Spy bot is a raspberry pi bot that uses its camera to take secret pictures, encrypt them using RSA encryption and upload it safely to a database/server. Today, security and surveillance have become very important. To take inspiration from world scenario we start off with a basic RSA encryption in this tutorial.
We use a raspberry pi and a camera to capture an image. Then we use the Crypto module in python to generate private and public keys for our RSA encryption. Using the public key with OAEP(Optimal Asymmetric Encryption Padding), we encrypt the image and upload it to a firebase server. We also code to retrieve the data and decrypt it with the private key.
Content
Deployment
The first and most important phase of the tutorial is the whole process of deployment. In this tutorial, we will concentrate on the software section and not on the hardware of the bot, since it lies completely at the discretion of the user. Deployment refers to capturing the image, encrypting it, and finally deploying it on a database for security. We will solely use python to code.
1. Raspberry Pi and OpenCV
Raspberry Pi is a small computer. It mostly uses Rasbian as its operating system but, as of today, it can support almost anything. From home automation to self-driving cars, it is used in almost every IoT project. OpenCV is an open-source software containing pre-built functions and algorithms used for implementing Image Processing and Computer Vision. The python library that we will be using is “cv2”, one of the most widely used libraries in python with over 18 million downloads.
We will use a raspberry pi with OpenCV to capture input images for our code, which then will be encrypted. To install OpenCV in your raspberry pi run:
pip install opencv-python
If the command fails you can refer to the following link: https://www.learnopencv.com/install-opencv-4-on-raspberry-pi/
After installing the library, import it.
import cv2
Now to capture an image, start recording a video. Then take individual frames and process them. They can be selected either randomly or by means of importance using object detection. In this tutorial, we will select them randomly as they are hardly a change between video frames.
video = cv2.VideoCapture(0)
capture = True
while capture:
check, frame = video.read()
# saving only 1 frame
cv2.imwrite("secret_image.jpg", frame)
capture = False
# shutdown the camera
video.release()
cv2.destroyAllWindows()
2. RSA Encryption
RSA (Rivest–Shamir–Adleman) is an asymmetric cryptographic encryption technique. The maths behind it is quite complex but if you want to go through it, click this link. To simplify things we will be generating two keys, private key, and public key. The public key is used to encrypt data while the other to decrypt. RSA is quite a secure encryption which will be done along with OEAP(Optimal Asymmetric Encryption Padding). The output is then converted to base64 format.
-Key Generation
The “Crypto” library in python is used to write all the cryptographic functions. Install it in your system to get started.
pip install Crypto
Import the library :
from Crypto.PublicKey import RSA
Create a new function that generates and returns the public and private keys.
def gen():
#e is the public RSA exponent which needs to be a minimum of 65537
new_key = RSA.generate(4096, e=65537)
# export both the keys in .pem format
private_key = new_key.exportKey("PEM")
public_key = new_key.publickey().exportKey("PEM")
fd = open("private_key.pem", "wb")
fd.write(private_key)
fd.close()
fd = open("public_key.pem", "wb")
fd.write(public_key)
fd.close()
- We generate RSA keys of 4096 bytes. The key size is directly related to the size of the data that must be compressed.
- PEM(Privacy Enhanced Mail) is an encoded file format usually used to store encryption keys.
print(private_key)
-Encryption
In encryption, we first compress the data, then encrypt it using the public key along with OAEP. Then take the encrypted data and save it in terms of base 64 formats. Before that, we will need to install other dependencies like “zlib”.
pip install zlib
Now, import all required libraries:
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_OAEP # OAEP encryption
import zlib # data compression
import base64 # data storage
Create a new function to which takes the image and public key as input and encrypts it.
def encrypt_blob(blob, public_key):
rsa_key = RSA.importKey(public_key)
rsa_key = PKCS1_OAEP.new(rsa_key)
#compress the data first
blob = zlib.compress(blob)
chunk_size = 470
offset = 0
end_loop = False
encrypted = b""
while not end_loop:
chunk = blob[offset:offset + chunk_size]
if len(chunk) % chunk_size != 0:
end_loop = True
chunk += b" " * (chunk_size - len(chunk))
encrypted += rsa_key.encrypt(chunk)
#Increase the offset by chunk size
offset += chunk_size
#Base 64 encode the encrypted file
return base64.b64encode(encrypted)
- Since the data cannot be encoded as a whole, it is taken in chunks.
