Security: Encoding a string from RF transmission

4ish

Hey guys,

I am trying to transmit a string from point A to B using the RF transmitter/receiver from parallax. The message sent from A is authenticated by B and an action takes place. My question is how can I encode this string and decode it on the other side so that any external devices listening cannot read the contents of the message and duplicate it to pose as device A. I could think of ways to do this had the communication been bidirectional, but since my communication is unidirectional, I cannot think of any algorithms.

Does anyone know a way of doing this? Either using software or hardware?

Thanks a lot, much appreciated.

Paul Baker

It depends on how secure of encryption you want. The basis for all encryption algorithms (that are even remotely secure) is pseudo-random numbers. When the transmitter and reciever have access to the same seed for an identical random number generator, they can communicate securely. The degree of security is based on the length of each random number (more bits of randomness = more secure) and how random each number is in a series of random numbers (IE how predictable is the randomness). There are some external chips that implement various encryption schemes but it can also be done in software, the most secure algorithms however will take up most if not all of the controller's program space.

▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
·1+1=10

Bean

I would try using a complicated checksum sent after the data. If the checksum is not right the receiver ignores the data.
Of course over time someone could figure out the checksum scheme.

Maybe you could have multiple checksum schemes and part of the message would be what scheme to use next. This would make it much harder to figure out. But you'll have to make sure to receive every transmission, or you'll be hosed.

Bean.

▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
"SX-Video·Module" Now available from Parallax for only $28.95

http://www.parallax.com/detail.asp?product_id=30012
Product web site: www.sxvm.com
Available now... SX-Video OSD module $59.95 www.sxvm.com

Those that would give up freedom for security will have neither.
·

Kevin Wood

How secure does the link need to be?

4ish

Thanks for the reply guys. The problem with the random number or checksum is that the transmitter has no idea if the receiver received the data. So there will be a synchornization problem which can cause the authentication to fail.

As to how secure it needs to be. Well it is pretty easy to have a 3rd party listening in on the communication. I need it to be secure enough so that if someone reads the information being transmitted and builds their own device to transmit the same information, it will not be authenticated. Basically I want the reader to be able to detect that not only the correct information is coming in, but also from the acceptable user.

Bean

Your biggest problem is that you don't have bidirectional communications. So there is no way for the receiver to challenge the sender. A single complecated checksum would work, but would be relativly easy to "break". Someone could send the same messages REALLY easy, but to send different data they would have to figure out the checksum scheme.

Bean.

▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
"SX-Video·Module" Now available from Parallax for only $28.95

http://www.parallax.com/detail.asp?product_id=30012
Product web site: www.sxvm.com
Available now... SX-Video OSD module $59.95 www.sxvm.com

Those that would give up freedom for security will have neither.


Post Edited (Bean (Hitt Consulting)) : 11/7/2005 10:15:14 PM GMT

4ish

yeah I agree, a bidirectional communication could solve the problem. I guess if anyone can think of any unidirectional method, let me know..

also do you guys know if the parallax rf antennas can work with these IC encoder/decoders? like connect from the stamp to an IC and then from the IC to the antenna?

Bean

Look into how those garage door openers with "rolling codes" work.
Bean.

▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
"SX-Video·Module" Now available from Parallax for only $28.95

http://www.parallax.com/detail.asp?product_id=30012
Product web site: www.sxvm.com
Available now... SX-Video OSD module $59.95 www.sxvm.com

Those that would give up freedom for security will have neither.
·

stamptrol

I have to admit I haven't looked at the RF transceivers, but if they would support the Stamp's ability transmit at an oddball baud rate (say 8500 baud) that would prevent the casual interception of your data.

The other thing you could do is have the receiver only respond if two strings were received at some predetermined interval which could be encoded in the strings themselves.

At some point, the cost of making your link bidirectional will look attractive!

pjv

Hi 4ish;

I recommend you do as Paul suggests, make a software PN sequence generator and use it as a scrambler. Prepend your desired message with some sync character(s) (unscrambled) and a 16 bit incrementing message serial number.

