KhadashPay V2.0 (Raspberry Pi Pico Version)

A while ago, I released an ESP32 version of the KhadashPay V2.0, don't get me wrong - it wasn't insufficient or terribly flawed in some irredeemable way. It just so happened that I've decided to make a Raspberry Pi Pico version of it. Moreover, I've also decided to add some Midbar capabilities to that version of KhadashPay. So, enjoy the result.

As for why I made KhadashPay in the first place: I made KhadashPay because I wanted to provide business owners with the opportunity to easily deploy a card payment system in their store without having to buy an expensive terminal, pay fees for each transaction and waste time and resources dealing with the bank.

As for the customers of the store where the KhadashPay is deployed, KhadashPay doesn't keep any logs whatsoever and doesn't require a bit of your personal information to create an account.

The name KhadashPay is a combination of two words - Khadash (Hebrew: חדש - New) and Pay.

Before you continue reading this instructable, I would like to remind you that this payment system isn't connected to any existing financial institution. It works completely offline, and all the money kept in it is nothing more than just numbers entered by the operator and stored in the RPI's built-in flash memory (in an encrypted form).

And one more thing, The KhadashPay V2.0 is incompatible with the KhadashPay V1.0.

You can also read this tutorial on Medium and Hackster.

• Raspberry Pi Pico x1
• 2.4 Inch TFT LCD with ILI9341 x1
• Mifare RC522 RFID Reader x1
• RFID cards x4
• PS/2 Keyboard x1
• PS/2 Port x1

The "3DES + AES + Blowfish + Serpent" encryption algorithm in cipher block chaining mode first appeared in the Midbar V2.5. And since then has been utilized by the Midbar (Raspberry Pi Pico Version), Midbar V3.0, Midbar V4.0, KhadashPay V2.0, and Midbar (Raspberry Pi Pico Version) V2.0.

Although the "3DES + AES + Blowfish + Serpent" encryption algorithm ain't exactly what I would call "a cryptographically weak encryption algorithm," operating it in a weird derivation of the ECB mode, the way it was done by the Midbar V2.0 wasn't the best idea that I had. Even though that wouldn't've allowed the attacker to produce the legitimate ciphertext by swapping the blocks within the ciphertext, an attacker could still make a legitimate ciphertext by replacing the nth block of the ciphertext N1 with the nth block of the ciphertext N2. To fix that vulnerability (instead of just notifying the user that the decrypted ciphertext might've been forged), I made the "3DES + AES + Blowfish + Serpent" encryption algorithm work in CBC mode. So, if an attacker replaces a block of ciphertext, it spoils not just that block but also the subsequent one.

I'll be honest with you, the bit-flipping attack "kinda works," but I doubt that it would ever go unnoticed because of the "HMAC-SHA256"-based integrity verification feature.

And let's not forget that this encryption algorithm performs the operation called superencryption.

As defined by NIST, superencryption is an encryption operation for which the plaintext input to be transformed is the ciphertext output of a previous encryption operation.

Such organization of the encryption algorithms makes a combined encryption algorithm that is at least as strong as the strongest one in the cascade, has a longer key, might be more resistant to some attacks, and might produce a ciphertext with higher entropy. Anyway. It won't hurt to have an additional layer of security (or several of them).

Another cool feature provided to you by KhadashPay is the "HMAC-SHA256"-based integrity verification.

Before encrypting the user data, KhadashPay computes the tag for that data and encrypts it.

Later on, when KhadashPay decrypts your data, it also decrypts the previously calculated tag and computes a new tag for the newly decrypted data. It then compares both tags, and if they don't match - KhadashPay notifies you that the integrity verification failed.

Even though KhadashPay can't decrypt user data without the user's card, I still decided to add an additional check, just in case. 

The so-called "Belonging Check" (didn't really know what else to call it) is a feature that allows the KhadashPay to verify whether the record with the balance belongs to the card that is taped on the RFID reader or not.

If you've never flashed the Raspberry Pi Pico before you need to configure the Arduino IDE first.

