Midbar V3.0

by Northstrix in Circuits > Microcontrollers

1355 Views, 4 Favorites, 0 Comments

Midbar V3.0

IMG_20230121_112045_hdr.jpg

Not so long ago, I released two versions of Midbar: Midbar V2.5 and Midbar (Raspberry Pi Pico Version).

While the Midbar (Raspberry Pi Pico Version) handled the PS/2 keyboard much better than the Midbar V2.5, the Midbar V2.5 generated random numbers of a higher quality than the Midbar (Raspberry Pi Pico Version).

It was hard for me to decide which one is actually better, so I've decided to merge these two into a new version of Midbar, which would definitely be better than both of them. And I think I succeeded in that.

Midbar V3.0 is the best of both preceding Midbars. It handles the PS/2 keyboard like the Midbar (Raspberry Pi Pico Version) and has the random number generator from the Midbar V2.5

I've also removed the SQLite3 RDBMS from the Midbar V3.0 to make it faster than both previous Midbars.


In case you want to know why I called this project Midbar - Midbar (מדבר) is a Hebrew word that means "pasture," "uninhabited land," "wilderness," "large tracts of wilderness (around cities)," "desert." I had two reasons for choosing the word Midbar as the name of this project. First - while working on my previous projects, I noticed that the so-called "device that keeps your personal data secure in an encrypted form" market is pretty much a "desert around the oasis of the password manager market." Second - I couldn't find a better word to describe that project. At first, I wanted to call it a "Password Vault," but then I realized that it's more than just a password vault. So, I just called it Midbar!

*Updated: You can play with the partially functioning simulation of Midbar V3.0 on Wokwi.

Supplies

IMG_20230121_163923_hdr.jpg

Supplies for the vault:

  • ESP32 x1
  • 2.4 Inch TFT LCD with ILI9341 x1
  • EC11 Rotary Encoder x1
  • PS/2 Keyboard x1
  • PS/2 Port x1
  • 4.7k resistors x7
  • 100nf capacitors x2
  • Buttons x2
  • 10µF capacitor x1 *optional


Supplies for the receiver:

  • ESP8266 x1
  • Nokia 5110 display x1
  • Arduino Nano/Uno/Compatible board x1
  • 4x4 Keypad x1
  • 580 ohm resistor x1

3DES + AES + Blowfish + Serpent in CBC Mode

3des+aes+blowfish+serpent_in_cbc.png

Don't get me wrong - the "3DES + AES + Blowfish + Serpent" encryption algorithm ain't exactly what I would call "cryptographically weak," but operating it in a weird derivation of the ECB mode wasn't the best idea that I had. Although that wouldn't've allowed the attacker to produce the legitimate ciphertext by swapping the blocks within the ciphertext, an attacker could still make a legitimate ciphertext by replacing the nth block of the ciphertext N1 with the nth block of the ciphertext N2. To fix that vulnerability (instead of just notifying the user that the decrypted ciphertext might've been forged), I made the "3DES + AES + Blowfish + Serpent" encryption algorithm work in CBC mode. So, if an attacker replaces a block of ciphertext, it spoils not just that block but also the subsequent one.

I'll be honest with you, the bit-flipping attack "kinda works," but I doubt that it would ever go unnoticed because of the "HMAC-SHA256"-based integrity verification feature.

And by the way, out of all encryption algorithms utilized by the Midbar V3.0, the "3DES + AES + Blowfish + Serpent" is the only algorithm that works in CBC mode. Beware of it!

Integrity Verification

FVD1NTYLD33U7YX.png
IMG_20230121_160428.jpg

The Midbar (Raspberry Pi Pico Version) is the third version of Midbar that verifies the integrity of the whole record. So, the legitimate ciphertexts moved between the cells aren't much of a threat to it.

The "HMAC-SHA256"-based integrity verification feature works as follows:

When you add a record to Midbar, it concatenates all the data you've entered into a single string, computes a tag for it, and then stores that tag in the encrypted form.

When Midbar decrypts your data, it also decrypts the previously calculated tag and computes a new tag for the decrypted data. It then compares both tags, and if they don't match - Midbar notifies you that the integrity verification failed.


