jmg
/
lora-irrigation
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Implement a secure ICS protocol targeting LoRa Node151 microcontroller for controlling irrigation.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
111 Commits
4 Branches
18 MiB
 
 
 
 
 
 
Branch: irr_shared
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'irr_shared'
${ noResults }
lora-irrigation/PROTOCOL.md

2.9 KiB
Raw Permalink Blame History

Protocol

The responder will be the node under control (irrigation controller), and the initiator will be the server.

The responder will always respond with one and only one packet. That is, all timeout mechanisms will be handled by the initiator. If the initiator does not receive a response to it’s query, it will resend the request until it does. It is required that the responder be able to detect this, and resend the last response.

The respondent will cache message responses after the session has been confirmed, but before that, it is unneccessary, as there is no harm to reprocess the messages. The more complicated part is dealing w/ a missed confirmed reply, as the state will need to be back tracked (saved) to decode the repeated confirm request.

both sides: meta-AD(‘com.funkthat.lora.irrigation..v0.0.1’) key()

The following exchange is required by protocols that are not PFS safe, that is shared and ecdh (defined below). This is to prevent replay attacks and ensure that both sides have integrated random data into the protocol, AND that the connection reset was requested by the initiator. This is described in the second paragraph of § C.2 in the strobe paper.

initiator: send_enc(<16 bytes random data> + ‘reqreset’) # nonce injection send_mac(8)

respondent: send_enc(<16 bytes random data>) # nonce injection send_mac(8)

ratchet() # prevent backtracking

initiator: send_enc(‘confirm’) send_mac(8)

respondent: send_enc(‘confirmed’) send_mac(8)

It seems odd to respond to the confirm message, BUT, as using strobe requires explicit hand off (similar to a token), in order for the initiator to send any commands it needs to be “passed back”.

The new key/session does not become active till this point.

In order to handle a reset and prevent a replay attack, the existing session, if any is maintained till the completion of a reset request. Only after that, does the old connection key get removed. This does mean that after a reset request, it is required that both sides attempt to decode each packet w/ both keys.

Where type is to be: shared - shared secret: key = common set of bytes, should be min 16 bytes. ecdh - Results of an ECDH exchange, key = K || K_A || K_B ecdhe - Results of an ECDHE exchange, key = TBD

Once the session has been established, the initiator will send commands of the following format:

Currently the only defined type for args, is a 4 byte integer in little endian format. Additional types may be added later.

The following commands are defined: TERMINATE: 1 -- no args: terminate the session, reply confirms WAITFOR: 2 -- args: (length): waits for length seconds RUNFOR: 3 -- args: (chan, length): turns on chan for length seconds

When the responder receives a command, it will process it, and send back a response w/ the same command byte as an acknowledgment.

Note: look at: https://monocypher.org/manual/advanced/elligator when doing ECDHE