Configuring IDE isn't a part of this tutorial. You can read about it here https://www.tomshardware.com/how-to/program-raspberry-pi-pico-with-arduino-ide

You can download the firmware for KhadashPay from one of these sources.

SourceForge: https://sourceforge.net/projects/khadashpay/

OSDN: https://osdn.net/projects/khadashpay/

GitHub: https://github.com/Northstrix/KhadashPay

If you just need the firmware for the device alongside the RNG, then I would advise you to download a 0.6 MB archive either from SourceForge or OSDN.

But if you need the firmware for all versions of KhadashPay alongside the extra code, photos, and diagrams, in that case, I would advise you to download the 91.2 MB archive from GitHub.

TFT_eSPI: https://github.com/Bodmer/TFT_eSPI

PS2KeyAdvanced: https://github.com/techpaul/PS2KeyAdvanced

PS2KeyMap: https://github.com/techpaul/PS2KeyMap

rfid: https://github.com/miguelbalboa/rfid

The process of unpacking libraries is typical. You can unpack the content of the archive into the folder: ...\Arduino\libraries. Or open the Arduino IDE, click to the Sketch -> Include Library -> Add .ZIP Library... and select every archive with libraries.

Other required libraries are already present in one way or another.

TFT_eSPI Library requires the preset file to be modified depending on the display and the board that drives the display. Initially, I wanted to write a mini-guide on choosing and renaming the right preset file for the Raspberry Pi Pico. But then I realized that it would be more convenient to attach the ready-to-use preset file to the firmware and tell you where to place it.

So, take the "User_Setup.h" file from the "V2.0\Raspberry_Pi_Pico_Version" folder and place it in the "C:\Program Files (x86)\Arduino\libraries\TFT_eSPI-master" folder.

The primary purpose of the arduino-pico-littlefs-plugin is to let you upload the files into the RPI's flash memory. In this tutorial, the purpose of this tool is to format the RPI's flash.

Download the file called PicoLittleFS-0.2.0.zip from https://github.com/earlephilhower/arduino-pico-littlefs-plugin/releases/tag/0.2.0

And then extract the content of the archive into the "...\Arduino\Tools\" folder.

After that, restart the Arduino IDE.

KhadashPay needs memory allocated for the file system to function.

To allocate the memory for the file system, click "Tools" -> "Flash Size" -> "2MB (Sketch: 1MB, FS: 1MB)"

Click "Tools" -> "Pico LittleFS Data Upload." Then click "Yes" in the pop-up window. The program is going to format the RPI's flash memory.

To make the unauthorized deciphering of your data computationally infeasible - It is crucial to generate your own keys and never reuse them

It's entirely up to you how to generate the keys. I can only offer you an option to do so.

I've modified one of my previous projects to work as a random number generator, the generated output seems "random enough" for me, but I haven't run any tests. So, I can't guarantee that it's random.

Use it at your own risk!

To generate the keys - launch gen.exe from the "V2.0\Raspberry_Pi_Pico_Version\Untested RNG" folder and click the "Generate keys for KhadashPay V2.0" button. The background turns from dark gray to light gray when you press that button.

Open the "Firmware.ino" file from the "V2.0\Raspberry_Pi_Pico_Version\Firmware" folder and replace my keys with those you've generated.

Upload the firmware from the "V2.0\Raspberry_Pi_Pico_Version\Firmware" folder into the Raspberry Pi Pico.

Assembling the KhadashPay shouldn't be hard. In my opinion, it's roughly as complex as assembling the KhadashPay V2.0 ESP32 Version.

KhadashPay V2.0 (Raspberry Pi Pico Version) has four lock screens. It randomly chooses the lock screen at startup.

After the KhadashPay has chosen the lock screen, it displays the "חדשפיי" inscription with the shifting background and the "Tap RFID card N1" inscription.

Tap four RFID cards on the RFID reader one after another. The most important thing here is to tap the cards in the same order every time you unlock the KhadashPay. Otherwise, it just won't unlock.

If you don't have four cards, you can tap one card four times.

And by the way, the first card you tap on the RFID reader becomes the "operator card" right after you set the master password. You'll need this information later in this tutorial. For now, just remember it.

