Critical Codepaths

hlieberman 2014-12-03 21:12:06 UTC #1

Hi everyone!

I'd like to propose that certain of the critical code paths get extra scrutiny - and maybe are even written in a memory-safe language, like Rust.

Specifically, the cryptography modules and the implementation of the mesh itself seem like candidates for it, especially the cryptography sections. If we're reusing a widely-used already existing open source project, of course, for either such a thing is less of a priority.

What are your thoughts?

Aspenforest 2014-12-04 10:50:22 UTC #2

The only way to make any source code secure and reliable is to make it available for public scrutiny,
especially when the code involves cryptography.

However, a crypto algorithm code can't be correctly reviewed, if it does not include the code which
uses the said crypto algorithm, namely the Flutter communications code.

In any case, Taylor is better off implementing half crypto in hardware and half in software, since
Flutter frequency hopping is sensitive to processor availability, and crypto tends to be heavy on the resources.

Device authentication and comm channel establishment can be securely implemented in software, since
they require relatively less resources compared with constant data encryption provided by AES, either
implemented as hardware or software.

For better efficiency, the Public Key Infrastructure is best implemented as C code, since I assume Taylor wishes to conserve CPU resources.
This unfortunately makes code review more difficult, since it requires fluency in C, which requires a lot of training.
Even so, the situation can be improved a lot, should Taylor choose to document his source code in depth.

There are a few options I see available to him regarding crypto, where the one with the easiest and least secure implementation would forgo the PKI and rely solely on AES.
The second option for him would be to read up on crypto, implement something in C, and give it out to the public for review. This is time consuming and error-prone, however, thanks to the Feature Creep, Taylor might be able to implement a PKI at a later date.
The third option, which would be the fastest, the most trustworthy, but would require finances, would be for him to hire a seasoned C crypto developer, who would be able to develop the PKI in time for product launch.

Still, we have to take into account the necessity for the crypto.
The chances that someone breaks into someone elses Flutter network in a couple of months after product release is fairly negligible, which makes it unnecessary to immediately develop ultra secure PKI.

Therefore, it seems to me that the second option would be the best, considering the conditions.

As for the AES chip and encrypted data transmission itself, while I am not discreetly familiar with the process,
I believe it to be a straight forward matter of relaying data to the chip, which returns it in an encrypted form,
which gets directly transmitted over the air.

As for establishing a comm link for the former process to take place, I have no specific information.
Perhaps Taylor would enlighten us on the said matter when he is able to find a moment to visit the community.

grymoire 2014-12-04 15:59:33 UTC #3

The way I see it, if I have an open source platform where I can create a single AES key, and I can install that key in all my Flutter devices, and optionally use that key to securely communicate between my devices, I will be extremely satisfied. It doesn't even have to be working, as long as I can access to the hardware and software so I can experiment with it and help Taylor with the code. I see no reason to use PKI at all.

IMHO, If you really want to help, be prepared to contribute code. Don't ask for features you are unwilling to implement yourself.

If you want to propose rust, perhaps it would make sense to join the Zinc group and contribute, porting zinc to the SAM 3S CPU, so we can port it to Flutter.

hlieberman 2014-12-05 18:22:25 UTC #4

I agree. I was thinking that two keys should actually be exchanged during radio provisioning - one shared within the PAN, and one that is dedicated to each radio (and the provisioning machine). That would allow for a secured channel for a master/slave arrangement that could allow all sorts of fun stuff. Anyway, that's besides the point - crypto design is what the other thread is for.

Agreed, 100%. I'm more than happy to hack on the protocol design and the codebase itself. A do-ocracy is the way to get shit done.

While I'd love, love, love to have the entire codebase written in Rust from the ground up, we can gain some kinds of security even without Zinc. If the code that interfaces with the HSM was written in Rust and exposed an ABI that could be called from C, or vice-versa for whatever other components, we gain some plugability.

taylor 2014-12-22 21:51:43 UTC #5

I am loving the discussion here. A lot of this will hinge on the community contributing code as software is the weakest of my world domination skills (out of mechanicals, electronics, software). I can port Arduino to a new ARM CPU and whip up a custom wireless protocol or Android app, but the whole zen level of software where it is proven secure is beyond me.

Can't wait until I can ship you guys the hardware. First order being placed soon!