Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Access control mechanism for repeaters
#1
We have discussed it in the irc a bit but, it is nice to have it here. Open for everybody's comments.
-First, repeaters must have their own private key. Which is only known by repeater owner, maybe even less.(just repeater itself, if we find a secure way to distribute personal keys)
-Repeater owner or repeater itself should generate personal keys for each callsign using a hash function. ie. sha(callsign+repeater_key)
-Radio's should include this personal keys in their air data packets using another hash function. sha(data_itself+personal_key+session_id/date/time etc.)

Pros:
-Repaters do not have to keep userid/key pair. Just a banned list is enough.
-Users can be added without programming repeater.
-Callsign theft is prevented.
-When session id in the hash function is used, injection attacks are prevented.
-When time/date used, replay attacks are prevented.
-Further, repeater sourced session id will solve both problems.

Cons:
-Real time hash calculation for each packet is required.
-If some of users share their own key accidentally and insist on using exactly same callsign, repeater key must be changed. So, all users have to update their keys.

Reply
#2
Bruce Perens HT of the Future - New Design was using a A71CH chip for various security items, as suggested in this link  https://perens.com/2019/05/23/ht-of-the-...ew-design/ 

Carl
VE3APY
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)