pjalocha
commented
6 years ago After rethinking I find this scheme is not really different from authenticating every Nth position packet. Nevertheless I would propose the following scheme:
In the packet header there is a 2-bit field, let's call it "Auth".
The interpretation is the following:
Auth=00 => no authentification (for this position packet)
Auth=01 => I will sign this position packet (or respond to this challenge - it is equivalent I believe) Here the packet becomes the challenge (or the data to sign) - this is 160bits in my packet format. I would add the 32-bit time which corresponds to this position and 64-bit of some other data (could be part of the secret key) to form 256bit challenge (or data to sign)
After this the drone transmitter has lot of time to compute the response (or signature). This could be a low priority task running in the background so it would be doable by any CPU. When the response (or signature) is computed the transmitter sends it out with:
Auth=10 => this packet is the first half of the response (signature): 128-bit of data follows Auth=11 => this packet is the second half of the response (signature): 128-bit of data follows.
The OGN reciever job would be to pick up and send to APRS the challenge (data to sign) when Auth=01 and record the two parts of the response (signature) when Auth=10 or 11. The OGN receivever needs not to know anything about the individual keys or anything about the authentication algorithm.
Authentication algorithm can be defined independently, possibly different algorithms can be used, the transmitter would signal which algorithm it uses in the information packets.
What happens when packets are lost ?
When Auth=01 is lost, too bad, we have to wait for another occasion. When either of the Auth=10 or 11 is lost, we can still compare half of the response. When both are lost: well, wait another occcasion.
This would work I believe with the fixed sized packets of 26 bytes like the current OGN or a similar size if we decide to modify it. I would suggest to modify the OGN a little and add 2byte to FEC code, so it becomes full 64-bit and less packets are lost.
acasadoalonso
snip
Just got an idea: why not use challenge-response authentication ?
As we conclude drones must both transmit and listen (for traffic awareness) we can make the response to challenges according to their stored secret keys.
You may ask: who would give the challenge ? Well, it could be the groundstation - it is not that difficult to attach say RFM69 to Raspberry PI (I did this !) or the drones them self !
Suppose drones transmit themself challenges say every minute and every drone who hears it is obligated to respond within certain time, say another minute). Every drone would give a different response, as it has a different key. These responses would be recorded and transmitted on APRS. Then the french autority server could verify who responds correctly and who only pretends...
This would give us several advantages:
The packet content would not be signed but the positions/speeds could be verified with MLAT technology.
It would be good to invent a scheme so that the challenges do not repeat or we can count on very low probabilities of such repetitions.
The challenge/response packet would be same size but different type from position packets thus we wouldn't need to enlarge the position packets by the signature. The challenge response could possibly be of 128-bit size, would this be enough ?
I think this is really attractive and would allow to resolve several issues we could not resolve this far: authentication with reasonable packet sizes and spotting of fake signals.