*All credentials demonstrated here are entirely fictitious. Any similarity to actual credentials is purely coincidental.

Install Drivers and Configure Arduino IDE *Optional

If you've never flashed ESP32 or ESP8266 before you'll need to configure Arduino IDE and install drivers to upload the firmware to the boards, you can find drivers here:

CP210x driver for ESP32: https://www.silabs.com/developers/usb-to-uart-brid...

CH340 driver for ESP8266: https://sparks.gogo.co.nz/ch340.html

In case you don't have Arduino IDE, you can download it here: https://www.arduino.cc/en/software

Configuring IDE isn't a part of this tutorial, you can read about it here:

ESP32: https://randomnerdtutorials.com/installing-the-esp...

ESP8266: https://randomnerdtutorials.com/how-to-install-esp...

Download Firmware

You can download the firmware for Midbar from one of these sources.

SourceForge: https://sourceforge.net/projects/midbar/

OSDN: https://osdn.net/projects/midbar/

GitHub: https://github.com/Northstrix/Midbar

If you just need the firmware for the device alongside the RNG, then I would advise you to download a 0.8 MB archive either from SourceForge or OSDN.

But if you need the firmware for all versions of Midbar alongside the extra code, photos, and diagrams, in that case, I would advise you to download the 99.3 MB archive from GitHub.

Download and Install the Libraries

Adafruit-GFX-Library: https://github.com/adafruit/Adafruit-GFX-Library

Adafruit_ILI9341: https://github.com/adafruit/Adafruit_ILI9341

Adafruit_BusIO: https://github.com/adafruit/Adafruit_BusIO

PS2KeyAdvanced: https://github.com/techpaul/PS2KeyAdvanced

EncButton: https://github.com/GyverLibs/EncButton

espsoftwareserial: https://github.com/plerup/espsoftwareserial/

Keypad: https://github.com/Chris--A/Keypad

nokia-5110-lcd-library: https://github.com/platisd/nokia-5110-lcd-library

The process of unpacking libraries is typical. You can unpack the content of the archive into the folder: ...\Arduino\libraries. Or open the Arduino IDE, click to the Sketch -> Include Library -> Add .ZIP Library... and select every archive with libraries.

Other required libraries are already present in one way or another.

Install ESP32 Filesystem Uploader

FXGX26NLCAJ161L.png

The primary purpose of the ESP32 Filesystem Uploader is to let you upload files into ESP's filesystem. In this tutorial, the purpose of this tool is to upload an empty SPIFFS image into ESP.

Download the file called ESP32FS-1.0.zip from here: https://github.com/me-no-dev/arduino-esp32fs-plugin/releases/

then extract the content of the archive into the folder: ...\Arduino\Tools\

After that, restart the Arduino IDE.

Switch the Partition Scheme to the "No OTA (2MB APP/2MB SPIFFS)"

ps.png

You have to switch the partition scheme to the "No OTA (2MB APP/2MB SPIFFS)" before you continue working with ESP32 because the sketch is too big for the default partition.

Format ESP32'S Built-In Flash Memory

format.png

Click Tools -> ESP32 Sketch Data Upload. Then click Yes in the pop-up window. The program is going format the built-in flash memory.

Some boards will flash without any problems.

Unfortunately, that's not the case for all boards. If you configured IDE correctly, installed drivers, selected the corresponding port, and still keep getting this error: A fatal error occurred: Failed to connect to ESP32: Timed out waiting for packet header. Connect a 10µF capacitor to the board while flashing.

Connect the positive lead of the capacitor to the EN pin of the ESP32;

Connect the negative lead of the capacitor (usually indicated by the gray stripe) to the GND pin of the ESP32.

Don't forget to disconnect the capacitor after the board flashes.

Generate Keys

gen.png

To make the unauthorized deciphering of your data computationally infeasible - It is crucial to generate your own keys and never reuse them

It's entirely up to you how to generate the keys. I can only offer you an option to do so.

I've modified one of my previous projects to work as a random number generator, the generated output seems "random enough" for me, but I haven't run any tests. So, I can't guarantee that it's random.

