Midbar V2.0

With the development of cryptanalysis and new hacking techniques, the cost of accessing your data without your authorization continues to decline, making it easier and more attractive for different sides to get it.

I'm not going to get into details about the motivation of each side and the goals they're trying to achieve by obtaining your data. Instead, I would like to focus on the solution to that problem.

In my opinion, the only way to keep your data private is to raise the costs of unauthorized access to it as high as possible, ideally higher than any reward that a third side can get by obtaining your data. Doing so puts away the incentives to access your data without your permission.

To raise the cost of unauthorized access to your data - I've developed Midbar (which later on "evolved" into a multi-user Cipherbox, and now it kinda turned back into Midbar because I realized that a "multi-user Midbar" is superfluous and not as stable as a single-user one).

Midbar V2.0 is a password vault, credit card vault, note vault, phone number vault, data encrypter/decrypter, data hasher, SQLite3 host, and one-way secure communication channel - all in one!

In case you've missed the original Midbar or just want to know why I called it Midbar in the first place - Midbar (מדבר) is a Hebrew word that means "pasture," "uninhabited land," "wilderness," "large tracts of wilderness (around cities)," "desert." I had two reasons for choosing the word Midbar as the name of this project. First - while working on my previous projects, I noticed that the so-called "device that keeps your personal data secure in an encrypted form" market is pretty much a "desert around the oasis of the password manager market." Second - I couldn't find a better word to describe that project. At first, I wanted to call it a "Password Vault," but then I realized that it's more than just a password vault. So, I just called it Midbar!

Supplies for the vault:

• ESP32 x1
• Arduino Nano/Uno/Compatible board x1
• 1.5 Inch OLED with SSD1351 x1
• EC11 Rotary Encoder x1
• PS/2 Keyboard x1
• PS/2 Port x1
• 580 ohm resistor x1
• 4.7k resistors x7
• 100nf capacitors x2
• Buttons x2
• 10µF capacitor x1 *optional

Supplies for the receiver:

• ESP8266 x1
• Nokia 5110 display x1
• Arduino Nano/Uno/Compatible board x1
• 4x4 Keypad x1
• 580 ohm resistor x1
• Piece of paper with the letter "E" x1
• Piece of paper with the letter "F" x1

Midbar V2.0 utilizes seven encryption algorithms. Five encryption algorithms (the first five on the list) perform the operation called: superencryption.

As defined by NIST, superencryption is an encryption operation for which the plaintext input to be transformed is the ciphertext output of a previous encryption operation.

Such organization of the encryption algorithms makes a combined encryption algorithm that is at least as strong as the strongest one in the cascade, has a longer key, might be more resistant to some attacks, and might produce a ciphertext with higher entropy. Anyway. It won't hurt to have an additional layer of security (or several of them).

Now, let's get to the description part.

First of all, I would like to state these three facts:

1. All encryption algorithms utilized by this device are symmetric (the same key is used to both - encrypt and decrypt data);
2. All encryption algorithms utilized by this device make use of the integrity verification feature.
3. All encryption algorithms utilized by this device make use of the key incrementation and random numbers during the encryption process to prevent the chosen-plaintext attack and increase the entropy of the ciphertext.

As for the encryption algorithms themselves:

• 3DES + AES + Blowfish + Serpent is the strongest encryption algorithm utilized by this device. It's a combined encryption algorithm that's composed of four cryptographically strong encryption algorithms. It splits its input into 80-bit long blocks and then separately encrypts each block, infusing 48 random bits into each block. It produces the 128-bit (16 bytes) long output.
• Blowfish + AES + Serpent + AES takes 64-bit long input and produces 256-bit (32 bytes) long output;
• AES + Serpent + AES is almost the same as Blowfish + AES + Serpent + AES, except for the Blowfish part;
• Blowfish + Serpent is an encryption algorithm that takes 64-bit long input and produces 128-bit (16 bytes) long output;
• AES + Serpent is a bit weaker than the first three but still strong enough to keep your data secure. It takes 64-bit long input and produces 256-bit (32 bytes) long output;
• The Serpent is the bare minimum for keeping your data secure. It takes 64-bit long input and produces the 128-bit (16 bytes) long output;
• The 3DES is an outdated and the least secure encryption algorithm utilized by this device. Although you can still use it to encrypt your data, I wouldn't recommend it for anything sensitive. I've only included this algorithm for you to play with. It takes 32-bit long input and produces the 64-bit (8 bytes) long output.

