You are reading a single comment by @ClearMemory041063 and its replies.
Click here to read the full conversation.
Espruino is a JavaScript interpreter for low-power Microcontrollers. This site is both a support community for Espruino and a place to share what you are working on.
@ClearMemory041063
AES is used in the hash function and the password functions. The Pico seems to do the AES without using the library. For the SHA functions the library has to be "required". If this is a problem please let me know.
The key exchange still needs to be implemented. I favor calling it the "Squirt" function after the "technical" term I heard when hanging out in a committee. A Diffie-Helman key exchange or AES? The method really depends on how many clients. One client and one server or many clients (one at a time likely) and one or more servers.
A transport layer needs to be added. TLS would add the information hiding of a stream cipher and if used with a digital certificate it would add authentication. Some reading on TLS says it can be made to authenticate both ends, although it commonly only authenticates the server.
The transport layer could also add permutations to swap bytes and bits around in the message.
It's harder search for a key given known plaintext and cipher text if the bits have been repositioned. (Get out your solar powered calculator and ask it to do 128 factorial and watch the Sun dim.)
As for using the SHA algorithms, one must consider the results of a Google search such as SHA256 decrypt
For example:
https://md5hashing.net/hash/sha256