*Credit for photos:

Austin:

Photo by MJ Tangonan on Unsplash

Bogota:

Photo by Random Institute on Unsplash

London:

Photo by Robert Bye on Unsplash

Tel Aviv:

Photo by Shai Pal on Unsplash

To use the KhadashPay, you first need to set the master password.

Remember that you can't change the master password without losing the ability to decrypt all user data stored on the Raspberry Pi Pico!

KhadashPay won't be able to decrypt the user data without the master password because the keys for the encryption algorithms are partially derived from it. Perhaps, it won't even unlock without the correct master password.

When you're done entering your master password, press "Enter" on the PS/2 keyboard.

After you've unlocked the KhadashPay and got to the main menu:

• Press the "↓" (DOWNWARDS ARROW) key on the PS/2 keyboard to go down the menu.
• Press the "↑" (UPWARDS ARROW) key on the PS/2 keyboard to go up the menu.
• Press "Enter" on the PS/2 keyboard to choose the selected option.
• While in the main menu, press the "L" key on the PS/2 keyboard to show a random screen saver.

While entering a text in a tab:

• Press "Enter" on the PS/2 keyboard to continue;
• Press the "Esc" key on the PS/2 keyboard to cancel the current operation.

And by the way, pressing the "Caps Lock," "Num Lock," or "Scroll Lock" buttons makes the keyboard unresponsive until you remove the power from the Raspberry Pi Pico and put it back again.

Ok, let's start with the facts about the KhadashPay account.

• Each account is bound to the RFID card and PIN;
• The PIN can have a length from 1 to 8 characters;
• The PIN can consist of numbers, letters, and symbols;
• A client can create several accounts using the same card as long as the pins are different;
• The maximum amount of money stored in the account is only limited by the double variable type (don't worry about that, the KhadashPay can still store a 15-digit number without any problems);
• Not even the owner of the KhadashPay can see your balance without your card.

To create an account on KhadashPay V2.0:

Operator:

• Select the "New Account" line in the menu;
• Press "Enter" on the PS/2 keyboard;
• Tap the operator RFID card on the RFID reader;
• Press "Enter" on the PS/2 keyboard and give the device to the client.

Client:

• Tap your RFID card on the RFID reader;
• Set your PIN;
• Press "Enter" on the PS/2 keyboard;
• Enter the PIN that you've set again;
• Press "Enter" on the PS/2 keyboard.

To put money into the account:

Operator:

• Select the "Put Money In" line in the menu;
• Press "Enter" on the PS/2 keyboard;
• Tap the operator RFID card on the RFID reader;
• Enter the amount of money to be put into the client's account;
• Press "Enter" on the PS/2 keyboard;
• Press "Enter" on the PS/2 keyboard and give the device to the client.

Client:

• Tap your RFID card on the RFID reader;
• Enter your PIN;
• Press "Enter" on the PS/2 keyboard.

To make a sale:

Operator:

• Select the "Make A Sale" line in the menu;
• Press "Enter" on the PS/2 keyboard;
• Tap the operator RFID card on the RFID reader;
• Enter the sale amount;
• Press "Enter" on the PS/2 keyboard;
• Press "Enter" on the PS/2 keyboard and give the device to the client.

Client:

• Tap your RFID card on the RFID reader;
• Enter your PIN;
• Press "Enter" on the PS/2 keyboard.

To view balance:

Operator:

• Select the "View Balance" line in the menu;
• Press "Enter" on the PS/2 keyboard;
• Tap the operator RFID card on the RFID reader;
• Press "Enter" on the PS/2 keyboard and give the device to the client.

Client:

• Tap your RFID card on the RFID reader;
• Enter your PIN;
• Press "Enter" on the PS/2 keyboard.

As I've mentioned in the introduction, "I've also decided to add some Midbar capabilities to that version of KhadashPay." And so I did. KhadashPay V2.0 (Raspberry Pi Pico Version) allows you to store up to 50 logins in its built-in flash memory. You can adjust the maximum number of stored logins in the "#define MAX_NUM_OF_RECS 50" line.