Don't forget that there's also an encrypted tag attached to the encrypted string.

The integrity verification feature first appeared in the Cipherbox V2.0.

The absence of integrity verification was, in my opinion, a serious vulnerability present in the Cipherbox V1.0 and the Midbar V1.0. Although that wouldn't've allowed the attacker to decrypt your ciphertexts, that would've allowed the attacker to forge a new ciphertext using the legitimate ciphertexts produced either by the Cipherbox V1.0 or the Midbar V1.0.

Let me explain how it works (and how it won't work anymore). Neither the Cipherbox V1.0 nor the Midbar V1.0 was an easy target (for the sake of convenience, let's call them both the Midbar V1.0 from now on). Midbar V1.0 has been already protected from the brute-force attack, chosen-plaintext attack, and "somewhat protected" from the block-swapping attack. I wrote "somewhat protected" because even though an attacker couldn't change the block order within the ciphertext without causing it to become at least partially undecryptable, an attacker could still swap the block N1 of the ciphertext N1 with the block N1 of the ciphertext N2, they could swap the block N2 of the ciphertext N1 with the block N2 of the ciphertext N2, so on and so forth.

By doing so, an attacker could forge a new ciphertext that would appear legitimate to the Midbar V1.0 and even would've been decrypted correctly.

To fix that vulnerability, I've used HMAC-SHA256 (Hash-Based Message Authentication Code) to verify the integrity of the data encrypted by the Midbar V2.0. Unlike the usual hash function that only takes a string-to-be-hashed as an input, HMAC also takes the key to make sure that even if an attacker gets their hands on the hashes, stuff like the rainbow table will be useless.

Now let me show you how it works in practice.

Before I continue, I would like to remind you that I DO NOT ENCOURAGE HACKING IN ANY WAY!!!

I hacked MY OWN Midbar V2.0 because I wanted to show you how the integrity verification feature works and why it's crucial to have it.

Let's suppose that there are three records:

• Send Richard Dwight $100
• Send Isabella Smith $250
• Send Benjamin Brown $500

Now, let's suppose that an attacker obtained physical access to the device and extracted the database from it.

An attacker found these three Ciphertexts that they're unable to decrypt. But, let's suppose that an attacker knows where the ciphertext with the value of the bonus for Benjamin Brown is stored, which block has the encrypted value of the bonus, and where the ciphertext with the value of the bonus for the Richard Dwight is stored. Let's suppose that attacker knows that the bonus received by Benjamin Brown is more than the bonus received by Richard Dwight, and an attacker wants to increase the bonus for Richard Dwight. To do so, the attacker takes the block with the encrypted value of the bonus for Benjamin Brown and replaces Richard Dwight's bonus with Benjamin Brown's bonus. That trick would've worked with the Midbar V1.0, and the forged ciphertext "Send Richard Dwight $500" would've been decrypted without any problems. Midbar V2.0 would decrypt that ciphertext too. But unlike Midbar V1.0, Midbar V2.0 computes a tag for each plaintext and then prints that tag in an encrypted form. When the Midbar V2.0 decrypts the ciphertext, it also decrypts the tag and computes the new tag for the decrypted text. It then compares both tags. If these tags don't match, it turns the decrypted text red and throws the alert "Integrity Verification Failed."

*All names demonstrated here are entirely fictitious. Any similarity to actual persons, living or dead, is purely coincidental.

If you've never flashed ESP32 or ESP8266 before you'll need to configure Arduino IDE and install drivers to upload the firmware to the boards, you can find drivers here:

CP210x driver for ESP32: https://www.silabs.com/developers/usb-to-uart-brid...

CH340 driver for ESP8266: https://sparks.gogo.co.nz/ch340.html

In case you don't have Arduino IDE, you can download it here: https://www.arduino.cc/en/software

Configuring IDE isn't a part of this tutorial, you can read about it here:

ESP32: https://randomnerdtutorials.com/installing-the-esp...

ESP8266: https://randomnerdtutorials.com/how-to-install-esp...

You can download the firmware for Midbar from one of these sources.

