In my new challenge-project my server once upon a time is broadcasting an "onion" made of three layers encrypted with AES128 (ECB) - 16 bytes long over WiFi.
I am using a WiFi Beacon Frame, to transfer the Onion over the air.
The "Onion" looks more or less like the picture below
Each layer is encrypted with a different key.
The keys to each layer are known only to the server and devices which are to decrypt them. Keys are made of the MAC address for simplicity.
- The first layer is always a random 16b long string i.e "Hello World",
encrypted with device 1 key
- The second layer is the first layer encrypted with device 2 key
- The third layer is the second layer encrypted with device 3 key
In order to decrypt the onion properly, the first broadcasted layer is 3, as we're decrypting backward.
Once the "Onion" is constructed, the server does broadcasts layer 3 over the WiFi Beacon Frame, and anyone who can listen to it can try to decrypt the data but only selected devices can decrypt it properly, as the layers are encrypted with their keys.
When each of them decrypts the layer it :
- lets the server know over TCP/IP the hash of the decrypted value (confirmation)
- takes down the 'layer'
- broadcasts the rest of the onion back over the WiFi (Constructs a beacon frame).
Once all the layers are decrypted, the job is done.
The problem is that the devices have no option to confirm whether the decryption (key used) is good or not once decrypted, thus causing a lot of unnecessary traffic to the server with incorrect hashes (due to wrong decryption).
Question
What should be done to allow devices to validate if the decrypted data is valid (thus the key is correct)?
Side note:
The ECB was used due to the simplicity of implementation, devices taking part in the decryption process are low-power sensors and had this cipher ready to use 'straight out of the box'.