Hacker News new | past | comments | ask | show | jobs | submit login

You might check out stuff like Amazon's web services (DynamoDB, etc.) for inspiration. They sign requests with a hash of the request data and private access key (and date, etc.) so the private key doesn't need to be sent in the request. The data is still visible if it's over non-SSL but it keeps the key from getting out.

Yeah no SSL support on Arduino-capable hardware is a bummer. I have been able to do Amazon's signature generation on an Arduino without too much trouble though (just need to run SHA256 hash algorithm a few times). I would definitely think about key revocation and renewal since folks will need it if someone steals their keys.

Signing might be doable like that but it all depends on the size of the data that you're pushing. if it's a long string of readings that might not be so easy since you might not be able to fit everything in memory still (These devices routinely have <4k of ram). Might be doable to go byte by byte as you build the message and output it. It's certainly a challenging problem.

Yep the libraries I've used can generate a hash byte by byte luckily without loading everything in memory. Here's an example of how I call Amazon services and generate a signature on an Arduino: https://github.com/tdicola/CloudThermometer

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact