Hi all,
would it be possible to cypher the UART AT messages ot at least their contents using the api provided with #include "mbedtls/aes.h"?
For example the command
AT+CWJAP="my-test-wifi","1234test"
is used to connect to an Access point. The SSID and the password at the moment could be sniffed by an attacker probing the UART pins.
Have you any suggestions?
At the moment I have successfully compiled the AT project including #include "mbedtls/aes.h" so at least the API are available...but I do not know how to use them to cypher UART messages.....
Thank you in advance for your help
Best regards
AT Command UART Encryption
Re: AT Command UART Encryption
Thank you for your suggestion! In fact, we have already had this feature requirement, and it is expected to be completed by Q2 2024. Once it's done, I'll let you know.
If you're in a hurry, you can try to modify the encryption and decryption functions yourself.
- you can encrypt the data (data is sent to mcu) around https://github.com/espressif/esp-at/blo ... _api.c#L32, and mcu should decrypt the encrypted data.
- you can decrypt the data (data is from the mcu, and it should be encrypted by mcu) around https://github.com/espressif/esp-at/blo ... _api.c#L24
~
If you're in a hurry, you can try to modify the encryption and decryption functions yourself.
- you can encrypt the data (data is sent to mcu) around https://github.com/espressif/esp-at/blo ... _api.c#L32, and mcu should decrypt the encrypted data.
- you can decrypt the data (data is from the mcu, and it should be encrypted by mcu) around https://github.com/espressif/esp-at/blo ... _api.c#L24
~
Re: AT Command UART Encryption
Hi,
Thanks! Very good knews!
While I wait for your releaseI I will try to implement your suggestions!
Best regards
Thanks! Very good knews!
While I wait for your releaseI I will try to implement your suggestions!
Best regards
-
elec_hobbyist
- Posts: 2
- Joined: Thu Jun 06, 2024 8:14 am
Re: AT Command UART Encryption
Hi,
I am trying to solve a similar problem mentioned in this thread. Can you please let me know if there is any update on the feature completion? If it is completed, where can I find it or how can I access it? If not, then is there any other successful work around that's been found or implemented before?
With the work around suggested in the thread, I think it will encrypt the entire data packet and not just the WiFi credentials. My focus is to just encrypt the password at the moment.
Any help will be appreciated.
Thank you.
I am trying to solve a similar problem mentioned in this thread. Can you please let me know if there is any update on the feature completion? If it is completed, where can I find it or how can I access it? If not, then is there any other successful work around that's been found or implemented before?
With the work around suggested in the thread, I think it will encrypt the entire data packet and not just the WiFi credentials. My focus is to just encrypt the password at the moment.
Any help will be appreciated.
Thank you.
Re: AT Command UART Encryption
I am really sorry for this delay. This feature would be implemented by an external example in 2024.Q3.
Apologies for any inconvenience caused.
Apologies for any inconvenience caused.
Who is online
Users browsing this forum: No registered users and 5 guests