[aprssig] Part 3/3: Updating APRS Clients (Consumer Needs)

Scott Miller scott at opentrac.org
Tue Jan 15 12:46:27 EST 2008 

For use on commercial frequencies it's not hard to implement encryption. 
  Pick a different PID, encrypt with a shared key using XXTEA (secure 
and easy for small tracker to implement) on the transmit side, and 
decrypt anything with that PID on the receive side.

Key management is still an issue, especially if you need multiple 
systems with different keys on the same channel.  And the resulting 
system is arguably not "APRS".

I did come up with a useful hack for the T2 that could be used for 
crypto key material - you can get a 1-wire EEPROM in a TO92 package and 
crimp it directly into an RJ-11 plug and it'll fit in the accessory port 
on the front.  That's at least enough space for a 128-bit key, and 
possibly some other configuration data as well.

Scott
N1VG

Jason KG4WSV wrote:
> 
> 
> On Jan 15, 2008 10:49 AM, Steve Dimse <steve at dimse.com 
> <mailto:steve at dimse.com>> wrote:
> 
> 
>     I see a potentially insurmountable post-9/11 challenge, encryption.
>     The current paranoia makes it hard to convince anyone to send accurate
>     positions of critical assets over an open channel, all the worse that
>     the posits are made instantly available on the internet. Before
>     investing efforts in meeting the other challenges, how would this
>     potential deal-breaker be solved?
> 
> 
> APRS is entirely useful without the global APRS-IS.  It is trivial to 
> see the case where an APRS-IS is running in an intranet scenario, even 
> encrypted if so desired (although we wouldn't do that on ham 
> frequencies, of course).  For example, one can trivially create an 
> APRS-IS with xastir on a laptop with an ad-hoc wireless network; I have 
> done so in my truck on balloon chases.
> 
> More specific solutions would depend on the specific problem/scenario, 
> but I can see where security, obscurity, or openness could be applicable 
> in various scenarios.
> 
> The paranoia is indeed the part that would make the problem insurmountable.
> 
> -Jason
> kg4wsv
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> aprssig mailing list
> aprssig at lists.tapr.org
> https://lists.tapr.org/cgi-bin/mailman/listinfo/aprssig

More information about the aprssig mailing list