[aprssig] Authentication over APRS was: Ab)Use of APRS for telemetry? Anyone doing it?
Robert Bruninga bruninga at usna.eduMon Dec 6 17:10:10 UTC 2004
- Previous message: [aprssig] (Ab)Use of APRS for telemetry? Anyone doing it?
- Next message: [aprssig] (Ab)Use of APRS for telemetry? Anyone doing it?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Good idea. Yes, have the "meaning" in public domain and only authenticate the "signature". I would think that that would be within the spirit of the FCC rule. I am sure the FCC would be all in favor of making it harder for LIDS to abuse amateur radio... by allowing for signed transmissions! >>> washer at trlp.com 12/6/04 10:43:06 AM >>> This brings up a question I've had for some time. As I recall, the FCC rules prevent amateurs from using "encryption" or anything that obscurs the meaning of a message. I don't recall the exact words. But what if I wanted to have a secure method for sending commands ( to non space based devices, as I seen to recall the FCC made an exception for satelite control)? Including a simple password in the message does nothing to prevent "replay attacks" (not good if you want to do something like open your garage door, or unlock something) One could certainly use a OTP (one time pad), but that clearly violates the FCC rule mentioned above. So, I was thinking the best method would be to send the command in plain text, thereby making the FCC happy. Including a date stamp to avoid replay attacks. And finally, attaching a hash of the message body encrypted with a PK (public key) tool. This way nothing is encrypted excecpt the "signature". I've not given this much thought as to the "size" of the key, and the complexity of PKE code for microcontrollers... Has anyone else thought about this? Any great ideas? - jim p.s. If you all think this is way over the top, you are likely correct.. but I worry a lot about encryption for networks, etc at my day job. On Mon, 6 Dec 2004 07:17:08 -0800 <scott at opentrac.org> wrote: > > I haven't seen the KPC-3+'s password-protected I/O feature. I'll have to > check that out. Though no TNC I've seen yet has had any kind of strong > authentication. > > Scott > N1VG > > _______________________________________________ aprssig mailing list aprssig at lists.tapr.org https://lists.tapr.org/cgi-bin/mailman/listinfo/aprssig
- Previous message: [aprssig] (Ab)Use of APRS for telemetry? Anyone doing it?
- Next message: [aprssig] (Ab)Use of APRS for telemetry? Anyone doing it?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the aprssig mailing list