Secure use of remote control ?
-
Hi Raspberry Pi Community,
I would like to use radio remote's control to trigger an events on my Raspberry pi.
I guess I'll go with 433Mhz as I believe they are the most common available ?
So I will need a 433Mhz RX/TX Module to connect on the GPIO, so far I get it...
But how properly secure the communication between those remotes and the RPI to avoid any anyone to sniff the transmitting and replay it. In other words spoof it.
Wubba Lubba dub-dub...
wrote last edited by [email protected]You'd use one of the rolling code mechanisms like in a keyless entry system, garage door opener or a car key fob. Maybe symmetric or asymmetric cryptography instead or on top. Depends on the exact use-case. But you'd have to build the remote yourself, I don't think that's in the readily available consumer products.
If you want it less complicated, have a look at Bluetooth or ESP-NOW. Wifi and Bluetooth and other protocols have encryption handled for you.
-
Might be a good use for PGP. The signal can be snooped and spoofed, but the messages should be end-to-end encrypted.
Only problem with just using just pgp is that the signal would be vulnerable to a replay attack. I feel like a rolling code that's encrypted using PGP might be the way so that the replay attack part is gotten rid of.
All that's to say, there's probably some technical paper that details the best way to set up a system like this.
-
Only problem with just using just pgp is that the signal would be vulnerable to a replay attack. I feel like a rolling code that's encrypted using PGP might be the way so that the replay attack part is gotten rid of.
All that's to say, there's probably some technical paper that details the best way to set up a system like this.
Could it only accept serialized messages? Once it’s received a message, never accept the same exact message again.
-
Could it only accept serialized messages? Once it’s received a message, never accept the same exact message again.
Well then you'd have to keep track of all messages recieved. An easier option might just be to sign the current system time, make sure the clocks are synchronized, and accept a +/- 1 second wiggle
-
Well then you'd have to keep track of all messages recieved. An easier option might just be to sign the current system time, make sure the clocks are synchronized, and accept a +/- 1 second wiggle
Wouldn’t it just need to know which is the highest message number it has seen? And then don’t accept that one or any lower ever again?
If the count is within the encrypted message, no one can spoof anything higher.
-
Wouldn’t it just need to know which is the highest message number it has seen? And then don’t accept that one or any lower ever again?
If the count is within the encrypted message, no one can spoof anything higher.
Oh fair good point
-
Rolling codes may protect you from a replay attack, but if the attacker is more sophisticated and has worked out the algorithm, then they can send the commands and effectively lock you out.
Is Bluetooth no good? Lots of protection baked in already.
Is Bluetooth no good? Lots of protection baked in already.
Well, if you have a 2 way communication capability anyway, it's not particularly difficult to implement a key exchange, followed by data transmission using a temporary key, similar to HTTPS
-
Rolling codes may protect you from a replay attack, but if the attacker is more sophisticated and has worked out the algorithm, then they can send the commands and effectively lock you out.
Is Bluetooth no good? Lots of protection baked in already.
I'm open to all solutions
But it there some ready Bluetooth remote pilot existing ? -
Wouldn’t it just need to know which is the highest message number it has seen? And then don’t accept that one or any lower ever again?
If the count is within the encrypted message, no one can spoof anything higher.
I don't think this work's if you have multiple remote pilot tough...
-
You'd use one of the rolling code mechanisms like in a keyless entry system, garage door opener or a car key fob. Maybe symmetric or asymmetric cryptography instead or on top. Depends on the exact use-case. But you'd have to build the remote yourself, I don't think that's in the readily available consumer products.
If you want it less complicated, have a look at Bluetooth or ESP-NOW. Wifi and Bluetooth and other protocols have encryption handled for you.
Thanks hendrik
But you’d have to build the remote yourself
maybe in the future, but I don't have the time for it now...
\have a look at Bluetooth or ESP-NOW. Wifi and Bluetooth and other protocols have encryption handled for you.
So it their Bluetooth or WiFi remote pilot existing for that ?
-
I'm open to all solutions
But it there some ready Bluetooth remote pilot existing ?Not really read up on it yet, but can you do serial over Bluetooth? Quick Google gave me this: https://raspberry-projects.com/pi/pi-operating-systems/raspbian/bluetooth/serial-over-bluetooth
There may even be an android app that could help.
Suppose it depends on the scope of your project.Funnily enough I may have to do something with this tech myself later in the year.
-
I don't think this work's if you have multiple remote pilot tough...
Each remote could have an ID number it sends.
