Author Topic: https with gprs module and PIC 18F4550 - help and suggestions needed  (Read 2039 times)

0 Members and 1 Guest are viewing this topic.

Offline txescientistTopic starter

  • Regular Contributor
  • *
  • Posts: 90
  • Country: cs
I am thinking to make wireless sensor network with 18F4550. Data would be transferred via gprs module. There are many examples how to do that, but I am worried about security. On the server side I would use PHP and database. So PIC opens php page and using POST, transfers data. Problem is that the connection is not secured - https. Can you create secure connection with server using gprs modules and 18F PIC? As I know, http connection could be easily intercepted and any potential hacker could send false data or overflow the database. My knowledge about internet programming is limited  :-//, so any help is very much appreciated  :-+.

 

Offline michaeliv

  • Frequent Contributor
  • **
  • Posts: 260
As I know, http connection could be easily intercepted and any potential hacker could send false data or overflow the database.
If you intend just to have an HTTPS connection with POST-ing data, then HTTPS or HTTP doesn't make much of a difference.
The point of HTTPS is that you send authentication data to the server and have the data be encrypted so that if someone can see the HTTPS request they can't see your authentication data.
Anyway for your scenario seems like the most obvious security point would be the device itself getting hacked -- just read all the flash and get the password from there.
You would need to provide more specifics about what you're implementing + what medium the connection would be made for more details.
 

Offline dizgah

  • Regular Contributor
  • *
  • Posts: 61
  • Country: 00
HTTPS is achievable in GSM/GPRS modules although I suggest transfer a Public -Private key between server & client,Packet your data,encrypt them via AES or 3DES with server's public key, Send them via TCP,Then in the server side receive data and decrypt and store them in your DB.As you can see HTTPS is much more easier and economical approach ,but this is more flexible & robust.(I don't know can you receive TCP packets in PHP or not but if not as I know you need socket programming in e.g. dot.net and  at least VPS or private server).
Happiness can be found, even in the darkest of times, if one only remembers to turn on the light.
Albus Dumbledore
 

Offline txescientistTopic starter

  • Regular Contributor
  • *
  • Posts: 90
  • Country: cs
Thank you for the replays. In short, my question is> can 18F PIC support secure connection with the server and is there any other secure way to send data from remote sensor. Is it embedded in the gprs module? I have a lot to learn if this can be done. The main problem is that I don't know can it be done, and where to start. I am just asking for some guidelines from experienced people. I am sure this and a lot more can be done with other more powerful micros or even with the RPi. All examples that I fond used GET and unsecured connection.
 

Offline michaeliv

  • Frequent Contributor
  • **
  • Posts: 260
How many modules are you planning on connecting to the server? What type of attack are you trying to prevent ?
If I were you I would probably implement a simple rolling code that would be transmitted as a parameter to the post request. You would verify the parameter on the server. https://en.wikipedia.org/wiki/Rolling_code

For extra security don't transmit the roiling code directly, but hash it (MD5 or SHA) together with the logged data and send the hash to the server.
 

Offline txescientistTopic starter

  • Regular Contributor
  • *
  • Posts: 90
  • Country: cs
At most 20 modules. I am trying to prevent unauthorized writing in the database with measurements. Your idea is good. My friend just suggested me to use AES encription. Reading interval will be 5 minutes or so...
 

Offline Wilksey

  • Super Contributor
  • ***
  • Posts: 1329
The simple answer is possibly if you use a PIC with a cryptographic engine, not sure what protocols it supports off the bat.

The stack is typically in the GSM module rather than on the PIC unless you use a Microchip WiFi module, you could send raw packets as a TCP command, so your best bet is to find a GSM module with HTTPS support built into the command set.
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf