GithubHelp home page GithubHelp logo

Tips for saving RAM? about arduinolibs HOT 7 OPEN

rweather avatar rweather commented on July 28, 2024
Tips for saving RAM?

from arduinolibs.

Comments (7)

rweather avatar rweather commented on July 28, 2024 1

XTS is very heavy - it needs two AES128 objects internally. That will use up to 400 bytes of RAM, which is nearly a quarter of all RAM on a Uno.

The random number generator RNG also consumes about 150 bytes even if you don't use it. So if you don't need that you could remove it from the library or comment it out.

I assume that you are using XTS to encrypt sectors on the SD card? It may be possible to rearrange the code to use only 1 BlockCipher object but keeping the key passed to XTSCommon::setKey() around and then setting each half of the key on the cipher during setTweak(), encryptSector(), and decryptSector(). But it would be slower to set up keys at the start of each sector encrypt/decrypt operation.

You may have to switch to an Arduino with more memory, sorry.

from arduinolibs.

rweather avatar rweather commented on July 28, 2024 1

Another thing you could try is to use the AESSmall128 version of AES instead of AES128. It is slower, but it uses a lot less RAM for the key schedule.

from arduinolibs.

RicardoPires19 avatar RicardoPires19 commented on July 28, 2024

Ok, I'll try to start by removing the RNG function, I think 150 bytes will be enough. But is the random() Arduino built-in function not secure?

from arduinolibs.

rweather avatar rweather commented on July 28, 2024

If you need a source of random numbers for your application, then random() is not secure enough and you'll need RNG. But if you are encrypting/decrypting the SD card contents with a fixed XTS key then you may not need RNG.

from arduinolibs.

RicardoPires19 avatar RicardoPires19 commented on July 28, 2024

Why isn't is secure? Because of the lack of randomness? Isn't the randomSeed() function good enough to compensate?

from arduinolibs.

rweather avatar rweather commented on July 28, 2024

System random number generators like random() in Arduino and rand() in C are never safe to use for cryptographic purposes.

The randomSeed() function takes an unsigned long, which is only 32 bits of entropy, even assuming that you have a good source to get entropy from. And the random() function uses a predictable algorithm for converting one seed value into the next.

Such random number generators are fine for controlling the random firing from a monster in a video game. But not for cryptography.

Here is some more information on system random number generators: https://crypto.stackexchange.com/questions/15662/how-vulnerable-is-the-c-rand-in-public-cryptography-protocols

from arduinolibs.

profdc9 avatar profdc9 commented on July 28, 2024

from arduinolibs.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.