Write a sufficiently secure PN generator (should be less than 2 dozen lines of code); 10 bits will give 1024 states before repeat, whereas 16 bits will give 65536 states. Or you pick another length to get the security desired; 8 bits doesn't really cut it.

Prepend your data packet with the sync(s), then seamlessly transmit the packet serial number XORed with the scrambler's PN code, and append that seamlessly with the desired message also XORed with the scrambler code.

Anyone listening in will observe the fixed sync character(s), but wil have a REALLY hard time making any sense out of the data due to the scrambling.

The serial numbers help the receiver knowing if any data was lost, and also help with the synchronization process and continually altering the message content.

If you are really clever, you can alter the scrambler PN code sequence according to some other (PN also?) algorithm. The result I think would be REALLY hard to break, especially if the PN sequences are long.

This is a somewhat complicated sublect, but a lot of fun to work with.

Cheers,

Peter (pjv)

Post Edited (pjv) : 11/7/2005 11:14:16 PM GMT

Paul Baker

If you want to go the rolling code route, look into Microchip's KeeLoq series of chips. An example datasheet··for one of thier chips (HCS200) is here: http://rocky.digikey.com/WebLib/Microchip/Web%20Data/HCS200%20Series.pdf

As you can see from the wealth of different responses, there are many different ways of attacking this problem. Without knowing what your intended application is, only you can know how critical this criteria is, and therefore how secure of encryption you'll need.

▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
·1+1=10

Paul Baker

Peter, are you thinking of a specific random algorithm when refering to the < 24 lines of code algorithm, if so what's it's name?

▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
·1+1=10

pjv

Hi Paul;

No, it's a max sequence PN generator I wrote myself; pretty simple really.

I use it for generating PN sequences for Direct Sequence Spread Spectrum radios I'm designing (I hate the frequency hopping types).

Cheers,

Peter

Paul Baker

I haven't worked with DSSS, but from what I read it is definitely a more robust solution vs. FH solutions. I take it your MS-PN code is proprietary?

▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
·1+1=10

pjv

Hi Paul;

My feeling regarding proprietary nature is that I would care to be somewhat secretive, as the techniques I develop are for commercial gain. That said, I have no problems with others using them for non-commercial applications.

Most of the stuff I do is generally quite straight forward; if I can figure it out...... so can anyone else.

If you are interested in this subject for non-commercial applications, I'd be happy to share my knowlede with you; send me a PM, and I'll dig out the old code as well as give you the salient points.

Cheers,

Peter (pjv)

Paul Baker

I don't have an intended app needing randomness as of now, if the situation changes and it will be non-commercial, I'll contact you.

▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
·1+1=10

pjv

Hi Paul;

Because this subject has been brought up, I thought I would dig out my old code; it's even shorter than I remember.

A 4 tap maximal length 8 bit PN sequence can be generated in as few as 12 lines of code; a 16 bit in 13 lines; a 24 bit in 14 lines; and a 32 bit in 15 lines.

Those also represent the number of cycles executed per calculation; so at 50 MHz, and allowing for a little overhead, a PN (scrambling) sequence of some 2+ MHz could be generated.

Clearly, the PN sequences are selected to be the fastest (4 taps) to calculate (fewest feeback taps), and hence not all seeds can be accommodated with so little code; each additional feedback tap adds 2 instructions, still not bad.

Paul, from these hints I'm sure you can figure it out!

Cheers,

Peter (pjv)

Paul Baker

Ill have to go back and brush up on RN theory, but yes you gave enough detail for me to reconstruct your method, thanks.

▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
·1+1=10

bubblehead

One way to deal with the one way transmissions might be for the receiver to keep a list of the next five· random numbers (RNs).· If a transmission matches one of the five, then it is validated, and the·RN generator is advanced accordingly.· That is, if the transmission matches the third·RN in the list, then the list of RN's is updated with the next three RN's.· Up to four transmissions may be missed and the receiver can still stay in synch.· If missed transmissions are very likely, then use a longer list.··Make the list long enough·to get an acceptably low probability of losing synch.

Note that you don't actually have to keep the list of numbers, just save the RN seed.· Advance the PN generator and try to validate the transmission.· Repeat until validated or max number of tries is reached.· If there is no match, then reset the seed to the saved value.