How To Secure Your Arduino IoT Network With Raspberry Pi And Nginx #piday #raspberrypi @Raspberry_Pi
Secure your Arduino IoT network using Raspberry Pi and Nginx. via abarbanell.de
As a general rule, all API calls to your backend should always be encrypted with https (SSL/TLS), this applies for IOT scenarios just the same as for internet traffic in general. However, if you use cost-effective microcontrollers like Arduino or ESP8266, there is not enough computing horsepower to encrypt the traffic, or even enough memory to store the code for proper SSL/TLS handshake algorithms. So you loose out or you need to move to more expensive hardware.
This problem is listed as number 4 in the top 10 security vulnerabilities for IOT on the OWASP website, so I did not want to send the data from my home sensors unencrypted into the world.
Here I will describe a nice and elegant solution which solved this problem for me.
Each Friday is PiDay here at Adafruit! Be sure to check out our posts, tutorials and new Raspberry Pi related products. Adafruit has the largest and best selection of Raspberry Pi accessories and all the code & tutorials to get you up and running in no time!
Make a robot friend with Adafruit’s CRICKIT – A Creative Robotics & Interactive Construction Kit. It’s an add-on to our popular Circuit Playground Express, FEATHER and other platforms to make and program robots with CircuitPython, MakeCode, and Arduino. Start controlling motors, servos, solenoids. You also get signal pins, capacitive touch sensors, a NeoPixel driver and amplified speaker output. It complements & extends your boards so you can still use all the goodies on the microcontroller, now you have a robotics playground as well.