To add a login using the PS/2 keyboard:

1. Select the "Other Options" line in the main menu;
2. Press "Enter" on the PS/2 keyboard;
3. Tap the operator RFID card on the RFID reader;
4. Select the "Logins" line;
5. Press "Enter" on the PS/2 keyboard;
6. Select the "Add" line;
7. Press "Enter" on the PS/2 keyboard;
8. Choose the slot into which you want to put the login to by pressing the "←" (Leftwards Arrow) and "→" (Rightwards Arrow) keys on the PS/2 keyboard;
9. Press "Enter" on the PS/2 keyboard;
10. Select the "PS/2 Keyboard" line;
11. Press "Enter" on the PS/2 keyboard;
12. Enter the title;
13. Press "Enter" on the PS/2 keyboard;
14. Enter the username;
15. Press "Enter" on the PS/2 keyboard;
16. Enter the password;
17. Press "Enter" on the PS/2 keyboard;
18. Enter the website;
19. Press "Enter" on the PS/2 keyboard.

According to the tests I've conducted - Raspberry Pi Pico can encrypt and decrypt a 10000-character long string without any problems using the 3DES + AES + Blowfish + Serpent encryption algorithm. So, technically, you can put 10 000 characters into a field of a record.

*All credentials demonstrated here are entirely fictitious. Any similarity to actual credentials is purely coincidental.

To view a login:

1. Select the "Other Options" line in the main menu;
2. Press "Enter" on the PS/2 keyboard;
3. Tap the operator RFID card on the RFID reader;
4. Select the "Logins" line;
5. Press "Enter" on the PS/2 keyboard;
6. Select the "View" line;
7. Press "Enter" on the PS/2 keyboard;
8. Choose the slot from which you want to view the login by pressing the "←" (Leftwards Arrow) and "→" (Rightwards Arrow) keys on the PS/2 keyboard;
9. Press "Enter" on the PS/2 keyboard;
10. Press the "Tab" key on the PS/2 keyboard to print the record to the serial terminal.

*All credentials demonstrated here are entirely fictitious. Any similarity to actual credentials is purely coincidental.

To edit a login:

1. Select the "Other Options" line in the main menu;
2. Press "Enter" on the PS/2 keyboard;
3. Tap the operator RFID card on the RFID reader;
4. Select the "Logins" line in the main menu;
5. Press "Enter" on the PS/2 keyboard;
6. Select the "Edit" line;
7. Press "Enter" on the PS/2 keyboard;
8. Select the login you would like to edit by pressing the "←" (Leftwards Arrow) and "→" (Rightwards Arrow) keys on the PS/2 keyboard;
9. Press "Enter" on the PS/2 keyboard;
10. Select the input source;
11. Press "Enter" on the PS/2 keyboard;
12. Depending on the chosen input source, either enter the new password on the PS/2 keyboard or paste it to the Serial Terminal;
13. Depending on the chosen input source, either press "Enter" on the PS/2 keyboard or press the "Send" button in the Serial Terminal.

*All credentials demonstrated here are entirely fictitious. Any similarity to actual credentials is purely coincidental.

To delete a login:

1. Select the "Other Options" line in the main menu;
2. Press "Enter" on the PS/2 keyboard;
3. Tap the operator RFID card on the RFID reader;
4. Select the "Logins" line;
5. Press "Enter" on the PS/2 keyboard;
6. Select the "Delete" line;
7. Press "Enter" on the PS/2 keyboard;
8. Select the login you would like to delete by pressing the "←" (Leftwards Arrow) and "→" (Rightwards Arrow) keys on the PS/2 keyboard;
9. Press "Enter" on the PS/2 keyboard.

To encrypt string:

1. Open the Serial Terminal because the ciphertext will be printed to it;
2. Select the "Other Options" line in the main menu;
3. Press "Enter" on the PS/2 keyboard;
4. Tap the operator RFID card on the RFID reader;
5. Select the "Encrypt String" line;
6. Choose the input source;
7. Press "Enter" on the PS/2 keyboard;
8. Depending on the chosen input source, either enter the text you'd like to encrypt on the PS/2 keyboard or paste it to the Serial Terminal;
9. Depending on the chosen input source, either press "Enter" on the PS/2 keyboard or press the "Send" button in the Serial Terminal.

