3

I'm trying to validate if an IoT device is authentic or it's a fraud. The problem is I only have 17 bytes to do that verification.

What if I let the IoT device sign the message with the private key and the client will check in a server if that message was signed with the correct private key like the RSA algorithm.

But the problem is that I don't think only 17 bytes is secure. I'm asking if you guys know some method/algorithm to do this verification with only 17 bytes max, thank you for all your help.

Maarten Bodewes
  • 96,351
  • 14
  • 169
  • 323
Rafael
  • 35
  • 3

2 Answers2

3

Generally you'd let the device establish a symmetric / secret key first, e.g. using ECDH and then use that secret key with a MAC algorithm to perform the message authentication. In that case 16 bytes / 128 bits is plenty.

For direct signatures, the BLS signature scheme is probably still the best out there, but for 128 bit level encryption - the lowest we commonly aim for - you'd still need a 384 bit signature.

Maarten Bodewes
  • 96,351
  • 14
  • 169
  • 323
3

I'm asking if you guys know some method/algorithme to do this verification with only 17bytes max

When you talk about public key algorithms with signatures that short, the number of options aren't great. You might be able to use a BLS signature with a specially constructed small pairing friendly curve; however the security wouldn't be that overwhelming (probably safe enough against hobbyists and random hackers; certainly not against large adversaries).

What sounds like a better approach is to use strictly symmetric crypto (a Message Authentication Code); both the client and the server would share a symmetric key; the client would (say) use it to produce a 17 byte HMAC of the message being sent; the server would validate that MAC. That does mean that the server can also generate valid messages - depending on how your system works, you might not care (and it is a lot more efficient than any public key algorithm).

poncho
  • 154,064
  • 12
  • 239
  • 382