Wazuh manager and Wazuh agent communicate with each other by encrypting every message with shared keys to protect sensitive system data collected by the agent.
https://groups.google.com/g/wazuh/c/mrv86AtO4IQ/m/kKri8oCCDAAJ
For my project and as a proof of concept, I am trying to test how Memory-based PUFs(Physical Unclonable Functions) might fare as an alternative solution. PUFs can be used to create Challenge-Response Pairs(CRPs), which I would like to use instead of shared keys to encrypt messages incrementally with different CRPs.
Any suggestions on how can I proceed with this? Don't want to simulate the entire wazuh environment, just the components required for a proof of concept.
Any leads on where can I start would be amazing, thanks!
Took a look at default crypto methods available under ossec.conf(aes, blowflish) and the code at https://github.com/wazuh/wazuh/blob/013bf64218540e965729547bcdb8426735d64cbb/src/os_crypto/aes/aes_op.c
Already have a process for CRP recording and enrolling them on wazuh-manager host.