SourceForge: https://sourceforge.net/projects/midbar/

OSDN: https://osdn.net/projects/midbar/

GitHub: https://github.com/Northstrix/Midbar

If you just need the firmware for the device alongside the RNG, then I would advise you to download a 0.3 MB archive either from SourceForge or OSDN.

But if you need the firmware for all versions of Midbar alongside the extra code, photos, and diagrams, in that case, I would advise you to download the 62.8 MB archive from GitHub.

Adafruit-GFX-Library: https://github.com/adafruit/Adafruit-GFX-Library

Adafruit-SSD1351-library: https://github.com/adafruit/Adafruit-SSD1351-library

Adafruit_BusIO: https://github.com/adafruit/Adafruit_BusIO

PS2Keyboard: https://github.com/PaulStoffregen/PS2Keyboard

esp32_arduino_sqlite3_lib: https://github.com/siara-cc/esp32_arduino_sqlite3_lib

EncButton: https://github.com/GyverLibs/EncButton

espsoftwareserial: https://github.com/plerup/espsoftwareserial/

Keypad: https://github.com/Chris--A/Keypad

nokia-5110-lcd-library: https://github.com/platisd/nokia-5110-lcd-library

The process of unpacking libraries is typical. You can unpack the content of the archive into the folder: ...\Arduino\libraries. Or open the Arduino IDE, click to the Sketch -> Include Library -> Add .ZIP Library... and select every archive with libraries.

Other required libraries are already present in one way or another.

The primary purpose of the ESP32 Filesystem Uploader is to let you upload files into ESP's filesystem. In this tutorial, the purpose of this tool is to upload an empty SPIFFS image into ESP.

Download the file called ESP32FS-1.0.zip from here: https://github.com/me-no-dev/arduino-esp32fs-plugin/releases/

then extract the content of the archive into the folder: ...\Arduino\Tools\

After that, restart the Arduino IDE.

Click Tools -> ESP32 Sketch Data Upload. Then click Yes in the pop-up window. The program is going format the built-in flash memory.

Some boards will flash without any problems.

Unfortunately, that's not the case for all boards. If you configured IDE correctly, installed drivers, selected the corresponding port, and still keep getting this error: A fatal error occurred: Failed to connect to ESP32: Timed out waiting for packet header. Connect a 10µF capacitor to the board while flashing.

Connect the positive lead of the capacitor to the EN pin of the ESP32;

Connect the negative lead of the capacitor (usually indicated by the gray stripe) to the GND pin of the ESP32.

Don't forget to disconnect the capacitor after the board flashes.

You must clear the ESP32's EEPROM before you can set the master password and start using Midbar.

To clear the ESP32's EEPROM - upload the firmware from the "ESP32_Version/V2.0/Firmware for the vault\Clear_EEPROM" folder into the ESP32.

After uploading the sketch, reboot the board. When EEPROM is cleared, the built-in LED starts blinking.

To make the unauthorized deciphering of your data computationally infeasible - It is crucial to generate your own keys and never reuse them

It's entirely up to you how to generate the keys. I can only offer you an option to do so.

I've modified one of my previous projects to work as a random number generator, the generated output seems "random enough" for me, but I haven't run any tests. So, I can't guarantee that it's random.

Use it at your own risk!

To generate the keys - launch gen.exe from the "ESP32 Version\V2.0\Untested RNG" folder and click the "Generate keys for Midbar V2.0" button. The background turns from dark gray to light gray when you press that button.

To get the receiver's MAC address, upload this code into the ESP8266.

#include <ESP8266WiFi.h>

void setup(){
  Serial.begin(115200);
  Serial.println();
  Serial.println(WiFi.macAddress());
}
 
void loop(){

}

Then open the Serial Terminal, and reboot the board.

If done correctly, you should see the MAC address in the console.

The MAC address of this board is 5C:CF:7F:FD:85:1D

Open the "Firmware_for_ESP32.ino" and "Firmware_for_ESP8266.ino" files, and then replace my keys with those you've generated.

Note that the receiver only needs three keys (hmackey_for_session_key, projection_key, proj_serp_key).

Don't forget to replace the receiver's MAC address in the line

uint8_t broadcastAddress[] = {0x5C, 0xCF, 0x7F, 0xFD, 0x85, 0x1D}; // Receiver's MAC address

in the "Firmware_for_ESP32.ino" file.

