Hardware Licensing - Proof of Concept using an ESP32 Board

TL;DR:

• This project uses HTTPS and SSL/TLS protocols within the constraints of ESP32 for secure data transmission
• The Project also implemented a rudimentary web interface to interact with the ESP32 Board
• The Git Repo can be found here: https://github.com/kemicar/LicenseSpring-PoC

Introduction

This project aims to enhance IoT security and software license management by integrating LicenseSpring's API with ESP32 boards, leveraging HTTPS and SSL/TLS for secure data transmission. I developed this as part of my student onboarding experience, it focuses on establishing a robust mechanism for activating and verifying software licenses remotely on ESP32 devices. The core of the project is written in C++, adhering to Arduino's programming structure, and features a user-friendly web interface for easy interaction.

What does this project accomplish?

• License Validation: It securely connects to LicenseSpring's API to activate or deactivate software licenses remotely, ensuring only authorized use of the software on the board.
• Secure Communication: Utilizes HTTPS and SSL/TLS encryption to safeguard data transmission between the ESP32 board and LicenseSpring's license server.
• User Interface: Offers a web interface for users to upload SSL certificates and submit LicenseSpring keys for software license activation.

What is the ESP32 Board

The ESP32 is a versatile, low-power system on a chip (SoC) series with integrated Wi-Fi and dual-mode Bluetooth, making it ideal for smart IoT applications. It's widely used in home automation, wearable electronics, and IoT projects due to its balance between performance and power consumption.

Applications and Constraints

While the ESP32 boasts ample processing power and connectivity options, it operates under constraints typical of microcontroller units (MCUs), such as limited memory and storage capacity. These limitations challenge efficient software design, particularly for applications requiring secure communication and data encryption.

Challenges and Learnings

• Cryptographic Signing: A critical aspect was to securely sign API requests. Identifying and integrating a library capable of handling cryptographic functions like HMAC-SHA256 on the ESP32 required thorough research and testing.
• User Interface Design: Developing a user-friendly web interface that could run efficiently on the ESP32, allowing users to manage SSL certificates and activate licenses without external assistance.

Technical Specifications and Limitations

The average ESP32 board features include a dual-core processor, Bluetooth and Wi-Fi capabilities, and various GPIO pins for connecting peripherals. However, its limited RAM and flash memory size pose challenges for running complex applications, especially those requiring secure data storage and encryption algorithms.

Conclusion

This project not only served as a practical introduction to IoT security and license management but also highlighted the importance of overcoming hardware constraints through efficient coding practices. The experience gained from addressing these challenges has been invaluable, offering deep insights into both the potential and limitations of IoT devices like the ESP32.

Additional Resources:

I found this tutorial helpful: (#232 How to secure our devices using SSL (ESP8266, ESP32, Tutorial)).