Go Down

Topic: Alarm system and radio transmission (Read 1 time) previous topic - next topic

wildbill

Quote
Just remember to stay away from published standards and methods.


If you're really serious about security, this should not apply to the encryption algorithm you use - you need something devised by a cryptographer and peer reviewed. It is a common conceit to suppose that you can devise your own secure encryption method, but it is highly unlikely that you can.

PeterH

Some ideas we've used to encrypt data within software that could carry over to your DIY wireless security scheme:

Encrypt your application messages, chop the encrypted messages and shuffle the parts among multiple wireless packets (which are then sorted and reassembled by the receiver).

Rotate your encryption keys at regular and fairly small intervals.

Include a predictable unique value in all messages, such as a recent challenge, or a timestamp.
I only provide help via the forum - please do not contact me for private consultancy.

karlok

Hello,

thank you very much for your answers!
@jroorda: This is an important question to ask. I think other factors should be regarded more than the encrypted wireless transmission that might be an overkill, as I understood the answers like. It has to be reliable always.
Maybe the thief is able to jam the transmission frequency, because he thinks that will avoid the base station getting  the "alarm"-signal, but in fact he just prevents my "OK"-signal to reach the base station and that will result Alarm before even getting in. This is also a problem because this is a false-positive, the alarm can be triggered without making physical damage. Do you think this is a problem for the system?
@djjoshuad:  I read your long answer with interest and I think I will concentrate of those 99% of burglars that are not electronically skilled. However, I think it is not able to get the key behind the rolling technique, Rolling code - Wikipedia, the free encyclopedia, RKE Analysis, a replay attack will fail because the "OK"-signal always changes.
@wildbill,PeterH: I am still not sure whether I should add encryption to the system or not, it also makes the system more fragile because it is not simply get-ok-signal or not get it, but also checking whether the decrypted counter is in a specific allowed range.
For me the wired solution would be a sophisticated one because the alarm station and the base station are in different floors and cable laying doesnt look that nice and is difficult to hide.
I am not only interested in the factor of wireless signal but also others like the alarm device (siren, strobe,...) For that I am planning to do the following:

If the cable is cut, the lightblue cable is also cut and that is recognized by the Arduino, but how to trigger the alarm then if you know you cannot trigger it?!
using Arduino Uno Rev 3

djjoshuad

#8
Jan 05, 2013, 09:23 pm Last Edit: Jan 05, 2013, 09:26 pm by djjoshuad Reason: 1

Quote
Just remember to stay away from published standards and methods.


If you're really serious about security, this should not apply to the encryption algorithm you use - you need something devised by a cryptographer and peer reviewed. It is a common conceit to suppose that you can devise your own secure encryption method, but it is highly unlikely that you can.

This is patently untrue.  This is just like telling us that all of our electronic circuits should be devised by electricians and our sketches should be devised by programmers.  Of /course/ people can devise their own encryption methods.  The only thing a "cryptographer" is going to do better is avoid the common pitfalls.  Is the resulting algorithm going to be as good as one coming from a seasoned pro? no... but it will be unique and unique beats good quite often in the security world.

If you're really serious about security, then reducing your attack surface should be a primary concern.  Avoiding standards reduces it immensely.

@karlok - a rolling code can be defeated fairly easily once you recognize that it is being used.  A replay attack just replays the last message and would of course fail.  Actually determining the rolling key algorithm will allow you to modify the next message and "play" it with the right key.

karlok


@karlok - a rolling code can be defeated fairly easily once you recognize that it is being used.  A replay attack just replays the last message and would of course fail.  Actually determining the rolling key algorithm will allow you to modify the next message and "play" it with the right key.

Hello, I still am not able to beleive that. How would you do so. For me a rolling code is an always changing code that is created by using a secret key and a message(message = counter in this case).

And I am also interested in the outdoor cable idea where I drew the picture.
using Arduino Uno Rev 3

Go Up