Upload the firmware from the "ESP32_Version/V2.0/Firmware for the vault\Firmware_for_ESP32" folder into the ESP32.

Upload the firmware from the "ESP32_Version/V2.0/Firmware for the vault\Firmware_for_Arduino" folder into the Arduino.

Upload the firmware from the "ESP32_Version/V2.0/Firmware for the receiver\Firmware_for_ESP8266" folder into the Arduino.

Upload the firmware from the "ESP32_Version/V2.0/Firmware for the receiver\Firmware_for_Arduino" folder into the Arduino.

Assembling the vault shouldn't be hard. In my opinion, the most tangled part of the process is to connect the encoder with its periphery the right way.

As for the possible component replacements:

• You can replace the 330-Ohm resistor with a 220-Ohm - 1k resistor;
• You can replace 4.7k resistors with 4.7k - 10k resistors;
• And you can replace the capacitors with 22nf - 100nf capacitors.

That should be even easier than the vault assembly.

When you power the vault up, you should see the lock screen with the blinking "Press any button" inscription.

You can either press any button or press (almost) any key on the keyboard to get to the unlock tab.

Believe me, it looks better than on photo.

Photo by Gabriel Tovar on Unsplash

To use the Midbar, you first need to set the password (or should I call it the "Master Password"?).

You can enter the password using the encoder and PS/2 keyboard.

And remember that you can't change your password without performing the factory reset first!

Midbar won't be able to decrypt your data without your password because the keys for the encryption algorithms are partially derived from it. Perhaps, it won't even unlock without the correct password.

When you're done entering your (master) password, either quad-click the encoder button or press the "Enter" on the PS/2 keyboard.

After unlocking the vault and getting to the main menu.

• Either turn the rotary encoder to the right or press the "↓" (DOWNWARDS ARROW) key on the PS/2 keyboard to go down the menu.
• Either turn the rotary encoder to the left or press the "↑" (UPWARDS ARROW) key on the PS/2 keyboard to go up the menu.
• Press either the "A" button, "Enter," or "A" key on the PS/2 keyboard to open the selected menu.
• While in the submenu, press either the "B" button, "Esc," or "B" key on the PS/2 keyboard to return to the main menu.

While entering a text in a tab:

• Either quad-click the encoder button four or press "Enter" on the PS/2 keyboard to continue;
• Either quintuple-click the encoder button (click it five times in quick succession) or press the "Esc" button on the PS/2 keyboard to cancel the current operation.

*If the hex value decreases when you rotate the encoder to the right, I would advise you to swap the wires connected to the D26 and D27 pins.

*If the keyboard suddenly stops working as intended, reboot the Arduino.

As I've mentioned before, Midbar V2.0 is a vault. It utilizes the 3DES + AES + Blowfish + Serpent encryption algorithm with an integrity verification feature alongside the SQLite3 serverless embedded relational database management system to keep your data safe and organized.

To add a login from the encoder and PS/2 keyboard:

1. Select the "Data in ESP32's Flash" line in the main menu;
2. Press the "A" button;
3. Select the "Logins" line;
4. Press the "A" button;
5. Select the "Add" line;
6. Press the "A" button;
7. Select the "Encoder + Keyboard" line;
8. Press the "A" button;
9. Enter the title;
10. Either quad-click the encoder button or press "Enter" on the PS/2 keyboard;
11. Enter the username;
12. Either quad-click the encoder button or press "Enter" on the PS/2 keyboard;
13. Enter the password;
14. Either quad-click the encoder button or press "Enter" on the PS/2 keyboard;
15. Enter the website;
16. Either quad-click the encoder button or press "Enter" on the PS/2 keyboard;
17. Press any button to return to the main menu.

According to the tests I've conducted - ESP32 can encrypt and decrypt a 1000-character long string without any problems using the 3DES + AES + Blowfish + Serpent encryption algorithm. So, technically, you can put 1000 characters into each field of every record.

*All credentials demonstrated here are entirely fictitious. Any similarity to actual credentials is purely coincidental.

To view a login:

1. Select the "Data in ESP32's Flash" line in the main menu;
2. Press the "A" button;
3. Select the "Logins" line;
4. Press the "A" button;
5. Select the "View" line;
6. Press the "A" button;
7. Select the login you would like to view by rotating the encoder;
8. Press the "A" button;
9. Press any button to view the next field.

