Encryption in 3DR radios?

Replies

Shyam Balasubramanian August 31, 2017 at 9:14am

Interesting discussion! Makes me wonder 4 years post the last comment, what has been the conclusion in terms of encryption on low-cost radios? Do we already have it, or yet pondering on a genius idea to make it happen, coz even Google is unable to answer this query to me.
Andre K. January 12, 2015 at 12:30pm

how to hijack a drone over telemetry , and prevent it;

http://madhacker.org/?p=13
- Foxzilla > Andre K. February 6, 2015 at 9:29am
  
  Good read. Personally I will be moving to cellular based radios as soon as I have enough experience and time. When the first documented easy to use device to do exactly what's described in the article comes up, I hope that will highlight this issue enough so that encryption can be developed. Also I realise that many might not see this as an issue at all, since there are no known incidents yet (AFAIK - and I sort of agree), but it just doesn't feel right to be this vulnerable with multi thousand dollar equipment.
Marek October 3, 2013 at 8:46am

Hi,

I am working on new communication module (telemetry + RC control) compatible to 3DRadio dedicated to APM.

More info here

CPU is STM32F103 with enough computing power and memory to implement encryption.

If anyone is interesting in cooperate - please PM or e-mail me: marekm(at)hot(dot)pl

Marek
Andre K. August 12, 2013 at 2:03pm

Why is the post by Michael Zietlow deleated ?

And does anyone take the huge security flaw/lack seriously ?
Developer

Michael Smith January 30, 2013 at 12:05pm

There seems to be some confusion here.

Encryption, correctly implemented, prevents someone from comprehending the contents of the messages being sent.

Authentication, correctly implemented, allows the recipient to trust that the sender actually sent the message that was received.

It is common to mix the two; after an initial exchange that establishes authenticity, knowledge of the encryption key by the sender is treated as authentication by the recipient. However, this glosses over the initial exchange, and it also omits any protection against replay of a previously-authentic message (or suppression of authentic messages) by an attacker.

The 3DR radios don't have the computational resources to implement a sufficiently secure link; they are basically tapped out with their current functionality. Building a secure link is going to require a new (and more expensive) hardware platform.
Jake Stew January 29, 2013 at 1:31am

Kind of surprised the radios are still unencrypted?!?

The AES-256 code and examples are available for the chip, it would be trivial to implement it.

Even without rfcat or some fancy spectrum analyzer someone can still simply scan through the 256 ID codes and gain control of your plane? There's probably an even easier method if you want to poke around in the code a bit.

With the HopeRF RFM22BP module available it won't cost someone more than $20-30 to spam out 1W from a high gain antenna and snatch up people's planes.

Where are you guys located at BTW? I offer free security checks in exchange for a plane or quad, LOL!
Stefan Gofferje January 12, 2013 at 6:41am

Can we please use a separate topic for encryption of video links? This is about the 3DR-radios. Thanks!
Stefan Gofferje January 10, 2013 at 10:00am

Some stuff to read...

http://rf.harris.com/media/Acropolis_tcm26-9013.pdf

http://www.altera.com/products/ip/ampp/dcrypt/dcrypt.html

http://www.maximintegrated.com/datasheet/index.mvp/id/6479?utm_expi...
Andre K. January 10, 2013 at 8:50am

there is no denying, we need encryption.

It would take a lot to prove that a bad situation was *not* caused by the pilot, who, after all - is responsible.

of 2

Discussions

Encryption in 3DR radios?

Replies

Activity