Slashdot Mirror
How to Protect Radio Signals Over Short Distances?
anth_007 asks: "I'm a software developer seeking to delve into the hardware world. I am trying to create a prototype for a new product that would broadcast signals over a very short range (100s of meters). The important part is that only authorized users (ie. no hackers) would be able to broadcast signals. Well, a more accurate description would be that anyone could broadcast (it's just a radio transmitter after all), but receivers would be able to differentiate between authorized signals and those which are not. I've been looking to find information on Satellite Radio (XM, Sirius, etc) and how they protect their signals, but I haven't had much success. I realize that I'm talking about two different problems here (I want to stop unauthorized people from broadcasting, satellite radio is trying to stop unauthorized people from receiving), but I need to start somewhere. Any ideas? How do the big boys protect their signals? Is there any readily available technology out there that would allow me to accomplish this?"
Use shielded signal guides. You can even get ones that work up to optical frequencies these days!
I've had this sig for three days.
You could use some sort of signature (GPG, PGP, your own, whatever) to see if the broadcaster is authorized.
Tinfoil........lots of tinfoil.
Beauty is in the eye of the beerholder.
but public/private key encryption would do exactly what you're looking to do.
The Answer
If you buy a license to broadcast over specific wavelengths, the Feds will happily track down unauthorized broadcasters, arrest and possibly even fine & imprison them.
If you are using some unlicensed spectrum like the 2.4GHz band, you have no recourse. Any unlicenced radio communication is required to not interfere with other people's use of the spectrum, and accept any interference without recourse.
Conformity is the jailer of freedom and enemy of growth. -JFK
128-bit encryption
Transmitting signals into the air leave it open to anyone within line of site of the transmitter to receive the energy and do what ever they want to with it....
There are antennas with very narrow beamwidths, but new DSP radio receivers can really pull signals out of the mud
With the right despreading key, you get signals.
Otherwise, you get noise.
...laura
Radio waves are radio waves. Once your frequency, modulation system, etc. are documented, anyone can fake your radio waves.
It's far easier to secure the higher layers (in the OSI sense) -- the data you're sending over the radio waves.
Authenticating this is pretty trivial, from a crypto standpoint. The simplest approach is to encrypt your data with a shared key; more robust approaches might include signing unencrypted data with a private/public keypair, etc. This would also introduce some noise resistance, since you could tell if the data's been corrupted by checking the signature. (Though for non-malicious interference, you're probably better off using a redundancy check of some sort.)
Good luck!
IIRC
Since Sirius et.al are digital broadcasts, they can encrypt their signals to whatever encoding they'ed care to use. No?
This is a very vague and probably not all that interesting idea, but would it be possible to set it up so it's not all that practical without a repeater? If so, then you'd have a central place to moderate the signals. That sort of make sense?
"Derp de derp."
... trying to make radio not transmittable is like trying to make water not wet. (ripped off from jwz i think, and transformed to fit your question)
the only way to actually attempt to control who transmits on what bandwidth would probably require some sort of licensing from the FCC. that way you have some sort of legal recourse if someone does decide to walk on your airwaves.
there are lots of techies out there who know how to build transmitters and recievers that can send and recieve at any frequency they want, so trying to put a technical barrier to the actual airwaves won't get you anywhere, as you mentioned.
an elegant solution would consist of some sort of stream verification, so that you can verify the sender of a signal via fingerprint, encryption, hidden messages, etc. Something that you control and that is difficult to reverse engineer would allow you to differentiate your signals from someone else's.
I think XM and Sirius encrypt their streams, or at least apply some sort of proprietary DRM to their streams to keep idle listeners from tuning in. They also use a fully digital stream, so encryption is pretty easy. And if I remember, they use an odd frequency that must be licensed from the FCC to use. The combination of those things seems to work great for them, a quick search on satellite radio hacking revealed almost nothing useful.
There is no practical way to provide secure RF transmissions. However, there are many many ways to protect the data carried on those transmissions. What you're interested in is public-key cryptography as it applies to message signing. It works like ths:
1. Send block of data
2. compute fingerprint ("hash") of the transmitted data
3. encrypt that fingerprint with the transmitter's private key
4. transmit that
on the receiving end, you do this:
1. receive data
2. receive encrypted hash
3. compute hash of received data
4. decrypt received hash using sender's public key and compare to actual hash of data
This process is called signing, and is used in many many places. The use you've most likely encountered is to verify the identity of online stores. (the store's encryption certificate is signed by the trusted certificate authority that issued it. Your browser has all the authorities' public keys built into it, and uses it to check the signature against the certificate contents.)
All you need is an LED at the transmitter and a telescope with a photodiode at the receiver. No one outside the field of view of the receiver would be able to interfere. If you want even better protection, put a telescope at the transmitter too.
A telescope is effectively a very high gain "antenna."
Good judgement comes from experience, and experience comes from bad judgement.
- W. Wriston, former Citibank CEO
You want the receiver to distinguish between an "authorized" broadcast and an "unauthorized" broadcast.
So the broadcast must be tagged in such a way as to allow this identification to be made (since potential transmitters cannot be controlled -- as you observed).
Encrypt the broadcast, or transmit a hash (or equivalent). Be sure to consider "replay attacks". An old message can be recorded and played back to the receiver at a later time.
