Hash Latch

by Northstrix in Circuits > Microcontrollers

799 Views, 4 Favorites, 0 Comments

Hash Latch

IMG_20230712_132846.jpg

Hash functions are used for lots of things. Like, verifying the data integrity, mining various cryptocurrencies, etc. I've found another application for them - serving as an integral part of the digital lock.

The hash latch generates keys in a manner similar to how some cryptocurrencies are mined. It takes a string and brute-forces a prefix for it so that the hash of the string with the prefix has a certain number of leading zeroes.

But that alone would've been too easy to hack.

To prevent an attacker from forging the keys by generating a new prefix: the hash latch doesn't output the keys in the plaintext. Instead, it encrypts the key and outputs the ciphertext. That means that instead of giving you the actual key, it gives you a safe containing the key. This approach allows the hash latch to protect itself from forged keys and also enables you to put the same key into multiple safes without the recipients of these safes knowing they have the same key (even if they compare their ciphertexts).

Moreover, the hash latch verifies the integrity of a key after decrypting it (just in case).

Supplies

IMG_20230712_141548.jpg
  • Teensy 4.1 x1
  • 4.7k resistors x4
  • 2.7k resistors x2
  • 1k resistors x2
  • 10k resistor x1
  • Push buttons x2
  • Green LED x1
  • Red LED x1
  • Servo motor x1
  • USB port x1
  • PS/2 port x1
  • Either a USB keyboard, PS/2 keyboard, or an emulator of any of them x1

3DES + AES + Blowfish + Serpent Encryption Algorithm in CBC Mode

FUTGC5YLJA0KZWC.png

Instead of developing a new encryption algorithm for every project or relying solely on plain AES or Serpent, I've decided to reuse the encryption algorithm from my previous projects. In other words, there's nothing new here. The "3DES + AES + Blowfish + Serpent" encryption algorithm in cipher block chaining mode has already been utilized by: Midbar V2.5Midbar (Raspberry Pi Pico Version)Midbar V3.0Midbar V4.0KhadashPay V2.0Midbar (Raspberry Pi Pico Version) V2.0KhadashPay V2.0 (Raspberry Pi Pico Version)Midbar V5.0Midbar (STM32F401CCU6 Version)KhadashPay V3.0 (STM32F401CCU6 Version)KhadashPay V3.0Midbar (STM32F401CCU6 + Arduino Uno Version)KhadashPay V3.5Black Swan V2.0, and Midbar (Teensy 4.1 Version).

If you're interested, refer to any of these tutorials for more information about the "3DES + AES + Blowfish + Serpent" encryption algorithm in cipher block chaining mode.

Integrity Verifictaion

Integrity verification.png

In very simple terms:

To ensure the integrity of the key (I denoted it as plaintext), the key is given to the HMAC-SHA256. The HMAC-SHA256 produces a tag that's passed to the encryption algorithm alongside the key. When the key is decrypted - the tag is also decrypted. The device then generates a new tag for the decrypted key and compares it to the original tag. If the tags do not match, the device notifies you about it by typing the "Failed to open the lock with the broken key" line.

To avoid confusion, in that specific context, I used the word key exclusively in reference to the key that opens the lock. I also didn't include the HMAC key and the keys utilized by the various parts of the encryption algorithm on the diagram.

Prepare the Software

You need to install the Arduino IDE and Teensyduino to flash Teensy 4.1.

For more information on that, please refer to: https://www.pjrc.com/teensy/td_download.html

Download Firmware

repository.png

You can download the Hash Latch firmware from either the SourceForge or the GitHub repository.

Download and Install the "PS2KeyAdvanced" Library

lb.png

Download the library here: https://github.com/techpaul/PS2KeyAdvanced

And then unpack the content of the archive into the folder: ...\Arduino\libraries\

Every other required library is already installed in one way or another.

Assemble the Device

Circuit Diagram.png

That shouldn't be hard. The hardest part of the process (in my opinion) is to map the PS/2 port and connect it the right way (assuming you would even connect it).

As for the possible component replacements: you can replace the resistors connected to buttons with 2.2k - 10k resistors.

According to the PJRC official websitethe digital pins of Teensy 4.1 are not 5V tolerant. Because of that, I would strongly advise you to double-check that you've assembled the circuit correctly.

Prepare EEPROM

prep_eeprom.png

You need to clear the board's EEPROM and write the vectors for key generation to it before you can use the latch.

To do so, upload the firmware from the "Teensy 4.1 Edition\V1.0\Prepare_EEPROM" folder into Teensy. You can move to the next step when the green LED lights up.

Generate Keys for the Firmware

keys.png

To make the unauthorized deciphering of the encrypted keys (that open the lock) computationally infeasible - It is crucial to generate your own encryption keys and never reuse them.

It's entirely up to you how to generate the keys. I can only offer you an option to do so.

I've modified one of my previous projects to work as a random number generator, the generated output seems "random enough" for me, but I haven't run any tests. So, I can't guarantee that it's random.

Use it at your own risk!

To generate the keys - launch gen.exe from the "Teensy 4.1 Edition\V1.0\Untested RNG" folder and click the "Generate keys for Hash Latch" button. The background turns from dark gray to light gray when you press that button.

Modify the Firmware

mod_keys.png

Open the "Firmware.ino" file from the "Teensy 4.1 Edition\V1.0\Firmware" folder, and then replace my keys with those you've generated.

