Topic: Where do we start?

One common theme that has come up as the idea of the ARETF has been discussed is needing some sort of authentication standard which fits ham radios unique requirements. Everybody wants to-do something built on the common Internet standards (including me), but we need some small tweaks. I hope the first ARETF group will tackle this problem, there has already been a lot of smart people working on it.

73,
Kenny, KU7M

73,
Kenny, KU7M

Re: Where do we start?

The HamWAN folks are probably leading the pack in this area...    I have a real need for it with a NW-MESH project.

Re: Where do we start?

I hope to get Cory, NQ1E involved.

73,
Kenny, KU7M

Re: Where do we start?

Here I am.  Sorry I'm late to the party wink

I'll start by clarifying some terms so we can further discuss these matters with the appropriate context.

When people refer to "secure" communication, they're typically implying these three distinct features:

  • Privacy - Preventing third parties from seeing what is being communicated.

  • Integrity - Assurance that the message received was from the sender and not tampered with in transit

  • Authentication - Assurance that the sender is who you expect them to be and not an impostor

When providing security for a system, you also need to consider:

  • Authorization - Determining if the identified sender is allowed to perform the action they are requesting.

In amateur radio, we want to be able to use all of the security features above except for privacy.  It's a common misconception in the US that FCC part 97 prevents the use of encryption and therefore most security features aren't available to us.  However, what part 97 actually prohibits is "messages encoded for the purpose of obscuring their meaning."  It's important to keep this distinction in mind when developing best practices and communicating them to users who may not understand the difference.

We should also try to avoid rat-holing any discussions with debate on whether privacy *should* be allowed as that isn't productive for our goals.  It's also likely what contributed to past failures on this subject.

Luckily, many technologies already support these features without privacy which means we don't need to start from scratch.  Unfortunately, privacy is the one thing most people think of when it comes to security.  Therefore, our use-cases don't tend to be well documented or understood.  That's what I hope we get a chance to fix.

-Cory
NQ1E

Re: Where do we start?

Hello Everyone,

I just reviewed the current APRS Auth doc at https://github.com/richark/aretf/blob/m … cation.txt and though an interesting idea, I disagree that a new standard like this should use the deprecated MD5 standard as it's foundation.  For example, here are other standards that are far more modern, secure (minimal to no hash collisions) and their sizes:

md5:    32 char - cab6dd5ee6d649ed1b24e807c877c0ae
sha1:   40 char - a3de42e9b563f3ccf100fa84f4f7c831e659320f
sha256: 64 char - 756a42474bc437f614caa09dbbc0808038d1a586d172894c113bb1c22b75d580

MD5 is obsolete and it was announced today that they have found weaknesses in SHA1 and they expect significant increases in hash collisions.  As such, SHA256 is considered the current secure hash for the security world but maybe that's too much for the amateur radio world.  Now, per http://www.tapr.org/pipermail/aprssig/2 … 40875.html , using a 67 character APRS message should be safe with more modern APRS implementations.   Since I doubt legacy systems would ever be updated to support this authentication scheme or "super ACK" mechanism, I would argue that we shouldn't worry about legacy systems and their much smaller APRS message size limitations.   The only real concern I would have is if computing say a SHA256 would be too expensive for small microcontroller CPUs, etc.  There are alternatives though which can be discussed in this thread:

   https://en.wikipedia.org/wiki/Secure_Hash_Algorithm

--David
KI6ZHD

Re: Where do we start?

David,

I totally agree with you on the use of MD5 or SHA1, we should be starting with something 'current'.  (and probably consider how we will handle things when SHA256 is no longer safe to use)

What do you suggest?

73,
Kenny, KU7M

73,
Kenny, KU7M

Re: Where do we start?

Hessu (of aprs.fi) did some work using LOTW issued certificates for a VPN into AMPRNet. http://wiki.ampr.org/wiki/AMPRNet_VPN
I am not even sure how that could be useful, at this point. A solution looking for a problem?

73,
Jim Alles
KB3TBX

Re: Where do we start?

more links, re: use of certificates

https://lotw.arrl.org/lotw-help/managin … tificates/

https://www.chaoswelle.de/HAM-PKI