Member project: How not to give away haribos
If you weren’t at EMF Camp this year, then you missed one of the best weekends on the maker/hacker calendar. It’s not often you can get fibre-to-the-tent when camping.
I thought I’d tell you about a project that I took to EMF, you might have seen it if you were there. It didn’t go exactly to plan. The idea was fairly simple, a previous EMF badge was an arduino compatible board that could receive and transmit IR and so I decided to take a box that would unlock if you sent the right IR signals. I hoped that people would be able to use the badge to break into the box. Sadly there was no IR on this year’s badge. By the time I’d figured that out; it was too late. As a result, not many people were equipped to attempt to open the box. Nobody was able to get in to the box, but that’s not all that went wrong…
The box was laser cut from clear acrylic so that you could see the inner workings and the electronics and your potential prize. The prize, as the title of this blog post suggests, was a bag of haribo sweets.
The design of the box is fairly simple, there is a latch that prevents the lid sliding open, you just have to push the slider to the left and lift the latch out of the way and the lid will slide open. What makes it tricky is that there is a cam blocking the path of the slider, you have to persuade the servo motor to move the cam out of the way before the slider will slide.
A slight problem that I encountered was the speed of the transfer over IR and the relatively low reliability of the IR through the perspex that I accidentally made cloudy with superglue. It takes a while to open the box. The same hardware is used for the box and for the key. They each use an arduino pro-mini at 8MHz.
So how does it work?
First, the key sends a command to the box. There is a small set of commands that includes; setting the authentication type (or disabling authentication), pinging the box to test your authentication without unlocking, unlocking the box, forcing the box to unlock permanently, locking the box again after a permanent unlock, and some other commands. If the command needs authentication then the box will send a randomly generated challenge string to the key. In the default authentication mode, the key must then append the private key to the challenge string and then compute a Hashed Message Authentication Code (HMAC) and send that back to the box.
Nobody at EMF had to know all these details to get to the haribos. All of the code was on github and there was a link to it next to the box. I even put the mechanical design on github too. I didn’t provide the private key on github, part of the challenge was to figure out what that was, but that was fairly easy too. I left a small plastic key inside the box. Laser etched on this plastic key was the secret key text, and a misleading set of tabs and dots that looked important.
The biggest problem of all, however, was the sun. Besides making the weather beautiful for the whole of the EMF weekend, for which I am grateful, it melted the haribos in my accidental mini-greenhouse.
Lessons learned, perhaps I’ll try again at EMF 2018.