Use it at your own risk!

To generate the keys - launch gen.exe from the "ESP32_Version\V3.0\Untested RNG" folder and click the "Generate keys for Midbar V3.0" button. The background turns from dark gray to light gray when you press that button.

Get the Receiver's MAC Address

FGBQFVFLCAJ161S.png

To get the receiver's MAC address, upload this code into the ESP8266.

#include <ESP8266WiFi.h>

void setup(){
Serial.begin(115200);
Serial.println();
Serial.println(WiFi.macAddress());
}

void loop(){

}

Then open the Serial Terminal, and reboot the board.

If done correctly, you should see the MAC address in the console.

The MAC address of this board is 5C:CF:7F:FD:85:1D

Modify the Firmware

esp32.png
esp8266.png

Open the "Firmware_for_ESP32.ino" and "Firmware_for_ESP8266.ino" files, and then replace my keys with those you've generated.

Note that the receiver only needs three keys (hmackey_for_session_key, projection_keyproj_serp_key).

Don't forget to replace the receiver's MAC address in the line

uint8_t broadcastAddress[] = {0x5C, 0xCF, 0x7F, 0xFD, 0x85, 0x1D}; // Receiver's MAC address

in the "Firmware_for_ESP32.ino" file.

Flash ESP32

32.png

Upload the firmware from the "ESP32_Version\V3.0\Firmware_for_ESP32" folder into the ESP32.

Flash ESP8266

8266.png

Upload the firmware from the "ESP32_Version\V3.0\Firmware_for_ESP8266" folder into the ESP8266.

Flash Arduino

ard.png

Upload the firmware from the "ESP32_Version\V3.0\Firmware_for_Arduino" folder into the Arduino.

Assemble the Vault

Vault Circuit Diagram.png

Assembling the vault shouldn't be hard. In my opinion, the most tangled part of the process is to connect the encoder with its periphery the right way.


As for the possible component replacements:

  • You can replace 4.7k resistors with 4.7k - 10k resistors;
  • And you can replace the capacitors with 22nf - 100nf capacitors.

Assemble the Receiver

Receiver Circuit Diagram.jpg

That should be even easier than the vault assembly.

Power the Vault Up

IMG_20230121_145234.jpg
IMG_20230121_145403.jpg
IMG_20230121_144930.jpg
IMG_20230121_145109.jpg
IMG_20230121_145427.jpg

Unlike the Midbar V2.5, which only has one lock screen, the Midbar V3.0 has five. Midbar randomly chooses the lock screen at startup.

After the Midbar has chosen the lock screen, it displays the word "מדבר" with the shifting background and the "Press Any Key" inscription.

At that point, press any key or button to get to the next tab.


*Credit for photos:

Dallas:

Photo by Erin Hervey on Unsplash

Tel Aviv:

Image by ran from Pixabay

Montreal:

Image by Beenerm from Pixabay

Austin:

Photo by MJ Tangonan on Unsplash

Dallas:

Photo by R K on Unsplash

Set the Master Password

IMG_20230121_150215.jpg
IMG_20230121_150236.jpg
IMG_20230121_150240.jpg

To use the Midbar, you first need to set the master password.

You can only enter the master password using the encoder and PS/2 keyboard.

And remember that you can't change your master password without performing the factory reset first!

Midbar won't be able to decrypt your data without your master password because the keys for the encryption algorithms are partially derived from it. Perhaps, it won't even unlock without the correct master password.

When you're done entering your master password, either quad-click the encoder button or press the "Enter" on the PS/2 keyboard.


After you've unlocked the vault and got to the main menu:

  • Either turn the rotary encoder to the right or press the "" (DOWNWARDS ARROW) key on the PS/2 keyboard to go down the menu.
  • Either turn the rotary encoder to the left or press the "" (UPWARDS ARROW) key on the PS/2 keyboard to go up the menu.
  • Press either the "A" button or the "Enter" key on the PS/2 keyboard to open the selected menu.
  • While in the submenu, press either the "B" button or the "Esc" key on the PS/2 keyboard to return to the main menu.


