Daily Archive for December 22nd, 2011

scln: An Onion Router for Microcontrollers

Sadly, my final projects this year weren’t too successful, but I’m posting one of them anyways: scln. For 6.858, one of MIT’s two security classes, I decided to work on a hardware-based security project. Specifically, I was interested in how onion routing could be applied to mesh networks. Given the relatively small time window, I didn’t have a chance to work on some of the cooler problems of mesh networking, but I developed a sort of basic framework for my idea. Although the i2c started doing weird stuff, I’d like to continue the project at some point (maybe I’ll make a framework board so that I can plug in Atmega168s).

What if, in some futuristic world, you walked into a room that was filled with sensors and you used your phone (or whatever they have in the future) to interact with all those sensors. But, you don’t want other people to know what sensors you’re using and you don’t want malicious sensors to collect data about you. Onion routing would be a good solution to this problem. Just as Tor protects your anonymity by bouncing your network requests around a bunch of servers, wrapping them in a layer of encryption with each hop, I wanted something that would let me do the same for something like microcontrollers. So, I built scln (“scallion”), a demo framework for onion routing on Atmel AVR chips.

It’s kind of a stupid demo because the point of onion routing is that you shouldn’t be able to see every single node on the network. Right now, all of the nodes in my demo talk to each other over an i2c bus. But, once the firmware framework is done, it’s easy to switch the communication to wireless or something. The model of mesh networks is much more dense than the model that Tor expects, so there’s probably some interesting research about the probability of anonymity that lies there.

This might be cute to demo when I design a sensor network for my room. I’m looking into doing some interesting room automation (probably in the spring) that involves a lot of automatic gesture recognition to perform tasks.