You can also change the number of available slots for the blacklisted keys by modifying the

"#define NUMBER_OF_SLOTS_FOR_BLACKLIST 100" line.

The Teensy 4.1 should be able to store 427 blacklisted keys.

Flash Teensy 4.1

flash.png

Upload the firmware from the "Teensy 4.1 Edition\V1.0\Firmware" folder into the Teensy. Don't forget to set the value of the "USB Type" line to the "Serial + Keyboard + Mouse + Joystick."

Power Up the Device in the Service Mode

IMG_20230712_132916.jpg

Hold the "Mode" button and connect the Teensy 4.1 to your computer.

Both LEDs light up to indicate that the hash latch is in service mode.

Generate Keys for the Lock

gen_keys.png

To generate the keys for the lock: open the Serial Terminal, Enter "1" to the text field, and then press "Send" button.

The key generation process might take a while

Press the "Mode" button to stop the key generation process.

Even though this device can generate a lot of keys, the maximum number of available keys is limited.

After the device tries all of the 95^10 combinations, it will stop the key generation process and show you the "No more combinations to try!" message.

I left the device for five minutes and obtained these ciphertexts (encrypted keys).


350e931625016fa58ed6a5f3c62d95a4a4ad2c7493f29d6d91eec013d6e8d1c3455e37e2aae12e716b83d41443c32b0cfbeb5f56c901139803ab96d29343c7fb8ebba3d1f4165ec178a795464877ec2021dc1729ba405bd062c066e8977976de7bc1cf990dd1f98caaea170492ab04af82a153c32f553266ca2909eb4b22c40d56654e0e949b542b0b84ec1ea85bd242


09c3022f88e2b9ed1269fdc7f29b02631d8b63fadb4ef7b87597139b3a18a94067b87d6f9fe90155ab74e1964eb407045eef26578048d97a36e55a257fd8a04a40ca76ac8246e1385999617638d4637e43ed10a3c207091ba536b468a4a69b43b5bc6b98c490b92f1a0e46045b3bb242949600f274eac9e63336b75d6ee0a05c9c37fc523914fa491f8d346327282ef8


55496ae2762d6f75433230798453802a1dc41c7c593b0f97bf0e9309e069b1c94006090e4f05b3906e78258706723d5732cea64e691257d3a12952db7cbedd51b313b0c2464fa9c562ec75990c8f581165b4670a8f59630a7c4e1facda56922a818baae51cfa78283886996207d710bdda1113b5172d1fb5901cdf7c5d6a3c04af76760fd4f0fb79d273ba2dbea560af


79af79e221daf27941b57529a208b205ae7c5228a07130eff67a3cc32506ce4dba0cc329687488ca57f36f3be66666bbca1a61cef3047d742300cfa0010aec7498bcc50f0d82c74fda0d07e5e980a3495953a9fde5421d17c08c092d3133289b22b9478061fbcf5ac21000d642d5c968630324e56b5b13837d2353f0eb98d01943ae24088afdee41a914ed4c964b5bcd


I also decrypted them (for the demonstrational purposes only):

)YTR45XQHo6H73SlFy0803XQg72I2eVPU

Pg R45XQHo6H73SlFy0803XQg72I2eVPU

8C[!R45XQHo6H73SlFy0803XQg72I2eVPU

j3<#R45XQHo6H73SlFy0803XQg72I2eVPU


Hash any of them using the SHA512 hash function, and you get the hash with the five leading zeroes.

Blacklist a Key

bllist.png

Keeping in mind that not all users treat their keys responsibly, I've added the blacklist feature, allowing you to blacklist the key. The reason why I wrote that seemingly obvious statement - is because the hash latch blacklists the key itself, instead of blacklisting the safe with the key. That means that if you've put a single key in multiple safes and then added it to the blacklist, all safes with that particular key won't be able to unlock the lock (latch).

To blacklist a key: open the Serial Terminal, Enter "2" to the text field, press the "Send" button, paste the encrypted key that you want to blacklist to the text field, press the "Send" button, enter the number of the slot you'd like to put the key into to the text field, press the "Send" button.

Set Up the Software to Keep Logs

layout.png
word.png

Unlike its predecessor, the hash latch can act as a USB keyboard. That enables you to keep logs. To keep the logs, first and foremost, ensure that the keyboard layout is set to English (in case you have several of them). Then create an empty Word document, and click into the textbox area.

Power Up the Device in the Lock Mode

IMG_20230712_135905.jpg

To power up the device in the lock mode - put the power to the Teensy 4.1 without holding any buttons.

Open the Latch

ezgif-1-45e2646e3f.gif

That's the tricky part. The blunt way of doing it is to connect a USB or PS/2 keyboard to the device, press the "Backspace" button to clear the key buffer, enter the encrypted key on the keyboard, and then press the "Enter" button.

Find a Good Use for the Hash Latch

logs.png

I did my best to make the electronic part of the lock as secure as possible, but at the end of the day, the "security" of the lock depends not only on the electronic part but also on the mechanical lock to which the elctronic is attached.

It's also worth mentioning that Hash Latch's source code is distributed under the MIT license. That grants you the freedom to customize and modify it according to your preferences.

If you found this tutorial to be useful, please consider sharing it.

Thank you for reading this tutorial.