I want to encrypt an INI file using a Delphi program on a Windows PC.
Then I need to decrypt & access it in C on an embedded system with little RAM.
I will do that once & fetch all info; I will not be continuously accessing the INI file whenever my program needs data from the file.
Any advice as to which encryption to use? Nothing too heavyweight, just good enough for “Security through obscurity” and FOSS for both Delphi & C.
And how can I decrypt, get all the info from the INI file – using as little RAM as possible, and then free any allocated RAM?
[Update] I am currently using an Atmel UC3, although I am not sure if that will be the final case. It has 512kB flash & 128kB RAM. For an INI file, I am talking of max 8 sections, with a total of max 256 entries, each max 8 chars.
I chose INI (but am not married to it), because i have had major problems in the past when the format of a data file changes, no matter whether binary, or text.
For text, I prefer the free format of INI (on PC), but suppose I could switch to line_1=data_1, line_2=data_2 and accept that if I add new fields in future software releases they must come at the end, even if it is not pretty when read directly by humans.
I suppose if I choose a fixed format text file then I never need get more than one line into RAM at a time …
[Verdict] I will go with either TEA or AES (tbd). I will split the functionality into two parts: 1) decrypt into a plain text file, 2) parse that as an INI file and if I hit memory problems then change to a line_1=data_1, line_2=data_2 format.
Thanks for your help.
3
Have a look at TEA
( By “little RAM” I have assumed something like 1-10K in something like a PIC )
As for how to read the INI file Text based and especially INI is not the correct format to use for a resource (particularly memory) constrained embedded system. As you are using encryption, it’s not like you need to stick to some open, widely used human readable standard for the data storage.
The PC using to encrypt the files has (to all practical purposes) infinite resource and can preform infinitely complex processing in no time all all compared to the embedded system. Therefore you should offload as much work to the PC as possible, and minimize the work the embedded system has to do.
In your case, I would write a binary file in the format required by the embedded system (trivial in Delphi). Once the software was working, the encryption layer can be added and tested. If needed, this could be a separate application that takes an INI file in and outputs a binary representation for the embedded device.
If you must use an INI file, the easiest way is to read the entire file into memory, decrypting and processing the stream as you go. As you have not defined what kind of data and how much the ini will store – so it’s impossible to suggest an optimized strategy.
0
How about something like RC4/
ARCFOUR?
On the PC – encrypting should be trivial – pick a good key…
On the device read, decrypt, store in a tree…. assuming they can’t easily observe your memory.
4