings in both ASCII and hexadecimal formats.

I hope you will find a good use for this device.

If you like this tutorial, please share it.

Thank you for reading this tutorial.