Surely, you’d want it the other way around? If the key in the access generator is public, then anyone can generate access.
EDIT: As for a one-time pad, I don’t think that would be a good idea, at least directly. That would mean that a single-character error in the string entered would result in a single-character error in the command executed, and something that differs from a valid command by a single character might well also be a valid command (but, of course, one that you don’t want to execute). Plus, of course, a random input string would result in a random command being executed, and while most random commands will be syntax errors, some won’t be. Unless you just use the one-time pad for the password, and then once access is validated, then allow the user to enter their command.
It’s true that anyone with the access generator program could generate an access code, but that’s also the case if you use a single key to generate a hash.
Using a private-public key pair prevents the embedded key from becoming known, and makes the encryption/decryption process more complex and more difficult to duplicate than just a hash.
But nobody needs to duplicate the embedded device, and it doesn’t matter if anyone can do so. And people can only generate the hashes if they have the single key, not just the generator program.
Wrong, wrong, and wrong. CRC-32 is embedded in the command per my proposal. As for a mistyped command, validate it on command creation.
Public-Private key is a massive amount of work unless you can just download a library to do it. If the OP has to do it full custom, OTP is just about the simplest encryption algorithm and it’s not breakable.
Ah, I missed the part where you mentioned the checksum. Yeah, that’d do it, and would probably be a good idea in any event. Mistyping a command would still be a nuisance, since it’d probably mean that you’d have to get a new valid command from the source, but it wouldn’t be catastrophic.
If people can tamper with the device, it doesn’t really matter what you do. If not, then they should not be able to extract a secret key from it. If the program must be audited in advance but the examiners should not see the key (which cannot be loaded later), then you pretty much have to use the technique of public keys; that’s what it is for.
