We are going to use digital signatures to add security to our system. If you want to learn more about how to use the Cryptographic Co-processor, check out this tutorial and video. These will show you the fundamental ideas behind digital signatures, walk you through how to setup each co-processor.
For the secure garage door opener example shown here, we are going to do something very similar to Example 6 in the Arduino Library. A complete cycle will follow these steps:
- User presses button on remote to engage cycle.
- Remote sends a “request for token”.
- Base generates a new random token (32-bytes).
- Base sends token to remote.
- Remote creates ECC signature on token (using its unique private key).
- Remote sends ECC signature to base.
- Base verifies signature using remote’s public key.
- If verified, base opens garage.
What makes this so secure is the fact that the only place in the world that can create a valid signature is inside the remote’s co-processor. This is because the private key was generated randomly during configuration and will never leave the IC. If you don’t have that actual piece of hardware (the remote co-processor), you will never be able to create a signature.
Also, the fact that the base creates a new random token for each cycle, allows us to prevent against man-in-the-middle and roll-jam attacks.