- Line 19 adds blank spaces if the size of data is not a multiple of the chunk size.
- All the encrypted chunks are then concatenated into a single variable and stored as base64 format.
3. Firebase
Firebase is a web and mobile application development platform provided by Google. It provides various services like ML toolkit, cloud messaging, real-time database, and hosting platforms. We need a real-time database to store our encoded image as well as the private key. For learning purposes, we will simply create a public database and deploy it there. Anyone with the right URL can access that database and make changes to it.
We will go step-by-step from creating a database to deploying the files in it. There is also good tutorial as to easily deploy and retrieve data from firebase, you may refer it: https://www.youtube.com/watch?v=rKuGCQda_Qo
– Database
STEP-1: Open firebase and login with google id. On the first page, click “GET STARTED”.
STEP-2 : Select a suitable project name , and create a new project.
STEP-3: Create a new database, select test mode, and press done. Then change the type from cloud firestone to the real-time database. You should be able to see something like this:
STEP-4: Copy the project URL and code(i.e. box below URL) and keep it for later use.
STEP-5: Go to the rules of the database, make read and write True and publish it.
-Deployment
To deploy our files online to firebase we need to install the python library for it.
pip install firebase
Now we will create a new python file that takes the encoded image and private key as input and deploys them. Start by importing firebase to that file.
from firebase import firebase
Now create a function “dep” with input required inputs and return the result.
def dep(private_key, encrypted_blob):
firebase = firebase.FirebaseApplication("https://firebase_database_link.com/", None)
data ={
'key': str(private_key),
'image': str(encrypted_blob)
}
result = firebase.post('database_name', data)
return result
- We store the data in the form of a dictionary, and also need to store it in string format.
- Result returned is the name of the data. It has to be used if the data is to be accessed later.
Retrieval
The data stored in the firebase is safe. If a person has the URL, database name, data name then only can they access the data. Also, the security of the data can be enhanced through firebase itself. Now we will first retrieve it and then decrypt to see the output.
1. Firebase
Create a new python file and import firebase in it like before. Then create a new function that gets the encoded image and private key from the real-time database and returns it to the decrypt method.
from firebase import firebase
def retrive():
firebase = firebase.FirebaseApplication("https://firebase_database_link.com/", None)
data = firebase.get('database_name', 'name')
private_key = data['key']
encrypted_image = data['image']
return private_key, encrypted_image
2. RSA Decryption
The public key is one which may be accessible publically, but the private key is not. Only the owner can have access to the private key. The famous mailbox example clearly explains the significance of these keys. Anyone knowing the location of the mailbox can post letters but only the owner who has its keys can read them. Hopefully, this clarifies the reason for using two keys.
Now to decrypt the message we will first create a new python file and import all the same libraries we used in encrypt function. Then we will load the private key and decrypt the message chunk by chunk using it and finally display the decrypted image.
def decrypt_blob(encrypted_blob, private_key):
rsakey = RSA.importKey(private_key)
rsakey = PKCS1_OAEP.new(rsakey)
encrypted_blob = base64.b64decode(encrypted_blob)
chunk_size = 512
offset = 0
decrypted = b""
while(offset < len(encrypted_blob)):
chunk = encrypted_blob[offset:offset +chunk_size]
decrypted += rsakey.decrypt(chunk)
offset += chunk_size
return zlib.decompress(decrypted)
- The chunk size is 512 since we padded extra spaces while encoding
- The process of decryption simple, run the loop till chunk size adds up to that of the original image.
Output
RSA encryption is recommended since it is secure and there is no data loss. We can see and cross-check the output in two fronts, the encoded image and the decoded one
1. Encoded Image
The encoded image cannot be viewed by a normal image viewing software as it is encoded in base64 format and encrypted by RSA but if it is viewed using a text editor, you should be able to see a big combination of alphanumeric characters.
2. Decoded Image
The decoded image and the original image are equivalent, format included. Also, the image viewed seems to be no loss of data.
With this, we come to the end of the tutorial, hope you learned something about raspberry pi, OpenCV, encryption, and firebase. If any doubts or errors pop up comment below or go through their respective documentations. The entire working code and original directory of this project can be found in this GitHub repository: https://github.com/Shaashwat05/spy_bot
