Re: One-sided authentication for small micros?
From: Andrew Swallow (am.swallow_at_eatspam.btinternet.com)
Date: 10/15/03
- Next message: Marco Era: "Re: Newby simple question..."
- Previous message: Peter Fairbrother: "Re: "incrementing" ecb mode"
- In reply to: Paul Rubin: "Re: One-sided authentication for small micros?"
- Next in thread: Phil Carmody: "Re: One-sided authentication for small micros?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 15 Oct 2003 14:52:39 +0000 (UTC)
"Paul Rubin" <http://phr.cx@NOSPAM.invalid> wrote in message
news:7x4qybxfi1.fsf@ruckus.brouhaha.com...
[snip]
>
> I don't know what a CAN data link is (card area network?). Are you
> concerned about some attacker poking probes into contacts on a PC
> board? If yes, your random numbers etc. have to be generated on-chip.
> For example, a simple protocol could be to just have the slave encrypt
> a timestamp with a block cipher and let the master decrypt and check
> the timestamp, but if the attacker can manipulate the real time clock,
> then again, old authentication codes can be re-used.
>
> It might help if you say more about the circuit and the application.
CAN is a packet switching protocol used in environments
with levels of noise interference such as factories and
the engine compartments of motor vehicles. Some types
of microprocessor come with built in CAN hardware.
Putting money through a CAN link is quite unusual. Sounds
like there are two machines, one of which the general public
can get access to. Will there ever be 3 or more machines
on the network? For example a controller and say 2 coffee
machines. Are all the messages 1 to 1 or does the
controller send a single message to all machines?
Are you restricting the encryption to the payload? The header,
retransmissions and error corrections to be performed in
plain text?
Does the equipment have say RS232 ports that the
repair man can use to down load the new key variables
into the equipment? Sufficient battery backed ram to
hold 16 bytes? Or possibly 128 bytes?
A method of resynchronising the cryptos if one of
the machines is switches off will also be needed.
Andrew Swallow
- Next message: Marco Era: "Re: Newby simple question..."
- Previous message: Peter Fairbrother: "Re: "incrementing" ecb mode"
- In reply to: Paul Rubin: "Re: One-sided authentication for small micros?"
- Next in thread: Phil Carmody: "Re: One-sided authentication for small micros?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
