There’s a section of our community who concern themselves with the technological aspects of preparing for an uncertain future, and for them a significant proportion of effort goes in to communication. This has always included amateur radio, but in more recent years it has been extended to LoRa. To that end, [Bertrand Selva] has created a LoRa communicator, one which uses a Pi Pico, and delivers secure messaging.
The hardware is a rather-nice looking 3D printed case with a color screen and a USB A port for a keyboard, but perhaps the way it works is more interesting. It takes a one-time pad approach to encryption, using a key the same length as the message. This means that an intercepted message is in effect undecryptable without the key, but we are curious about the keys themselves.
They’re a generated list of keys stored on an SD card with a copy present in each terminal on a particular net of devices, and each key is time-specific to a GPS derived time. Old keys are destroyed, but we’re interested in how the keys are generated as well as how such a system could be made to survive the loss of one of those SD cards. We’re guessing that just as when a Cold War spy had his one-time pad captured, that would mean game over for the security.
So if Meshtastic isn’t quite the thing for you then it’s possible that this could be an alternative. As an aside we’re interested to note that it’s using a 433 MHz LoRa module, revealing the different frequency preferences that exist between enthusiasts in different countries.
Different frequency preferences may be due to legal requirements
868 MHz is EU
433 MHz is part of the old global ISM
915 MHz is USA
Part of why LORA on 433 MHz is sold is better wall penetration for smart meters
Be discovered performing non-standard emissions by guys doing ECM and then you’ll be priority target for drone-dropped gifts.
Btw. by ECM I also meant all sorts of ELINT.
You mean SIGINT
Oh boy, a free grenade!
So glad we had this discussion.
Efficient Corn Mastication
Embalming Collectible Mammals
Enticing Corruptible Minors
Exotic Cattle Markets
Existentially Cromulent Memes
Electronic Counter Measures
Fruitloops.
Mind you, there’s provision in JS8Call for preppers so they can make a nuisance of themselves on HF and all other bands too.
Encrypted communications are explicitly prohibited for my Ham license except for controlling satellites(!!). Unless this is well below power requirements or otherwise no license needed, this may be illegal. I haven’t messed with LORA yet. Some jurisdictions may or may not care.
Based on the creators website/youtube video, it looks like they are in France. I wouldn’t claim to even be moderately versed in EU Radio Law (or Bird Law), it looks like in 433 they are restricted to +10 dBm.
Judging from that video, it looks like the creator has it configured at +33. Whether it’s actually pushing that is another story entirely, I suspect.
I know meshtastic has really grown legs in EU, and they seem to favor 868 MHz (which EU allows amateur +27 dBm), so perhaps the choice to go with 433 was related to congestion, or just BOM cost/availability.
14 dBm and 10% duty cycle limit on 433.050–434.790 MHz in Finland for license-exempt use, not sure if EU-harmonized
Meant to add / ask:
Isn’t the encryption restriction limited to >30 dBm?
It would definitely be illegal in the US unless the encryption was turned off. You can’t transmit with any useful amount of power on 70cm without a ham license. The only exceptions to the power limit are for intermittent control signals such as keyfobs and periodic transmissions such as alarm or temperature sensors. Even then, the range is pretty short.
It would have to use 915MHz in the US. Up to 1 watt is allowed for spread spectrum transmissions without a license there. 2.4GHz can be used as well, but the range will be shorter.
An amateur license doesn’t forbid you from using any encryption at all anywhere. You are probably using encryption to access this site (https). You just can’t use encryption on amateur licensed equipment and frequencies.
This is a great! I’ve been working on a similar thing for quite a while. But where’s the design? Is this just a show off project that gives us nothing?
A few other things. The encryption is not unbreakable!
1. AES-256 may be secure but it is not unbreakable. Only pure OTP (one time pad) encryption is truely unbreakable, even with unlimited resources. Maybe there’s a special case where a message shorter than 256 bits is identical to OTP but I didn’t see any justification for that.
OTP is only perfectly secure if the keys are perfectly random. This is much more complicated than it sounds. Random number generators can have weaknesses just like encryption algorithms. It is even possible to sabotage the keys in a way that is mathematically impossible to detect. This is a real risk if you are generating the keys on a compromised computer!
You can not be sure that the files have been deleted from the SD card. The blocks you see when accessing the card are not the physical blocks. The SD card manages those transparently for wear leveling and error correction. It CAN AND WILL “delete” a block by simply pointing the address to a new, blank location. The data is still there. If the card is large and your usage is small it may not be overwritten for years. Getting this data may not even be hard. Big governments have full access to the SD card manufacturers and their internal software.
An additional attack which I did not see discussed is the know plaintext attack. This attack allows the modification of a message or portion thereof if that part is already know to the attacker. Additional protection is required for it, even if you have perfect encryption.
My take on this is that a device of this sort is “safety critical” just like a pacemaker or the avionics on an aircraft. Therefore the design must be created and audited with EXTREME care. I’ve been trying to do it for years and it is much harder than it initially seems.
Check out the 915 mhz North American version of LoRa – Meshtastic. Totally legit to use encryption. Here in Denver Colorado I see about 400+ nodes in use at any given time and the range is awesome as a result.
Relying on GPS time for “end of the world” communications seems dodgy
Agreed! Break out the compass and sextant!
Fun thought experiment to determine time of all electronics went out. I’ve been only moderately successful with sextant and Lunar Distance method, maaaaybe within 30 seconds of the “actual” GMT at very best and that’s getting really lucky probably. I think to get within seconds maybe a transit telescope?
It also works with a cheap DS3231 RTC if GPS is unavailable.
One way to get around the clock requirement is to send a sequence number with every message. Sending 42 at the start of the message is like saying, “Use key number 42 for this message.”
In case “world burns” don’t you want to have more open communication rather than secured. You would expect someone to hear you.
These guys into encryption are preppers and paranoid people, I suppose.
Who’re afraid of being spied on by goverment and such.
Or just fans of encryption because.. internet.
Funny that this is in France, though.
Amateur radio always was being open, it was the whole point.
Call signs with name and address used to be available in call books (phone books of amateur radio).
Hams knew (and hoped) that SWLs would listen to their conversation.
That’s how new hams had been introduced to the hobby/service.
They started out as unlicensed SWLs or CBers.
As a prepper myself there is utility in both open and encrypted systems; Open, for making unknown contacts, and encrypted for pre-shared team communications. I have both.
Agree 100%!
If I were designing a covert encrypted communication device, I’d make make the radio signature match a cordless electric drill with worn out brushes. Plenty of random crap that would make a wonderful one time key, and the bursts of noise would be what you would expect from a drill.
And boy howdy are some of those drills noisy.
Imitating a car with solid copper spark plug wires would be another option. There was a taxi fleet in NYC in the 80s that made am radio reception really difficult if you were near a heavily traveled street.
Covert and you want to create a noise pattern EMF that will randomly blast across half the spectrum?
Make triangulation as easy as possible lol