Data Encryption Between ESP32 and Windows

Data Encryption Between ESP32 and Windows

The ESP32 microcontroller can send data over a network with other computers. To maintain the confidentiality of the data sent, it is necessary to encrypt the data sent. In this concise writing, a compatible data encryption library between ESP32 and Windows allows you to exchange data with encryption between the two.

An example of encrypting data with AES-128 can be followed in the following article:

The encryption in the example is very simple:

  • Using AES-128 with ECB mode (Electronic Codebook). As is known, the ECB’s fashion has a lot of weaknesses, so if you want more professionals we must use other modes such as CBC (Cipher Block Chaining).
  • Data size must be 16 bytes multiples. If the data size is more than 16 bytes, then the function must be invoked repeatedly, and if the data size is not a multiples of 16, it needs to be done padding to be a multiples of 16.

Next, how to make encrypted data in ESP32 readable in Windows? For that it needs to be installed the same/compatible libraries in Windows. For simplicity, in this example will be used the same library so as not to change the source code.

The Library used in the ESP32 is Mbed TLS ( The Mbed TLS Library is available in the form of source code, so it can also be compiled alone for other platforms. For Windows, there are already compiled libraries, so stay installed. The versions are available for the GNU-based compiler (Cygwin, MinGW) and Visual Studio.

The following example will be used IDE Netbeans 8.2 with Cygwin compiler. The latest NetBeans is version 11, but Netbeans is already support C/C++ new until version 8.2, so version 11 does not yet support C/C++ language.

Libraries need to be installed from Cygwin’s Setup program. Run the Cygwin (Setup-x86_64. exe) installation program, and then enter the packages selection menu. Select the View “Full”, and Search in “Mbedtls”. Select to install the MBEDTLS and Mbedtls-devel libraries.

Cygwin Mbed TLS Library
Cygwin Mbed TLS Library

The library name for Mbed TLS is libmbedcrypto. Next add the library in the project settings from Netbeans

Here’s how the library looks at Netbeans. The location of the library is in C:/Cygwin64/lib/libmbedcrypto. dll. A

Mbed TLS Library at Netbeans 8.2
Mbed TLS Library at Netbeans 8.2

After that, ported from the AES-128 program ESP32 to Netbeans. The results can be found at the following link:

The following source code is ported to the program:

* enkripsi data dengan AES-CBC
* modifikasi dari
* menggunakan library mbedtls dari cygwin
#include "mbedtls/aes.h"
#include "string.h"
#include "stdio.h"

void encrypt(char * plainText, char * key, unsigned char * outputBuffer) {

mbedtls_aes_context aes;

mbedtls_aes_setkey_enc(&aes, (const unsigned char*) key, strlen(key) * 8);
mbedtls_aes_crypt_ecb(&aes, MBEDTLS_AES_ENCRYPT, (const unsigned char*) plainText, outputBuffer);

void decrypt(unsigned char * chipherText, char * key, unsigned char * outputBuffer) {

mbedtls_aes_context aes;

mbedtls_aes_setkey_dec(&aes, (const unsigned char*) key, strlen(key) * 8);
mbedtls_aes_crypt_ecb(&aes, MBEDTLS_AES_DECRYPT, (const unsigned char*) chipherText, outputBuffer);

int main(void) {
char * key = "abcdefghijklmnop";

char *plainText = "Tech tutorials x";
unsigned char cipherTextOutput[16];
unsigned char decipheredTextOutput[16];

encrypt(plainText, key, cipherTextOutput);
decrypt(cipherTextOutput, key, decipheredTextOutput);

printf("Original plain text: %s\n", plainText);

printf("Ciphered text:\n");
for (int i = 0; i < 16; i++) {

char str[3];

sprintf(str, "%02x", (int) cipherTextOutput[i]);
printf("%s", str);

printf("\n\nDeciphered text:\n");
for (int i = 0; i < 16; i++) {
printf("%c", (char) decipheredTextOutput[i]);
//printf("%c", (char) decipheredTextOutput[i]);
return 0;

Changes made:

  • Move the setup () content on the Arduino to Main () in Netbeans
  • Add the file header stdio. h and String. h
  • Replace Serial. Print () with printf ()
Output in ESP32 ArduinoWindows Output 32
Configsip: 0, SPIWP: 0xEE
clk_drv: 0x00, q_drv: 0x00, d_drv: 0x00, cs0_drv: 0x00, hd_drv: 0x00, wp_drv:
0x00 mode: DIO, clock d
iv: 1 load: 0x3fff0018,
Len: 4 load: 0x3fff001c,
len: 928 ho 0 Tail 12
Room 4 load: 0x40078000, L
en: 8740 load: 0x40080400,
Len: 5788 entry 0x
4008069c Original Plain
text : Tech Tutor
ials x Ciphered
text: 567a3b23b683d8488d5d40d2a56e3
1d2 Deciphered tex
t: Tech tutorials X
Original Plain Text: Tech tutorials x
Ciphered text:
Deciphered text:
Tech tutorials x
RUN SUCCESSFUL (total time: 70ms)

From the results above, it appears that the ciphered text is identical, and both can do the decryption process. So it can be deduced both programs have the same function, so the encrypted data in ESP32 can be read on Windows and vice versa.

The next step is to add the data communication process using UDP/TCP in ESP32 and Windows, but it will be another post again.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.