To edit a login:

1. Select the "Data in ESP32's Flash" line in the main menu;
2. Press the "A" button;
3. Select the "Logins" line;
4. Press the "A" button;
5. Select the "Edit" line;
6. Press the "A" button;
7. Select the login you would like to edit by rotating the encoder;
8. Press the "A" button;
9. Select the input source;
10. Press the "A" button;
11. Depending on the chosen input source, either enter the new password you'd like to set on the encoder and PS/2 keyboard or paste it to the Serial Terminal;
12. Depending on the chosen input source, either quad-click the encoder button (or press "Enter") or press the "Send" button in the Serial Terminal.

To delete a login:

1. Select the "Data in ESP32's Flash" line in the main menu;
2. Press the "A" button;
3. Select the "Logins" line;
4. Press the "A" button;
5. Select the "Delete" line;
6. Press the "A" button;
7. Select the login you would like to delete by rotating the encoder;
8. Press the "A" button.

The process of working with records of other types is very similar to the process of working with logins.

As I've mentioned before, Midbar utilizes seven encryption algorithms. You can use any of them to encrypt your data.

To encrypt text:

1. Open the Serial Terminal because the ciphertext will be printed to it;
2. Select the "Encryption Algorithms" line in the main menu;
3. Press the "A" button;
4. Select the line with the name of the encryption algorithm you would like to use;
5. Press the "A" button;
6. Select the "Encrypt String" line;
7. Choose the input source;
8. Press the "A" button;
9. Depending on the chosen input source, either enter the text you'd like to encrypt on the encoder and PS/2 keyboard or paste it to the Serial Terminal;
10. Depending on the chosen input source, either quad-click the encoder button (or press "Enter") or press the "Send" button in the Serial Terminal.

Plaintext:

Midbar V2.0 is a password vault, credit card vault, note vault, phone number vault, data encrypter/decrypter, data hasher, SQLite3 host, and one-way secure communication channel - all in one!

Ciphertext:

1a8288a3ae64dacfad456e0cc5547ee070ff45fe005a836b2e99c7c7060e69dc50b9296543531661baee0e64b7e1e3123605b65e5e37ec1ee57403d1f6fb27133f5ff5fd9950190d9f2ca6499d7ffde551277e330667ba527285f8ec9a6e57cbef13d7ddd1bc0b18a666fc47ca3105ad4800b7703ca077f67368933c614472f5c971122d5611dc70181a0dc785d4d9ee968802cbc55184552bcdd9c496dd56cfa3b768ff461c3f49a21c0de08ae182e0ec735596b7b09dc4a3e3c64d8ff478552d0d21e45880e428e09bb6f04c03fbedda1f1159c046536563bef3a7d2df035a3dcc3082b36a1becd63c46b4fc6f452510b73a7b848caa52573eab936a0e4ea020bb4d19f20c1071372a23ec7937f737aa8566d558ac31ce786b28db5f690ec74fd6a0d9ee4958f386e6ddf920d0ed956964d1b2ef6e71d65eeafaf46f595adcacf678313aba118669655d542599f53c3bad540c29f44dff18f5a4974b69f433a6c9947657c30ad57e5c0d0aa6bc851b

To decrypt text:

1. Open the Serial Terminal because you'll need to paste the ciphertext to it;
2. Select the "Encryption Algorithms" line in the main menu;
3. Press the "A" button;
4. Select the line with the name of the encryption algorithm you've used to encrypt the text;
5. Press the "A" button;
6. Select the "Decrypt String" line;
7. Paste the ciphertext to the Serial Terminal;
8. Press the "Send" button in the Serial Terminal.

Ciphertext:

1a8288a3ae64dacfad456e0cc5547ee070ff45fe005a836b2e99c7c7060e69dc50b9296543531661baee0e64b7e1e3123605b65e5e37ec1ee57403d1f6fb27133f5ff5fd9950190d9f2ca6499d7ffde551277e330667ba527285f8ec9a6e57cbef13d7ddd1bc0b18a666fc47ca3105ad4800b7703ca077f67368933c614472f5c971122d5611dc70181a0dc785d4d9ee968802cbc55184552bcdd9c496dd56cfa3b768ff461c3f49a21c0de08ae182e0ec735596b7b09dc4a3e3c64d8ff478552d0d21e45880e428e09bb6f04c03fbedda1f1159c046536563bef3a7d2df035a3dcc3082b36a1becd63c46b4fc6f452510b73a7b848caa52573eab936a0e4ea020bb4d19f20c1071372a23ec7937f737aa8566d558ac31ce786b28db5f690ec74fd6a0d9ee4958f386e6ddf920d0ed956964d1b2ef6e71d65eeafaf46f595adcacf678313aba118669655d542599f53c3bad540c29f44dff18f5a4974b69f433a6c9947657c30ad57e5c0d0aa6bc851b

