Further to my last (hopefully this posting is visible amongst all the sporge).
The concern is that in my client's current product, RF communications with the RTU's are in plaintext visible to anyone with a capable receiver.
The Master Station is a hand-held device with a cell modem and a proprietary RF transceiver to connect with the RTU's. It does use a secure shell for Host messages. RF security has not been an issue because it's extremely unlikely for an evesdropper to be nearby (within 100 meters) with just the right snooping equipment when a technician happens to be there servicing an installation.
However, by its nature the objective of this project creates a greater security risk; it's to reduce the expense of personnel routinely patrolling the coverage areas; only emergency situations would need human intervention.
To achieve this the hand-held units are to be replaced with network-accessed Master Stations installed in fixed locations with difficult physical access. The RTU's cannot be protected so well however and an intruder could operate unobserved.
My client believes that the threat of RTU tampering is still low, but considering the liability issues wants some minimal security protection for the RF signals, at least for marketing purposes.
The worst threat scenario is that the attacker steals an RTU. The hardware designer will include some tamper detection, but we could only detect the theft, not prevent it.
Once in possession of the RTU, the intruder breaks into its enclosure, chips away the potting and extracts the transceiver, giving him access to the cyphertext of legitimate message traffic. He also has the RTU's main circuit board to experiment with faked messages.
After listening to enough traffic to break the security scheme, the worst case is that he causes unauthorized actuations, with serious results. This could be considered far-fetched, except that similar tampering with remote telemetry control has actually happened.
There are several factors in our favor, however. One is that actuations are rare. Most messages consist of a status poll and response and only a seriously dedicated saboteur would have the determination to maintain long enough surveillance to correlate an actuation command with the action.
I suppose no scheme within our reach would be effective against anyone with enough skills and intent. There are easier ways to wreck havoc, and there is much better monetary payoff for a thief to prowl around parking lots eavesdropping on Keeloq signals than to target our system.
I'm not sure what's worse, well-funded foreign terrorists, bored teenagers with enough technical savvy to be dangerous or some one in a million lunatic with an unshakable obsession (and a Ph.D in math).
So do we need encryption at all? My client is not comfortable sending the RF messages in the clear, but I'm not sure how to implement anything even approaching industry standard security on a tiny microcontroller without (for cost reasons) any supporting hardware such as code-hopping.
I suppose whatever I come up with will be more of a marketing feature than anything really effective and the Marketing Dept can conjure up for the customer some shadowy Boogey-man which only our state-of-the-art-secret-proprietary-not-subject-to-peer-review system can stop.
Comments invited; TIA, Sean_Q_ ps. For a small scale security model LFSR's could be sequenced by the main tick interrupt, 100 msec or so, but slightly different for each unit.
A 32-bit word with well chosen taps would ensure a reasonably long pseudo-random sequence and RF commands to initiate a session would arrive at asynchronous points in the sequence, providing some entropy for key exchange/authentication.
The public key could be the unit's serial number. The messaging model is mostly poll-and-response, unless the RTU detects a tamper, where it sends an immediate alert to the Master Station.
In operation, routine network commands resulting in RF sessions are fairly infrequent, making them harder to penetrate.