we want to have encrypted communication, as described in Messages Format but we want to be able to process unencrypted "management" messages (such as request to renegotiate encryption keys or some routing info). These unencrypted messages are validated in a different way (context based, signed, etc)
in multi-uav case, we want to be able to communicate with unencrypted nodes (for interoperability reasons).
In both cases, we need to somehow distinguish between encrypted and unencrypted messages (because the length and decoding is different).
Options
We have these option:
A. Different STX byte for plaintext and encrypted messages
Pros:
simple
no additional bytes
Cons:
increasing likelihood of incorrectly decoded messages
B. Adding a byte with crypto/plaintext flag
NOTE: this byte would still be authenticated so it cannot be tampered with!
Pros:
still simple
can flag different encryption methods (theoretically can support multiple encrypted links)
Cons:
additional overhead
not backwards compatible:-(
C. Using an existing byte
Note: not really an option, because only Pprzlink 2.0 has extra CLASS/COMPONENT byte, but if we use a bit from this byte then the whole byte would have to be unencrypted (perhaps revealing too much about the message).
Summary
I am in favor of solution A as it is backwards compatible and doesn't increase overhead. Thoughts? @gautierhattenberger @flixr
Use cases
In both cases, we need to somehow distinguish between encrypted and unencrypted messages (because the length and decoding is different).
Options
We have these option:
A. Different STX byte for plaintext and encrypted messages
Pros:
Cons:
B. Adding a byte with crypto/plaintext flag
NOTE: this byte would still be authenticated so it cannot be tampered with! Pros:
Cons:
C. Using an existing byte
Note: not really an option, because only Pprzlink 2.0 has extra CLASS/COMPONENT byte, but if we use a bit from this byte then the whole byte would have to be unencrypted (perhaps revealing too much about the message).
Summary
I am in favor of solution A as it is backwards compatible and doesn't increase overhead. Thoughts? @gautierhattenberger @flixr