[aprssig] Authentication over APRS was: Ab)Use of APRS for telemetry? Anyone doing it?

[Scott Miller]

> On APRS it might look something like this:
>
> 1) User sends 'login' message to Server
> 2) Server responds to user with 'challenge' message
> 3) User uses the contents of the 'challenge' message to generate the OTP.
> 4) User sends OTP to server along with command(s) to run

A malicious user, upon hearing step 2, could then jam the server (e.g., with
a strong directional signal), intercept the command+OTP message, substitute
another command, and pass it along to the server when it stops the jamming.
It's even easier to do if the command signal has to go through a digipeater.
What you really want is a message authentication code that hashes the
content of the message as well, so that any change would be detectable.  TEA
in OMAC1 is the scheme I've been considering.  The MAC would need to be sent
in printable ASCII though - hex or a 6-bit format would work.

This still leaves you vulnerable to replay attacks, where someone just
copies a valid command sequence off the air and resends it later.  We used
to have this problem with a certain repeater user who'd copy DTMF command
tones and send them back later to see what they'd do.  The
challenge/response scheme is probably the easiest way to go, as long as
you've got a fairly reliable two-way link.  You could also have the target
device beacon its next expected sequence number, or other challenge
mechanism, with its regular data.  That way you'd already know what you need
to send, without querying the device.  A timestamp isn't really feasible,
because you can't really expect a remote telemetry device to have the exact
time, and certainly not with enough resolution to avoid man-in-the-middle
attacks.

This has been discussed a few times on the OpenTRAC spec list.  I think the
include-challenge-in-beacon, use-MAC-in-command-message system is the most
practical and has the least impact on the network, but I'm always open to
ideas.

Scott
N1VG