How to prevent data from being copied, while allowing for transmission?

Mark Speir · 2017-01-06T23:05:36

I have a hobby electronics project in mind for an electronic key (think house key, car key. etc., i.e., physical key). It would be a PCB that would be inserted into a slot. Both the key and lock would have dedicated hardware, yet to be determined. I'm thinking about using something like public key encryption, with the public key being stored in the hardware in the key (call this the client) and the private key being stored in the lock (server). While this is just a hobby project and I understand that nothing can be 100% secure, the public key will need to be transmitted to the server from the client to lock or unlock the lock. This poses a problem. If the public key is transmitted, it can be intercepted. If it can be intercepted, then the key can easily be copied, rendering the encryption useless. How can this be mitigated? I was thinking about the server sending a code of some sort, possibly based on a hardware-based random number generator, to the client that would be used to obfuscate the public key. Still, that doesn't solve the problem; the contents of the key are not an issue. If the obfuscated key is intercepted, then we are back at square one. I feel like I am part way to the solution with this, but am missing a key portion. I'm getting the feeling that what I am after is simply impossible. I know that quantum-based encryption is supposed to address this, but I am not going there, even if I could.

GDNet Lounge Community

Started by MarkS_ December 17, 2016 04:28 AM

11 comments, last by MarkS_ 8 years, 1 month ago

SillyCow

1,534

January 06, 2017 09:28 PM

I used the terms "client" and "server" because they closely match what would be happening here, with the only caveat that the connection between the client and server would be measured in millimeters, not kilometers. Understand that this would be an actual hardware device; the key would be an actual object you would hold. As such, and keeping with the tradition of keys having visible (public) cuts on the blade, I figured the public key portion of the public/private key encryption should be stored on the key card. The private key (tumblers in a standard lock) would be held within the server (physical lock in the door/whatever). This is not a requirement of the design.
 
The intent here is not to encrypt data, but to create a digital door/whatever lock using electronics in a manner that is difficult to hack and impossible to pick. My mentioning of public key encryption is because it is the closest software design to a traditional key/lock.
 
SiCrane actually gave a solution that is very much in line with what I am intending. I can use that.

 

I still think that there is something you might be missing about public keys, that is very important to understand:
Using your physical metaphors, the lock is the public key, and the key is the private key.

Supposing you have a lock on a door (public key). Anyone can come and copy this lock when you are not looking. But you don't care, because that would just enable them to lock another door with the copied lock. It would not enable them to create a copy of the physical key (the private key). As such, they would now have 2 doors which they cannot open...

That is the whole beauty of asymmetric encryption (the public/private encryption), and it's what makes it special: Having access to a lock, does not mean you can manufacture a key to open it...

So as long one device remains solely in your possession (the key in your pocket), it doesn't matter who has access to the lock. However, if someone steals your key (the private key) you are in trouble...

My Oculus Rift Game: RaiderV

My Android VR games: Time-Rider& Dozer Driver

My browser game: Vitrage - A game of stained glass

My android games : E nemies of the Crown & Killer Bees

Brain

19,059

January 06, 2017 09:56 PM

It would not enable them to create a copy of the physical key (the private key)

This is actually a poor analogy this direction too.

Take a lock barrel to any locksmith and they can use it to make a key for it :)

Games/Projects Currently In Development:
Discord RPG Bot | D++ - The Lightweight C++ Discord API Library | TriviaBot Discord Trivia Bot

MarkS_

Author

3,509

January 06, 2017 11:05 PM

It's also moot. If I were to use RSA for this, both the lock and the key would need copies of the public/private keys. The key will not just be data storage; it will have its own processor doing encryption/decryption and authentication. Both the key and the lock will need to be able to both encrypt and decrpyt and the public key only allows encryption. That leaves me with symmetrical encryption, which it perfectly fine.

While it is not, nor has it even been, my intention to make the best/most secure lock and key (the NSA wont be locking their doors with it!), I still want to do this well. I have a LOT to think about!

How to prevent data from being copied, while allowing for transmission?

This topic is closed to new replies.

Popular Topics

Recommended Tutorials

How to prevent data from being copied, while allowing for transmission?

This topic is closed to new replies.

Popular Topics

Recommended Tutorials

Reticulating splines