ESP32 TOTP Device
an invention by abergmann
Updated 3 days ago. 3 hacker ♥️. 1 follower.

Description

breadboard

With the increasing use of Time-based One-Time Password (TOTP), I'm planing to create a small secure device that hooks into the system as an additional keyboard and enters the 6 numbers automatically in place. No picking up the phone and searching for the right value that is changing during number transfer.

I will use an ESP32-S3 with a 1.47 inch touch display and a ATECC608 Key Storage Module for the crypto part. The correct time is coming from a DS3231 real time clock.

ESP32-S3 Touch

ATECC608

DS3231

Goals

My goal is simple, I want to be able to login to a TOTP system more easily.

Resources

Demo

ESP32-S3 Touch

Lessons learned

It is always fun to work with an ESP32 and it amazes me how powerful and flexible the chip is. The resources that you can find on the internet are endless.

I had some issues with the ATECC608 crypto chip. At the end it wasn't really the chip suitable for the project and I decided to stick with the ESP32 security features to store the TOTP secrets directly.

At the current state I have a device that allows me to login to several TOTP secured services with just a tip of my finger. This simplifies a inconvenient task everyone of us has to do every day again and again.

So I'm quite happy with what I've achieved so far. I just need to dig into the ESP32 security features a bit more and make sure the TOTP secrets are stored safely.

Software repository

A snapshot of the current project can be found here: https://github.com/abergmann/esp32s3-touch-totp

Looking for hackers with the skills:

Nothing? Add some keywords!

This project is part of:

Hack Week 25

Activity

  • 3 days ago: cfconrad liked this project.
  • 6 days ago: abergmann liked this project.
  • 6 days ago: cahu liked this project.
  • 10 days ago: abergmann started this project.
  • 10 days ago: abergmann originated this project.


    • Comments

    • dirkmueller
      3 days ago by dirkmueller | Reply

      do you have a link to the software used for the TOTP?

      • abergmann
        3 days ago by abergmann | Reply

        Hi Dirk! The TOTP function can be found here. I'm using the mbedtls library for the HASH calculation.

    • lkocman
      3 days ago by lkocman | Reply

      Hello @abergmann https://hackweek.opensuse.org/25/projects/totp-deviceukas, can you please write a summary for what happened during Hackweek25? Thank you

    Similar Projects

    This project is one of its kind!