You are here

Security

13 posts / 0 new
Last post
EA2EKH
EA2EKH's picture
Security

Greetings,

I know this is an amateur radio application, which means encryption is strictly forbidden except for the equivalent of "repeater control signals".

However, in a real disaster it would be really necessary to have some security in place. Otherwise this system might make it easy for miscreants to steal valuable supplies (food, meds, etc). I know it sounds a bit Mad Max-esque but anyway it should be taken into account.

Maybe this has been attempted before and it's been turned down, my apologies in that case. But, what about opening a consultation with national authorities to discuss the eventual usage of encryption strictly on a test basis?

We should define some fixed encryption keys, publicly known and shared with the relevant authorities so that we would make sure the system works, and a mechanism to change them to something "secure" if a real need arose. 

I know we can opt for a zero trust approach for the network, working on securing endpoints (clients and servers) instead, but it's not trivial either.


73
 

kc8ufv
kc8ufv's picture
Ignoring rules for a moment,
Ignoring FCC rules on encryption for a moment, there's still a major flaw with this idea. In the middle of an event, you should make as few changes as possible. From a network standpoint, changing encryption keys is the same as changing network name, channel, and/or bandwidth, in that it's going to take the node off the current network. If you miss a node, of don't have permission/passwords to change one, you may have broken the mesh, without a way to fix it promptly. This is especially true for unattended high profile nodes, such as installed at repeater sites.
EA2EKH
EA2EKH's picture
True. That's the reason why I
True. That's the reason why I suggested some "transparent encryption" mechanism with a easy switchover to a secure configuration. I think it's an idea that deserves some exploration.

Honestly, I doubt crooks would be so sophisticated and in such a situation there would be much easier to exploit weak points, but anyway better safe than sorry.
 
AA7AU
AA7AU's picture
Good point

Aside from the technical details here, moving out of the "low-hanging fruit" category, especially in the area of mission-critical comm, might be a good thing for WTSHTF and IMO deserves at least some discussion. We don't need to rush into something rashly but neither should we dismiss the discussion. Planning for emergencies is best done with an open mind.

Personally, I'd rather think "outside the box" than find myself laying down being measured for one.

- Don - AA7AU

K6CCC
K6CCC's picture
Encryption would be end to end.

Unless I'm missing something, encryption would be completely end to end.  The nodes (both at the end points for the particular traffic and any nodes in between) are just passing data.  They don't know or care if the data that is being passed is encrypted or not.  So changing encryption keys only would involve the computers at the two ends.  No changes would be required on the nodes themselves.  And yes, of course current FCC rules do not allow up hams to run encryption under part 97.
Yes, I understand that some nodes have added filters to block commonly used ports for encrypted traffic so that would potentially be an issue - I don't have details, just remember reading about it.
BTW, I run a P-25 public safety trunked radio system that has MANY encrypted talkgroups, so I have a little understanding how this works.
 

K9CQB
K9CQB's picture
We talk about this all the time, but never do anything.
EA2EKH,
Our group talks about this all the time, But we have yet to actually implement a plan or really even explore how to do this properly. If our AREDN network were to become the only gateway in our area for 'on net' resources or an email capability, we know 100% it would be overwhelmed by the 100s of 'hackers' that live in our area. Depending on the political situation, it may even be sabotaged so that nobody could use it. I am certain of this. I've been in other countries when 'bad things' have happened and it's the soft targets like this that get victimized first. I've seen this movie before. I'm hoping we can do something to harden AREDN against a bad actor - if even some access control based on authentication. I would recommend our network be run this way, with this protection all of the time, not just when something bad kicks off. Changing anything with the network could be disastrous, especially during times of emergency.  

-Damon K9CQB
 
kk4hpy
If you want some kind of

If you want some kind of hardened private network why not use a commercial product ?        

K9CQB
K9CQB's picture
I've been looking.
KK4HPY,
If you find a commercial product that goes out of band and has a great mesh capability, but has restricted access - yet still fits inside FCC's regulations for amateur radio, please let me know. I've been looking.
AREDN is the best thing we have going so far. I love it. I also love the AREDN community that we have. I've never found a more knowledgeable, capable, and helpful group of people in my life. I would just feel much more comfortable if there was better access control for using it and for especially reconfiguring it. Keep in mind, in my opinion, inside the AREDN ecosphere this is just a 'nice to have', not a 'must have now'.

-Damon K9CQB
EA2EKH
EA2EKH's picture
Which commercial product?

Which commercial product?

AREDN has many good points.

1) Extremely easy to set up.

2) Supports equipment from multiple manufacturers

3) No single country dependence. Mikrotik manufactures in Latvia for example.

4) Equipment is dirt cheap yet surprisingly good for the price. I remember atrocious experiences with Alvarion equipment costing thousands of euros.

The challenge is: Can we add at least some security keeping it easy to operate and install? If not encryption maybe just some authentication that woudl not collide with FCC rules. 
 

K5DLQ
K5DLQ's picture
There are all great points on

There are all great points on why the FCC should consider a rule change for data in the microwave bands IMHO.
Data is not your grandfather's spark-gap.  Technology and times have changed, but, the rules have not.

* The opinions are my own and not necessarily those of AREDN Inc, nor the Board of Directors.
 

K6AH
K6AH's picture
 +1 
yes +1 
w6bi
w6bi's picture
+1
+1
EA2EKH
EA2EKH's picture
I agree fully with the
I agree fully with the encryption ban. Amateur radio infrastructure lacks any privacy for a good reason. And accessing the Internet would be equivalent to commercial/private usage in my book.

But in case something Bad™ happens, well, some restrictions should be shelved. 
 

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer