I have a system that needs to send and receive data over an insecure channel. I want to keep this simple (it’s running on an embedded platform, not a PC), and I don’t mind if an attacker can read the data. What I want to prevent is an attacker intercepting the data and modifying it.

The platform has built-in functions for hashing (MD5, SHA1, etc), but not encryption, so what I thought I’d do is simply hash the data concatenated with some secret data to ensure that it was generated by my system and not an attacker. For example:

dataToSend = dataString + sha1(dataString + secretString)

The data string is sent in plaintext, followed by the hash. The secret part means that an attacker can’t modify the data without invalidating the hash, unless they somehow discover the secret, which is built into the program and never sent over the channel. I’m aware that this scheme is susceptible to replay attacks; that’s not a problem for this particular application.

My question is: if the secret is built into the app and never changes, is there a way someone could work out what it is, if they had a large collection of intercepted data strings and hashes? The executable the secret will be embedded in is itself encrypted by the platform, so there’s no chance of discovering the secret with a hex editor.

Secondly, does it matter how long the secret is? The data string will typically be 8 bytes. If I have a much longer secret (e.g. 1024 bytes), to try to make it unguessable, then most of the input to the hash algorithm will never change. Does this make it less secure somehow?

Thanks!