We are planning a project using the Digi Connect Wi-ME. We need to be able to encrypt and decrypt files in some secure but simple way using a secret key. We don’t need all the complexity of public key, key rings, certificates etc. Does this code already exist in the NetSilicon software stack? Or does anyone know where I can get the source for something that will do this job (preferably without a lot of usage restrictions)?
Many thanks - Rowan
A few years back (read: 1996) I took the DES encoder from the Linux kernel and ported it in under an hour. It is fast and simple. That would probably do the trick for you. That would prevent anyone who doesn’t want to invest a fortune from decoding your stuff.
Otherwise, DIGI has a stripped down version of the SSL library in NetOS. It still has the DES protocols in it so you can use the standard crypto library calls.
-Erik
If you are just looking for basic encryption without all of the authentication/key exchange overhead, do a google search on arcfour or RC4 cyphers. They are a quick, stream cypher with up to a 2048 bit key. The code was originally published in a newsgroup, and later documented as arcfour in an IETF draft, which has expired. There are some known problems with short keys and repeated use, but they can be overcome. ‘RC4’ is a tradmark of RSA, but the cypher itself is public knowledge.
Erik,
Many thanks for your reply. Sounds promising. However I’m new to cryptography and I’m under such pressure to get this done that I’m not going to have time to learn a lot about such a huge field - can you tell me where I can find documentation on “the standard crypto library calls”?
My requirement is really very simple - just to make the contents of a file generated by my software inaccessible to anything other than my software. I don’t need public key, certificates and the rest. Secret key is fine.
Thanks for your help - Rowan
Rowan,
Check out the OpenSSL web site (www.openssl.org). There are tutorials and stuff there on OpenSSL. You just need to add the call to the Digi front-end and you can use OpenSSL directly in your app. Sorry if I wasn’t clear on that. There are also books on OpenSSL that you can get at your local Barnes and Noble.
If you are having problems with the Digi stripped-down implementation of OpenSSL (I did) and you are not using their https, I have a port of the OpenSSL library that is complete. Just ask.
FYI, OpenSSL is a cryptography library (libcrypto) that has implementations for DES, Public Key, AES, Kerberos, and many others. It is used by https, ftps, ssh, and other encrypted internet formats. Digi uses a stripped down version in NetOS to support https.
I will take a look to see if I can generate a simple application that will use DES (and then post it). You might want to check out codeguru.com, they have a few examples on how to implement it for DOS/Windows and it would be identical for NetOS, just look for “SSL”. They also have some DES examples.
-Erik
Just a note, OpenSSL doesn’t need to have all the fancy key/auth stuff used. You can use just the DES routines by themselves. Each part of OpenSSL is standalone.
-Erik
> If you are having problems with the Digi
> stripped-down implementation of OpenSSL (I did) and
> you are not using their https, I have a port of the
> OpenSSL library that is complete. Just ask.
Erik,
Are you still active here, and is this port still available?
TIA,
Jeff.