So far the content of the messages has been sent as clear text which would not be acceptable for many applications. The requirement for data privacy causes a problem on the Netduino+ (Nov 2012) as the standard NetMF crypto libraries are not baked into the platform.
I then set about finding some crypto libraries which were NetMF friendly. RSA and Xtea are included in some of other NetMF platforms in the Microsoft.SPOT.Cryptography assembly so Xtea seemed like a reasonable choice to ensure interoperability.
When looking for crypto implementations one of the best sources is the Legion of the Bouncy Castle which was where I started. I downloaded the the V17.7 zip file had a look at the size of the Xtea code & all the associated support libraries and then parked that approach as I was worried about the size and performance of the resulting binaries.
I then looked at other possible tea, xtea & xxtea implementations (including porting the original C code to C#)
- The Tiny Encryption Algorithm for the compact framework
- TEA encryption made simple
- Tiny Encryption Algorithm
- Encryption Compatibility between the .Net Microframework and the full .Net Framework
- Tibiaapi open source API
- Expert .Net Micro Framework by Jens Kühner (Chapter 8)
I am not a cryptographer so I can’t personally confirm the quality and correctness of an implementation. So after having interop problems I went back to the Legion of the Bouncy Castle which has been peer reviewed by experts and had another look. To get an Xtea implementation working on a .NetMF platform like the Netduino+ you need to include the following files…
On the Azure side of things where size is not so critical I just added a reference to the Bouncy Castle main project.
Xtea requires 128 bit blocks so you need to pad out the data on the client, then trim off the padding on the server.
// Pad out the data to a multiple of 8 bytes with spaces
if (xPosition.Length % 8 != 0)
xPosition += new string(' ', 8 - xPosition.Length % 8);
The key and the data need to be converted to byte arrarys, the Xtea engine initialised and a buffer for storing the encrypted data created.
byte dataBytes = Encoding.UTF8.GetBytes(xPosition);
byte keyBytes = Encoding.UTF8.GetBytes(key);
xteaEngine.Init(true, new KeyParameter(keyBytes));
Then the data can be encrypted in 8 byte chunks
byte cryptoBytes = new byte[dataBytes.Length];
for (int i = 0; i < dataBytes.Length; i += 8)
xteaEngine.ProcessBlock(dataBytes, i, cryptoBytes, i);
I hex encoded the encrypted data for transmission. Downside to this was it doubled the size of the payload
string hexEncodedCryptoBytes = ByteArrayToHex(cryptoBytes);
I added a StopWatch so I could measure the time taken to encrypt the position data (roughly 72 chars) on my Netduino+
The size of the payload had grown a bit
Request - Bytes Sent: 262
POST http://gpstrackerhttpheaders.cloudapp.net/posV7.aspx HTTP/1.1
Response - Bytes Received: 132
HTTP/1.1 200 OK
Date: Sun, 03 Feb 2013 04:53:30 GMT
This increase in size had an impact on the time taken to send the message
The binary downloaded to the Netduino+ had grown to 28K which still left plenty of space for additional functionality.