Plaintext:

I made KhadashPay because I wanted to provide business owners with the opportunity to easily deploy a card payment system in their store without having to buy an expensive terminal, pay fees for each transaction, and waste time and resources dealing with the bank. As for the customers of the store where the KhadashPay is deployed, Khadash pay doesn't keep any logs whatsoever and doesn't require a bit of your personal information to create an account.

Ciphertext:

405d21960f7769f0d137152a2ef8b7530acb34a32740b6e8994e532a15550fa38b784d57c2ed37271ee17b3f1ae9ba241ad76369319b240df9cd3408148e4981a4dbeb64b256facb05090118a2cc82add00bb5005e85f31f30d51f17b9eed2965f84a5912c6d43479d55e0ee534fcddfa277bb808ea8dbec5c4a3626be873144506be967dbb217857c276b3ff0662d09d1447c1ab8fdb403de01825f4a8e6e8331b6406ee35b44927d6d4cb648b0e6ddc14fa1895e0fbe91d0aeae4404fea4f841a8a782a70e6581d75da5bc96f42909841107787ba6ef229490b8d93f0d0724fa1fa458abc9a187a8f42f33036a8b12ccf09f0526bf81d4ab4ede46868714e4e7175bd60f9175ed64bb9156d54ed71be8c2bd72a654d15115f4b7bf333b41212147194a13db901a08ab169112ea1f3d34300c1f1e0c7f034e9cc2103bef401fb99f7f2aae80c3ce2bf21b72ccf8f872314218c264101413724762a8f670a620cc77785675d113c6e74361ce77bb7f0396bff5a37d900506028b4caa02753503b018e10a7809afdd5619103b1a8498a74870cb58e88a2b3749331c71c57d063647d921db29842214ae6d2d33148affba495865bb9919fbd40f30293b1ffa8e91edee24f7610463106c10261973ecb93fc6e95c092691e8f991db1e15e1093714a55953a7f88a6df5f3fc1112b3d5218ee226d4626c91474534ad09b3cbee8424bc24c4dd4ed102e9180601ff4c207b84a260a654128638be441c56663cb00517be258e968097eeeaa6d030fd15fc65baf6d377e98aac2684fa06bb050712a5e576f651407dcb887d3d3ffd1934bcb665bf3212e1d5ae1abbb70aed1c05bddc8584c9829365bbbb430d219d4ea5461449c70282135686adef1f1859041519c32258987fda3aa9d484e39392f4a1fe5ade0ebad56360228ce8a3076d5a17586ffec1a21dbf9687dd740dacfaf64a1cc815f8cc58e7816ea37d7b35544a7d48bf3b3ad9b5c9b868da8e7f76729e3673a88e583154a229f076528f438ae1093c27c1f3154e838edc7df56c4e9b83bcc02a19878abe55db502994197c2c956c8e48b6ec847027563b4ac957105b947bff3b7605cf4a20e37c4ce38ab9cd1ce5a050364d7ae2d552596c21a119af313c602cd2

To decrypt string:

1. Open the Serial Terminal because you'll need to paste the ciphertext to it;
2. Select the "Other Options" line in the main menu;
3. Press "Enter" on the PS/2 keyboard;
4. Tap the operator RFID card on the RFID reader;
5. Select the "Decrypt String" line;
6. Press "Enter" on the PS/2 keyboard;
7. Choose where to print the plaintext;
8. Press "Enter" on the PS/2 keyboard;
9. Paste the ciphertext to the Serial Terminal;
10. Press the "Send" button in the Serial Terminal.

