Not sure what Thomas is on about. We know who the other station is, there may not be any repeater involved and usually the connection is direct. In some cases it could be on HF and may involve AX25 or Pactor. What the authorities worry about is the media snooping on the traffic.
I remember a case at Katoomba Police Station where my radio displayed 7500 on the dial, the frequency was 147.500, and the media had been in the control room to do some filming and we later found them out in the car park with a scanner looking for 7500 ! That is the sort of situation that needs to be protected. Whatever it is it needs to be very simple, as inevitably an emergency will occur that brings in stations that have never been involved previously. Barry VK2AAB Wicen Liason Hornsby Ku-Ring-Gai Emergency Management Committee Thomas wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > De-lurking. > > I'm not a HAM but I know a little about crypto. > > On 11/03/13 11:03, Bruce Perens wrote: >> Hi Folks, > [...] >> First, the network authentication problem can be solved without >> encryption and without any rule changes by using the >> zero-knowledge proof, which nobody involved seems to have >> understood. We thus need to explain this to ARRL and make sure that >> any proposals regarding authentication provide the zero-knowledge >> proof rather than encryption as their technical means. > > This HSMM: > https://en.wikipedia.org/wiki/High-speed_multimedia_radio#Security > > I assume the resource you're protecting are the repeaters which > forward messages. > > Zero-knowledge proofs are usually used within a secure session, i.e > establish a secure link with someone and then get them to prove > knowledge of a shared secret. The session is then authenticated. > > Setting up a secure session over wireless would require something like > TLS, i.e. lots of encryption i.e. unacceptable(?). > > Without a secure session the authentication must be packet-by-packet, > i.e. Digitally sign packets (or sets of packets) and verify these > signatures before forwarding the packets. > Repeater operators would need a way to verify certificates > ("encryption is easy, key management is hard"). > > HMAC ( https://en.wikipedia.org/wiki/HMAC ) would be less overhead > than digital signatures, but relies on a shared secret which might not > be permissible. Perhaps you could publish the shared key after the > conversation to appease the regulations, but then great care must be > taken to avoid additional attacks. > > > > Thomas > >> Thanks >> >> Bruce >> >> >> ------------------------------------------------------------------------------ >> >> > Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester >> Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in >> the endpoint security space. For insight on selecting the right >> partner to tackle endpoint security challenges, access the full >> report. http://p.sf.net/sfu/symantec-dev2dev >> >> >> >> _______________________________________________ Freetel-codec2 >> mailing list Freetel-codec2@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/freetel-codec2 >> > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQIcBAEBAgAGBQJRPVimAAoJEHqA0UHc+pSD/SUP+gPPxs/QLNWocg2+6tzb3RvR > 9dTO4C+Ak+iFOksCitGtoo4Gzj//p+fTPfTx8TJ9OkeeNjpiqeBUAnj9D++gG6Wl > XHXrH6Eh0wY1RFzyS4amr/96Izs6IrgVnHsShZzsFtHD+A2ycFPfTaVdaQQAPZWj > 1T08PrZuDR/Wd3AfrkYcZSnkUU4Nbk+pkjy1jfg/IaKJaQZaN59rn7No7JXqy1/R > /6PR2cqZPbKll8crYnGCPDlE3hxq0vKdGFkoDF4E7SAHyxjByDR/Rue0GnNYnifm > USEiF1famCB+p+/EnQGvUo+FJ1NI5MdsLZ8f28zJMy1d7E1X314TPAyeMzlM9YVU > PUV3DIYBKIw7anWfa2Ex8xHOY2qIjO1xOci0SGdCmAM88q8g1HcuIrquUBNYhdbr > BKULT6k3fhPJRvUuzJt8GjZ93R4gSobtuvLXGEV3EQn5FzLyEDcpiEMo1RDYhs8h > 1sLfR8BiZPBhtQmO/CJLWCp8o/ylz1Ub6MYYCTV/SqEtCcad6e/0yRG59jVTgegR > WRyDOfRVBjNAwi5DBIxzsHwZddiECveVDVHagpKGMHIh6jh7WL/AOiJO8yj5BYig > oDd9Tc5OEori2zaq+WU7T1Df6Fmyd5hVl3zt3ghFN0mcfbW5mMNweA9DIRbzr4gR > aiRSAOpdBpwxtNB/Gskm > =RU2Z > -----END PGP SIGNATURE----- > > ------------------------------------------------------------------------------ > Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester > Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the > endpoint security space. For insight on selecting the right partner to > tackle endpoint security challenges, access the full report. > http://p.sf.net/sfu/symantec-dev2dev > _______________________________________________ > Freetel-codec2 mailing list > Freetel-codec2@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/freetel-codec2 > ------------------------------------------------------------------------------ Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the endpoint security space. For insight on selecting the right partner to tackle endpoint security challenges, access the full report. http://p.sf.net/sfu/symantec-dev2dev _______________________________________________ Freetel-codec2 mailing list Freetel-codec2@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/freetel-codec2
