Jump to content




Securing computer-to-computer communication?


2 replies to this topic

#1 tycoonlover1359

  • Members
  • 9 posts

Posted 07 July 2018 - 06:35 AM

Is there any way of at least slightly securing communication between computers using the Rednet or Modem APIs, excluding using only wired modems to communicate between computers? (In short, is there a way of at least slightly securing wireless communication between computers?)

Spoiler


#2 Bomb Bloke

    Hobbyist Coder

  • Moderators
  • 7,099 posts
  • LocationTasmania (AU)

Posted 07 July 2018 - 07:15 AM

Encryption is generally the key - this is how we handle it with real-life wireless networks. Unfortunately, coding an effective encryption API is a bit beyond the novice coder, but there are a few already available that you can use. ChaCha20 for eg.

#3 InDieTasten

  • Members
  • 357 posts
  • LocationGermany

Posted 07 July 2018 - 07:21 AM

You only mentioned a requirement of tamper-proof communication. There's many different ways to go about things.

One way to prevent others from for example forging door-opening commands, you could share a private secret on all your computers and add a hashed signature including the secret:

ActualMessage: "abc"
Signature: "0e3bbd26f46012ccec4776d171f314a00c022d98"

Where the signature is the sha-1 of "abc" and the secret (in this case "xyz")
The receiver can use his secret key, also create the hash and check, whether the it matches the sent signature. This way, the receiver can verify, that the sender used the same secret key.
Note: The actual message is still visible to all listeners, so this communication does not meet a possible requirement of confidentiality.

To achieve both, you could use actual encryption, like AES. The principle is again to have a shared secret among your computers. All messages are encrypted and decrypted using the secret key.
This offers confidential and tamper-proof communication.

There are many different hash functions and encryption algorithms out there. The main restriction on what to use will be performance. Some hash function will be faster to execute than some encryption algorithms and vice-versa.


Also note, that with either of these techniques, your overlaying protocols still have to consider security as well. Something that came into my mind would be replay-attacks. An attacker could capture the encrypted door-open-command, and just send it again. To resolve this kind of issue, overlaying protocols should include expiration times in their messages, and/or a challenge scheme, which is kind of like the way remote car keys work.
1. Sender sends message to wanting to send a command with public token 1 ("def", random for each time)
2. Receiver will respond with public token 2 ("ghi", random for each time)
3. Sender sends actual command including both tokens
4. Receiver validates, that the token combination is in his working table, and removes the tokens from the valid combination list.

A replay of the message would be discarded by the receiver, because the token combination is no longer valid.

This makes a really simple program really complicated, so you need to consider whether to go for security or development speed. I'd go for the latter.
Maybe someone else knows other techniques, that are easier to implement.

Edited by InDieTasten, 07 July 2018 - 07:37 AM.






1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users