0xmihir / cryptum Goto Github PK

Encrypted file storage powered by the Tillitis TKey

License: Apache License 2.0

JavaScript 0.38% HTML 0.18% Svelte 12.87% TypeScript 13.66% Makefile 0.99% C 62.38% C++ 9.15% Assembly 0.32% Dockerfile 0.07%

cryptum's Introduction

👋 Hi, I’m Mihir Patil!

I'm a Sophomore at Purdue University majoring in Computer Science.

Interests

Aerospace / Embedded Systems/ Machine Learning / XR

Member of the avionics subteam at Purdue Space Program Liquids

Alum of @edgemontrobotics

Projects

Made a multiplayer version of Wordle, Wordle Together, which was played over 1 million times

Built a Self-Driving Car with the DepthAI OAK-D camera and Tensorflow

Making computer science education more accessible at Pondr

Research

2021

Pandey, R., Chen, Y., Patil, M., Conway, P. J., Al-Khinji, A., & Mahadevan, D. (2021). Over-expression of CEACAM6 negatively modulates the tumor microenvironment in pancreatic cancer. Cancer Research, 81(13_Supplement), 3156.

cryptum's People

Contributors

Stargazers

Watchers

cryptum's Issues

Possible performance improvement: Encrypt larger messages at a time

It seems from firmware/main.c:

crypto_lock(mac, rsp + 1, (const uint8_t *)local_cdi, nonce, (const uint8_t *)cmd + 1, MESSAGE_SIZE);

where MESSAGE_SIZE is:

#define MESSAGE_SIZE 126 - MAC_SIZE - NONCE_SIZE

that you only encrypt 86 bytes at a time. I think it would be much faster if you did like the TKey signer does and allocate a lot more memory somewhere (say 64 kiB), fill it with a message to encrypt and then do the encryption over the entire 64 kB at a time instead of doing it frame by frame.

Since you seem to have copied the TKey signer code, look at how APP_CMD_SET_SIZE and APP_CMD_SIGN_DATA fills a chunk of memory (sign_message, hardcoded max 4 kiB), and uses that entire chunk of data to sign. You can do the same thing and maybe up the 4 k to 64 k or something.

Improvement: Use Blake2 in get_random

Hi!

As one of the Tillitis developers, I love to see this project.

A possible small improvement I would like to suggest is to use Blake2 when generating random numbers. The TRNG generates quite good random data (at least I as the developer of the TRNG core think so). But it is recommended to not use the TRNG data directly in an application, but instead as seed to a CSPRNG / DRBG. The reason for this is that if the TRNG starts having bias (possibly due to an attack), is not working correctly, this will affect the output directly. By using a good hash to scramble and compress the TRNG data, you are guaranteed much more uniform randomness with high quality.

You use the random data as nonce for the ChaCha20 based AEAD, and for this algorithm a good nonce is important. In the RNG stream app I use blake2s to generate random numbers by extracting words from the TRNG, and then hash them together:

https://github.com/tillitis/tillitis-key1-apps/blob/main/apps/rng_stream/main.c

(Pardon my ugly C code.)

The downside of this change is that you will need to read out more TRNG data, and perform Blake2 hashing. This will make the get_random function slower. You have the Blake2b function as part of Monocypher, so the code will not increase very much.

Just at suggestion.

0xmihir / cryptum Goto Github PK

cryptum's Introduction

👋 Hi, I’m Mihir Patil!

Interests

Projects

Research

2021

cryptum's People

Contributors

Stargazers

Watchers

cryptum's Issues

Possible performance improvement: Encrypt larger messages at a time

Improvement: Use Blake2 in get_random

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent