OpenBeacon packets are encrypted using a private symmetric key using the XXTEA algorithm.
As the key is the same for every participant of the camp it must kept secret inside the firmware. This creates the need to protect the flash memory of the main micro controller from being read by an attacker. It will therefore be read protected.
The public firmware does not contain the secret key residing in your badge. If you compile your own firmware and flash it onto the controller you will loose this key. This has the following implications for you:
- If you choose to participate with the OpenBeacon tracking system everyone will be able to sniff and spoof your packets.
- If you have enabled the mesh functions you will have to trust public messages blindly.
The Vcard transfer is based on asymmetric cryptography using elliptic curve cryptography(ECC). We are using the ECC code published in Phrack Nr. 63(see http://www.phrack.org/issues.html?issue=63&id=3#article )
As every badge has its own pair of private/public key these keys can be read and changed by you. They reside as a pair of files on the file system. When you want to receive a VCard from another badge your public key will be broadcast. After you have confirmation that the other badge has received the correct key the VCard can be sent to you.
To encrypt an applet run:
r0ket/firmware$ ../tools/crypto/xxtea loadable/spaceinvaders.bin -e -o loadable/space.c0d -v -k 0012345600000000000000000023456700
Don't forget to change the key to the correct value.
To sign an applet run:
r0ket/firmware$ ../tools/crypto/xxtea loadable/blsign.bin -s -v -k 0012345600000000000000000023456700
Make sure the keys used for signing and encryption differ.
Encryption is optional, but we will require applets to be signed at camp when running a firmware with openbeacon keys.