Plaintext:

Midbar V2.0 is a password vault, credit card vault, note vault, phone number vault, data encrypter/decrypter, data hasher, SQLite3 host, and one-way secure communication channel - all in one!

The Midbar utilizes two hash functions: SHA-256 and SHA-512.

If you're not familiar with the hash functions, let me give you a simple explanation of what the hash function is.

The hash function is an algorithm that takes your input (in that case, it's a string) and gives you a fixed-length output derived from that input. One of the essential properties of the hash function is that it always produces the same result for the same input. That allows you to use the hash function to verify the data integrity.

To hash a string:

• Select the "Hash Functions" line in the main menu;
• Press the "A" button;
• Select the "SHA-256" or "SHA-512" line depending on the hash function you'd like to use;
• Press the "A" button;
• Enter the string you'd like to hash;
• Either quad-click the encoder button or press "Enter" on the PS/2 keyboard.

Input:

Midbar

Hash:

0415af21a07eb50be9ce02417f73c1d6b8c30631a5a4240b662ff89e3531fcfa02dfe06a808acacf81b523066f81495dc3004e375f08e71943cad0589807b160

The Midbar utilizes the SQLite relational database management system to store your encrypted data in an organized form.

SQLite allows you to execute queries and statements on it. The difference between a query and a statement is that a query returns something after being executed. I wrote the word "query" in the "SQL" submenu because the Midbar always prints the output of the callback function after something is executed, even if you execute a statement.

To execute a query or a statement on the SQLite:

• Select the "SQLite3" line in the main menu;
• Press the "A" button;
• Press the "A" button again;
• Choose the input source;
• Press the "A" button;
• Depending on the chosen input source, either enter the query you'd like to execute on the encoder and PS/2 keyboard or paste it to the Serial Terminal;
• Depending on the chosen input source, either quad-click the encoder button (or press "Enter") or press the "Send" button in the Serial Terminal.

Let me start with the fact that, unlike the Midbar V1.0's receiver, that one is protected from the replay attack. To ensure that the receiver won't correctly decrypt any package that is resent to it, I've combined the key incrementation with the session key. The session key consists of 20 characters generated by the vault. The session key is valid until you either reboot ESP32 or power it off. After the key derivation process completes, both devices present you with the three verification numbers. These numbers must match on both the vault and the receiver! If these numbers don't match, I would advise you to reboot the ESP8266 and enter the session key again. If that won't work, open the firmware and check if the keys are the same.

To send the text to the receiver:

• Select the "Password Projection" line in the main menu;
• Press the "A" button;
• Press the "A" button again;
• Choose the input source;
• Press the "A" button;
• Enter the key on the receiver's keypad;
• Compare the verification number on both displays. They must be the same;
• Press the "A" button;
• Depending on the chosen input source, either enter the text you'd like to send on the encoder and PS/2 keyboard or paste it to the Serial Terminal;
• Depending on the chosen input source, either quad-click the encoder button (or press "Enter") or press the "Send" button in the Serial Terminal.

The receiver also prints the received text to the Serial Terminal.

Although Midbar is "somewhat resembling" a cryptographic fortress, even that "cryptographic fortress" can't and won't give you a 100% guarantee that your data would stay untouchable to everyone. And the whole Midbar project is not about giving you a 100% guarantee for something. It's about raising the cost of unauthorized access to your data as high as possible!

And by the way, if you want to make your own version of the Midbar or change something in it, please do so! Don't forget that there's always room for improvement, even if it seems that there's none. And you can be the one whose contribution to the project affects not just Midbar but also the whole "device that keeps your personal data secure in an encrypted form" market (and maybe even more than that).

That's it for this tutorial.

If you like this tutorial, please share it.

Thank you for reading this tutorial.