Order Tray | Contact Us | Home | SIG Lists

[aprssig] Authentication over APRS was: Ab)Use of APRS for telemetry? Anyone doing it?

Scott Miller scott at opentrac.org
Mon Dec 6 16:45:31 UTC 2004

> > One could certainly use a OTP (one time pad), but that clearly violates
> > the FCC rule mentioned above.
> Why?  OTP's were designed specifically for your purpose. When the traffic
> must be in the clear an OTP is a suitable security mechanism.

One time pad <> one time password!

A one time pad involves both parties having a big list of (identical) random
numbers.  For a computerized version, you'd usually do an exclusive-OR of
the character you're sending or receiving with the next value in the pad.
It's absolutely critical that you never reuse the pads, because it's very
easy to then recover BOTH messages.  Used properly, though, it's one of the
simplest, most secure cryptosystems you're going to find.  Key distribution
is a pain, though.

Yeah, the FCC would let you use one of these on a satellite command channel,
but once your bird is out of key material, you're out of luck!


More information about the aprssig mailing list