[aprssig] Re: Authentication over APRS
KC2MMi
kc2mmi at verizon.net
Wed Dec 8 14:55:49 EST 2004
<Yeah, but if I'm going to build a system to be the APRS equivalent of an
X10
system, I'm going to do it in as safe a way as possible. For a DIY project,
probably not a big deal.>
Scott, that's already old hat on computers. "SecureID" is one vendor. You
get a key fob that displays a 6-digit number. Every two minutes the number
changes. Your computer (or LAN server, or Palm) runs software based on a
matching algorithm. So when it challenges you for your passcode, the numbers
from *your* fob will match, and match for two minutes only. The system is
smart enough to allow for drift and overlap of two minute increments. This
was standard for "reasonably high" terminal security a decade ago.
Yes, it means someone else can still copy & replay your codes--but only
within that short window. You could of could simply set your system to
accept a code, and then time out for two minutes, so no one else could enter
after you. No big deal.
More information about the aprssig
mailing list