基本的高性能数据真实性 [英] Basic high performance data authenticity

问题描述

（我不是母语，而且在术语方面可能不正确。）

(I am not a native speaker and might not be correct in terms of terminology. Sorry about that.)

我在AVR微控制器之间通过无线电传输数据个人使用，并希望客户证明传输数据的真实性，因为它源自一个授权的客户端。这意味着我不需要不可否认，并且能够预定义共享密钥。我对不同的方法做了一些研究，发现我需要一些帮助，选择一个最能满足我的要求。

I am transmitting data via radio between AVR microcontrollers for personal use and would like for clients to demonstrate the authenticity of transmitted data in that it originates from one of the authorized clients. This means I am not requiring non-repudiation and would be able to pre-define a shared key. I have done some research on different approaches and found that I need some assistance on chosing one that best meets my requirements.

请理解我不需要最大的安全性。我只想防止一个潜在的脚本小狗邻居在几个小时内打破。如果打开平均消费者的齿轮需要几个星期，因为今天我会没事的。

Please understand that I do not require maximum security. I would simply like to prevent a potential script kiddie neighbor from breaking in within a matter of hours. Should breaking in with average consumer gear require a number of weeks as of today I would be OK.

我发送的消息是相当小的（不超过30字节，只有几个字节的有效载荷），并且频率不超过30个消息/分钟。

The messages I am transmitting are rather small in size (no more than 30 bytes with only a few bytes payload) and the frequency would be no more than 30 messages / min.

一个用例是运动检测器通过空中发送消息处理单元然后通过空气向光开关发送另一消息。请不要专注于运输。

One use case is a motion detector sending a message over the air to a processing unit which then sends another message over the air to a light switch. Please do not focus on transport. This question is only on data autheticity.

我在20 MHz AVR微控制器上运行客户端/服务器软件（在C中），Flash和RAM非常有限。所以我正在寻找一个解决方案与小代码大小和RAM利用率，同时仍然提供高数据速率。

I am running the client / server software (in C) on 20 MHz AVR microcontrollers with very limited Flash and RAM. So I am looking for a solution with small code size and RAM utilization while still providing a high data rate.

我做了一些性能测试与MD5实现（C）创建从20字节数据哈希，发现它可能太慢。我理解MD5实现本身不会解决这个要求。

I did some performance testing with an MD5 implementation (C) creating hashes from 20 bytes data and found that it might be too slow. I understand that an MD5 implementation by itself would not solve the requirement. I did the testing only for evaluating hashing performance.

感谢您的意见

推荐答案

我会使用128位AES来签署邮件。这里是一个优秀的源已经实现了AVR，具有大小和周期计数的完整文档，包括权衡大小/速度的不同版本。 http://avrcryptolib.das-labor.org/trac/wiki/AES

I would use 128-bit AES to sign the messages. Here is an excellent source that has already implemented this for AVR, with full documentation of sizes and cycle counts, including different versions that trade off size/speed. http://avrcryptolib.das-labor.org/trac/wiki/AES

这篇关于基本的高性能数据真实性的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！