On 3/16/19 8:14 PM, Keith Packard wrote:
> "David W. Schultz" <[email protected]> writes:
>> How do you prevent someone from recording a valid data packet and
>> resending it? The answers are probably in the code but I see multiple
>> versions of telelco with no idea which to look at.
>
> There's a timestamp in each packet to avoid repeated data, plus the two ends
> have synchronized clocks -- packets are only valid for a short time so a
> simple repeat of an existing packet will not be valid.
>
Good idea, bad implementation.
It took some searching but I found where ao_pad.c checked the time
stamp. Not for all packets though it does do the important ones.
time_difference = command.tick - ao_time();
Digging through the sources I see that command.tick and ao_time() have
tupe uint16_t. Not big enough.
The tick rate appears to be 100Hz so the counter repeats every 655 seconds.
Because of the short length of this time stamp, after recording a valid
packet I can wait until it will be valid again before sending it. About
11 minutes. By recording data I can build a library of valid packets and
the times they will be good. I can also sync a local copy of the system
tick counter so I know when they will be good.
Eventually I can do whatever I want almost whenever I want.
Now if the time were kept to 32 bits I would have to wait a lot longer.
But even with a 32 bit counter attacks are still possible, it just takes
more time. If the count always starts at zero, then I can still build a
library of packets and when they will be good. Usable the next time the
system restarts. Starting with a random count would help with that.
--
http://home.earthlink.net/~david.schultz
The cheaper the crook, the gaudier the patter. - Sam Spade
_______________________________________________
altusmetrum mailing list
[email protected]
http://lists.gag.com/mailman/listinfo/altusmetrum