While entering a text in a tab:

  • Either quad-click the encoder button four or press "Enter" on the PS/2 keyboard to continue;
  • Either quintuple-click the encoder button (click it five times in quick succession) or press the "Esc" button on the PS/2 keyboard to cancel the current operation.


*If the hex value decreases when you rotate the encoder to the right, I would advise you to swap the wires connected to the D26 and D27 pins.

And by the way, pressing the "Caps Lock," "Num Lock," or "Scroll Lock" buttons makes the keyboard unresponsive until you either reconnect it or reboot the ESP32.

Add Login

IMG_20230121_150434.jpg
IMG_20230121_150437.jpg
IMG_20230121_150441.jpg
IMG_20230121_150446.jpg
IMG_20230121_150548.jpg
IMG_20230121_150620.jpg
IMG_20230121_150706.jpg
IMG_20230121_150806.jpg
IMG_20230121_150808.jpg

First and foremost, the Midbar V3.0 is a vault. It utilizes the 3DES + AES + Blowfish + Serpent encryption algorithm in CBC mode with an integrity verification feature alongside the ESP32's built-in flash memory to keep your data safe and organized.


To add a login from the encoder and PS/2 keyboard:

  1. Select the "Logins" line in the main menu;
  2. Press either the "A" button or the "Enter" key on the PS/2 keyboard;
  3. Select the "Add" line;
  4. Press either the "A" button or the "Enter" key on the PS/2 keyboard;
  5. Choose the slot you want to put the login to either by rotating the encoder or by pressing the "←" (Leftwards Arrow) and "→" (Rightwards Arrow) keys on the PS/2 keyboard;
  6. Press either the "A" button or the "Enter" key on the PS/2 keyboard;
  7. Select the "Encoder + Keyboard" line;
  8. Press either the "A" button or the "Enter" key on the PS/2 keyboard;
  9. Enter the title;
  10. Either quad-click the encoder button or press "Enter" on the PS/2 keyboard;
  11. Enter the username;
  12. Either quad-click the encoder button or press "Enter" on the PS/2 keyboard;
  13. Enter the password;
  14. Either quad-click the encoder button or press "Enter" on the PS/2 keyboard;
  15. Enter the website;
  16. Either quad-click the encoder button or press "Enter" on the PS/2 keyboard;


According to the tests I've conducted - Raspberry Pi Pico can encrypt and decrypt a 650-character long string without any problems using the 3DES + AES + Blowfish + Serpent encryption algorithm. So, technically, you can put 650 characters into a field of a record.


*All credentials demonstrated here are entirely fictitious. Any similarity to actual credentials is purely coincidental.


View Login

IMG_20230121_150843.jpg
IMG_20230121_150847.jpg
IMG_20230121_150851.jpg
IMG_20230121_150855.jpg

To view a login:

  1. Select the "Logins" line in the main menu;
  2. Press either the "A" button or the "Enter" key on the PS/2 keyboard;
  3. Select the "View" line;
  4. Press either the "A" button or the "Enter" key on the PS/2 keyboard;
  5. Choose the slot you want to view login from either by rotating the encoder or by pressing the "←" (Leftwards Arrow) and "→" (Rightwards Arrow) keys on the PS/2 keyboard;
  6. Press either the "A" button or the "Enter" key on the PS/2 keyboard;
  7. Press either the "Tab" key on the PS/2 keyboard or the encoder button to print the record to the serial terminal.


*All credentials demonstrated here are entirely fictitious. Any similarity to actual credentials is purely coincidental.

Edit Login

IMG_20230121_151135.jpg
IMG_20230121_151138.jpg
IMG_20230121_151141.jpg
IMG_20230121_151144.jpg
IMG_20230121_151147.jpg
IMG_20230121_151225.jpg
IMG_20230121_151249.jpg

To edit a login:

  1. Select the "Logins" line in the main menu;
  2. Press either the "A" button or the "Enter" key on the PS/2 keyboard;
  3. Select the "Edit" line;
  4. Press either the "A" button or the "Enter" key on the PS/2 keyboard;
  5. Select the login you would like to edit either by rotating the encoder or by pressing the "←" (Leftwards Arrow) and "→" (Rightwards Arrow) keys on the PS/2 keyboard;
  6. Press either the "A" button or the "Enter" key on the PS/2 keyboard;
  7. Select the input source;
  8. Press either the "A" button or the "Enter" key on the PS/2 keyboard;
  9. Depending on the chosen input source, either enter the new password you'd like to set on the encoder and PS/2 keyboard or paste it to the Serial Terminal;
  10. Depending on the chosen input source, either quad-click the encoder button (or press "Enter") or press the "Send" button in the Serial Terminal.


