Encoding radio commands with MD5 ? Can Arduino code be decompiled ?

(deleted)

adrianTNT:
In order to avoid malicious radios interfering and sending false commands, I am thinking something like this:

[...]

The only vulnerability I see now would be if the Arduino source could be decompiled

What is the application you are trying to create that would be so valuable to a hacker that he (or she) would go to all the trouble even to interfere with your un-encrypted wireless commands?

And someone can't even begin to de-compile code until they get their hands on one of your Arduinos.

...R

(deleted)

The nRF24 is by nature fairly secure. To mimic your transmissions a person would need to figure out the channel (frequency) you are using and the address of the receiving device. There is a large number of possible addresses. It's certainly not impossible to figure those things out if someone could listen in on your transmissions for long enough - but why would anyone go to that much trouble.

The same goes for trying to figure out the C++ code from the HEX code that is uploaded to an Arduino.

If you were thinking of writing a program to act as the principal locking device for your house and if you had plenty of stuff worth stealing then your security questions would be relevant, and the simple answer would be use a traditional lock and key :slight_smile:

...R

PS ... it would be possible to write your Arduino programs so that the channel and/or the address could be changed on the fly - but you would need to be careful in case communication between parent and child was completely lost.

In re the key: derive the key from the data. do some math thing, multiply the command by the minute and AND that with with the "error_123". somewhat like a checksum. it will never be the same thing twice, and if someone intercepts the signal they will not be likely to determine the algorithm used without a supercomputer. playing the signal back will not work, because the time has changed

this would require time sync between the arduinos. either sync them with identical GPS units, or use NTP ( complicated )

The laws and rules that allow you to use the 433mHz segment force you to accept interference and allow for it. The interference could be other devices, hobby and commercial, that might use the same or close by frequency. Interference could also come from industrial use of the frequency. Or it could be from your neighbor amateur radio operator. Or it could come from government RADAR installations.

Paul

Paul_KD7HB:
The laws and rules that allow you to use the 433mHz segment

The nRF24 is a 2.4GHz device - I don’t know if that makes any difference to the legal position. It would be wise with every type of wireless system to expect non-malicious interference.

…R

Robin2:
The nRF24 is a 2.4GHz device - I don't know if that makes any difference to the legal position. It would be wise with every type of wireless system to expect non-malicious interference.

...R

OOPS!

Thanks, Robin. And the same thing applies to all the ISM frequency assignments.

Some of the WIFI frequencies fall inside amateur radio bands, so they may be used at 1500 watts power output with massive antennas, if someone so desired.

Paul