Ciphertext:

405d21960f7769f0d137152a2ef8b7530acb34a32740b6e8994e532a15550fa38b784d57c2ed37271ee17b3f1ae9ba241ad76369319b240df9cd3408148e4981a4dbeb64b256facb05090118a2cc82add00bb5005e85f31f30d51f17b9eed2965f84a5912c6d43479d55e0ee534fcddfa277bb808ea8dbec5c4a3626be873144506be967dbb217857c276b3ff0662d09d1447c1ab8fdb403de01825f4a8e6e8331b6406ee35b44927d6d4cb648b0e6ddc14fa1895e0fbe91d0aeae4404fea4f841a8a782a70e6581d75da5bc96f42909841107787ba6ef229490b8d93f0d0724fa1fa458abc9a187a8f42f33036a8b12ccf09f0526bf81d4ab4ede46868714e4e7175bd60f9175ed64bb9156d54ed71be8c2bd72a654d15115f4b7bf333b41212147194a13db901a08ab169112ea1f3d34300c1f1e0c7f034e9cc2103bef401fb99f7f2aae80c3ce2bf21b72ccf8f872314218c264101413724762a8f670a620cc77785675d113c6e74361ce77bb7f0396bff5a37d900506028b4caa02753503b018e10a7809afdd5619103b1a8498a74870cb58e88a2b3749331c71c57d063647d921db29842214ae6d2d33148affba495865bb9919fbd40f30293b1ffa8e91edee24f7610463106c10261973ecb93fc6e95c092691e8f991db1e15e1093714a55953a7f88a6df5f3fc1112b3d5218ee226d4626c91474534ad09b3cbee8424bc24c4dd4ed102e9180601ff4c207b84a260a654128638be441c56663cb00517be258e968097eeeaa6d030fd15fc65baf6d377e98aac2684fa06bb050712a5e576f651407dcb887d3d3ffd1934bcb665bf3212e1d5ae1abbb70aed1c05bddc8584c9829365bbbb430d219d4ea5461449c70282135686adef1f1859041519c32258987fda3aa9d484e39392f4a1fe5ade0ebad56360228ce8a3076d5a17586ffec1a21dbf9687dd740dacfaf64a1cc815f8cc58e7816ea37d7b35544a7d48bf3b3ad9b5c9b868da8e7f76729e3673a88e583154a229f076528f438ae1093c27c1f3154e838edc7df56c4e9b83bcc02a19878abe55db502994197c2c956c8e48b6ec847027563b4ac957105b947bff3b7605cf4a20e37c4ce38ab9cd1ce5a050364d7ae2d552596c21a119af313c602cd2

Plaintext:

I made KhadashPay because I wanted to provide business owners with the opportunity to easily deploy a card payment system in their store without having to buy an expensive terminal, pay fees for each transaction, and waste time and resources dealing with the bank. As for the customers of the store where the KhadashPay is deployed, Khadash pay doesn't keep any logs whatsoever and doesn't require a bit of your personal information to create an account.

I know that the KhadashPay V2.0 (Raspberry Pi Pico Version) may not be as convenient as an ESP32 version of the KhadashPay V2.0 because it utilizes a PS/2 keyboard instead of the 4x4 keypad. But the point of making several versions of the same device is not to make a "perfect version" of a device that would suit everyone and everywhere, instead making several versions of the same device allows one to incrementally improve the device and make different versions of the device that would suit the needs of different users.

One more thing though: take into account that I'm writing the following based solely on my observations. It seems to me that the Raspberry Pi Pico doesn't have a properly functioning random number generator (or at least I wasn't able to figure out how to work with it). By trying to generate the random values with the "rand()" function, I got a sequence that repeated even after the board was rebooted. I then started googling "how to generate random numbers on Raspberry Pi Pico" and stumbled upon a possible solution. But still, I won't be putting much trust into the Raspberry Pi Pico's RNG.

I hope I made the KhadashPay V2.0 "good enough" for you to use it. Anyway, KhadashPay's source code is distributed under the MIT license, so if you want to make your own version of the KhadashPay or change something in it, don't wait for anyone else to do it for you. Take the initiative into your own hands and do it! Don't forget that there's always room for improvement, even if it seems that there's none.

If you like this tutorial, please share it.

Thank you for reading this tutorial.