*All credentials demonstrated here are entirely fictitious. Any similarity to actual credentials is purely coincidental.

Delete Login

IMG_20230121_151253.jpg
IMG_20230121_151257.jpg
IMG_20230121_151300.jpg
IMG_20230121_151309.jpg

To delete a login:

  1. Select the "Logins" line;
  2. Press either the "A" button or the "Enter" key on the PS/2 keyboard;
  3. Select the "Delete" line;
  4. Press either the "A" button or the "Enter" key on the PS/2 keyboard;
  5. Select the login you would like to delete either by rotating the encoder or by pressing the "←" (Leftwards Arrow) and "→" (Rightwards Arrow) keys on the PS/2 keyboard;
  6. Press either the "A" button or the "Enter" key on the PS/2 keyboard.


The process of working with records of other types is very similar to the process of working with logins.

Send Password to the Receiver

IMG_20230121_155027.jpg
IMG_20230121_155030.jpg
IMG_20230121_155034.jpg
IMG_20230121_155130.jpg
IMG_20230121_155136.jpg
IMG_20230121_155139.jpg
IMG_20230121_155529.jpg
IMG_20230121_155624.jpg

I'll be honest with you the receiver firmware didn't change since the Cipherbox V2.0.

To protect the receiver from the replay attack (ensure that the receiver won't correctly decrypt any package that is resent to it) - I've combined the key incrementation with the session key. The session key consists of 20 characters generated by the vault. The session key is valid until you either reboot ESP32 or power it off. After the key derivation process completes, both devices present you with the three verification numbers. These numbers must match on both the vault and the receiver! If these numbers don't match, I would advise you to reboot the ESP8266 and enter the session key again. If that won't work, open the firmware and check if the keys are the same.

To send the password to the receiver:

  • Select the "Other Options" line in the main menu;
  • Press either the "A" button or the "Enter" key on the PS/2 keyboard;
  • Select the "Send Password" line;
  • Press either the "A" button or the "Enter" key on the PS/2 keyboard;
  • Enter the key on the receiver's keypad;
  • Compare the verification numbers on both displays. They must be the same;
  • Press either the "A" button or the "Enter" key on the PS/2 keyboard;
  • Enter the password you'd like to send on the encoder and PS/2 keyboard;
  • Either press the "Enter" key on the PS/2 keyboard or quad-click the encoder button to send the password to the receiver.

The receiver also prints the received text to the Serial Terminal.

Find a Good Use for Midbar

IMG_20230121_153628.jpg
IMG_20230121_153414.jpg

The Midbar isn't perfect, and I don't think it will ever be.

Now, after I've told you about the merits of this version of the Midbar, let's get to the "poison in the wine." Although that version of Midbar is better than Midbar V2.5 and Midbar (Raspberry Pi Pico Version) concerning the way it handles the PS/2 keyboard and generates random numbers, the whole "Encryption Algorithms" submenu is basically useless (although you can still use the encryption algorithms to encrypt 20-30 characters without the integrity verification feature). But if you only need the vault capability and the secure communication channel, don't worry about it, these parts work fine because these parts of Midbar don't rely on reading the ciphertext via the Serial Terminal.


By the way, let me remind you that the Midbar project isn't there to give you a 100% guarantee for something. It's not about that, and it never was. It's about raising the cost of unauthorized access to your data as high as possible!

And if you want to make your own version of the Midbar or change something in it, please do so! Don't forget that there's always room for improvement, even if it seems that there's none.

That's it for this tutorial.

If you like this tutorial, please share it.

Thank you for reading this tutorial.