• C

encryption algorithm

I am looking for a low memory encryption algorithm to put on a 16 bit motorola processor. I am going to be downloading code to the processor and I want the bootloader to de-encrypt the code before saving it to the rom. I need an algorithm that will not take that much space. (assuming pgp is way too big). I appreciate any suggestions.

-Mike
mjhnationalAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Kent OlsenDBACommented:

How secure do you need the object to be?  Is "nuisance" encryption (where the program obviously can't be executed "as is" and the code can be cracked in a few hours) sufficient?

Kent
mjhnationalAuthor Commented:
We are actually trying to protect the code being downloaded. So it is very important that the encryption is difficult to break.

Thanks
-Mike
Kent OlsenDBACommented:
Hi mjhnational,

Here's a small encryption/decryption algorithm that will mangle a buffer on the first pass, unmangle it on the second.  It's not super secure and can be broken fairly easily, but it's very small and fast and will certainly cut down on the encrypted program being run "accidentally".  :)


#define MAXKEYS 21

static unsigned char Keylist[MAXKEYS] = {0xC2, 0x5D, 0x11, 0x1A, 0xE0, ....};

DecodeBuffer (char *Buffer, int Length)
{
  int idx;

  for (idx = 0; idx < Length; ++idx)
    Buffer[idx] ^= Keylist[idx % MAXKEYS];
}



Good Luck,
Kent
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

Kent OlsenDBACommented:
Hi mjhnational,

Have you looked into TEA (Tiny Encryption Algorithm)?  There are quite a few web sites about it.  Google search on "TEA encryption" and you'll get a lot more quality links than I can post.


Kent

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
DexstarCommented:
@mjhnational:

>  I appreciate any suggestions.

I suggest RC4.  It is cryptographically secure, but it is symmetric, so you'll have to store the key safely.  It is much more light weight than the algorithm used by PGP.

Here is the complete source:
http://www.cr0.net:8040/code/crypto/rc4/

Hope That Helps,
Dex*
sunnycoderCommented:
>I am looking for a low memory encryption algorithm to put on a 16 bit motorola processor
>We are actually trying to protect the code being downloaded. So it is very important that the encryption is difficult to break.
I guess that since you are working with an embedded system and 16 bit processor, you have limited processing capability.
However what matters more is the acceptable time limit for decryption ... It is well know fact that longer the key, longer it takes to break it... but are you willing to go in for 256 (or even 128) bit encryption on your platform?

Any of the well known algorithms (RSA, triple DSA) should do the trick for you... they are hard to break

If you cannot afford that much processing delay, you can go in for some lighter algorithm such as TEA but the tradeoff remains.

May be you can look at something like... negotiating symmetric key with the downloading node (after authentication and checking licensing) using asymmetric key cryptography... this negotiation will give you a symmetric key ... you can encrypt your code with the symmetric key at the server (on the fly) and send it to receiver who will then download and decrypt it...

Since you will be using symmetric key only once, it should be safe enough .. also, I feel that you can program the downloading part yourself on your platform ... so you can take usula precautions for security at that end too
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
C

From novice to tech pro — start learning today.