And that's really all that you can do. Be sure to choose a cipher or hash technique that will outlive the useful life of the equipment as well. Once the signal has been sent, you must assume that an outside party has it; and can study it at their convenience. Simply because potential receivers cannot be controlled, either.
Advice: Hire a cryptographer.
Ratboy
Just another "Cubible(sic) Joe" 2 17 3061
Beyond this, the "big boys" recognize that it is most difficult to prevent the dedicated and motivated from transmitting before the fact. They deal with the problem in two ways:
The first is jam-resistant modulation schemes - so the miscreants will have difficulty denying authorized broadcasters access to the receiver.
The second is by various authentication schemes, so that what ever is received can be identified as having come from an authorized source and not a miscreant.
All of this begs the question, broadcasts authorized by whom?
Can't you just ask Q?
Public key cryptography solves this. Only transmitters get the private key, they sign the communications with it, and anybody with the public key can verify that the private key signed it.
The guy who mentioned "Despreading" had the right idea. Use of "Spread-spectrum" direct sequence modulation is probably the most secure you're going to get. Essentially, a "key" is used to control the spreading code. If you don't have the key, you can't receive the signal.
Further, the transmission by it's very nature is somewhat covert. Now - if you're the NSA, perhaps you can figure out, but it's likely to be able to put together a system that is for all intents and purposes "private" using this type of transmission.
Now -FCC licenses, and spectruma are your REAL problem. The technical problems have solutions.
Have you compiled your kernel today??
- A source stream of data
- A stream of random keys
- Block encryption to secure the stream in transit
- An RSA encoded stream of the above keys, encoded for each applicable user
- Broadcast the block encoded data, and the RSA'd key streams on a shared channel
- Decoding of the key stream at the user
- Decoding of the data stream with the keys
This makes the same compromises Phil Zimmerman used in PGP back around 1990. You use a faster symmetric encryption to lock down the data, and the slower RSA algorithm to handle the need for secure key exchange.I'm fairly confident some variant of this scheme is being used by all of the major satellite systems.
You should be able to extract most of the code you need for thi from the GnuPG source.
--Mike--
Spread spectrum such as WCDMA (Wide band code division multiplex) is probably the best way to prevent jamming. However there are a couple of difficulties: 1. You need a wide spectrum to spread the energy over. I don't know the details of spectrum allocation in your juristiction but it is unlikely to be available anywhere (except for the military). 2. Whatever the bit rate you transmit at (slow is best) a jammer will always be able to swamp your signal by raising the noise floor sufficiently. The best way to avoid jamming is to spread the signal over as wide a spectrum as possible, transmit at the lowest possible bit rate and keep a low profile. Whether or not that helps depends on the application you have in mind.
Buy a license from FCC and then use their power to prosecute anyone who transmits on your licensed frequency. They have the power to shut down anyone who squats on licensed spectrum.
Broadcast and receive your signal directionally (with a dish, for example). This limits the places where the bad signals can be. There's no magic way that a good signal can be distinguished from a bad one, but you can make it harder to receive signals from directions that you don't want to receive from.
Encrypt your traffic. This prevents people from sending you crap that you might mistake for good stuff, and it prevents others from reading your transmission.
Fascism trolls keeping me up every night. When I starts a preachin', he HITS ME WITH HIS REICH!
Isn't authenticating a group of broadcasters and receivers to work together and disclude anyone without the right authentification exactly what task groups like 802.11i have been working on for years? Why not just borrow the ideas they're using and customize them for your own needs?
The only way to make an electromagnetic wave secure--short of sticking your entire system inside of a Faraday cage--is to make the information it sends secure. Higher level encryption is the way to go, here; most likely either redundancy, a checksum, or the like.
>> Standing on head makes smile of frown, but rest of face also upside down.
But since you're new to the hardware side of things, maybe this will provide an easy transition: http://www.gnu.org/software/gnuradio/.
Basically, it's a software-controlled receiver/transmitter, which makes it easy to pull signals out of the air, store and analyze them, and generate your own signals for broadcast.
I saw a nifty demonstration of it once. So I've already told you about everything I know.
As to your actual question, I agree with the general consensus: It's a crypto problem, not a hardware problem. Best of luck with it.
You want the truthiness? You can't handle the truthiness!
--Mike--
First of all, you need to define what part of the world you are planning on doing this in. Different parts of the world are governed by different agencies, and different laws. Information that may be valid within the US may not be valid in the UK, for example.
That said - let me examine your statements from the context of a project to operate within the US.
First, there is the question of what frequency you want to be operating in. If you are wanting 100's of meters, and yet you are planning on operating in part 15 rules (unlicenced operation), you are going to have problems if you try to work in some of the higher frequency bands. If you want more power, you are going to have to use a licensed service of some sort.
Next, the fundamental rule of Part 15 operation is "Thou Shalt Not Cause Interference To Anybody Else" - you are the bottom of the rung. If you park your radio on 146.52MHz and I (as a licensed Part 97 amateur radio operator authorized to use that frequency) complain - you lose.
Secondly - the only way you can achieve the goal of "Authorized users work, non-authorized users don't" is to encrypt the signal before modulation, and have some means of keeping "unauthorized users" from getting an authorized key. If the key is built into the radio hardware, then realize that all you can say is "this is an authorized radio", not "this is an authorized user".
But the single most important question here is:
Why do you want to do this?
Why do you feel the need to prevent "unauthorized" users from using your gizmo?
www.eFax.com are spammers
if you want to make sure that the RF is only being sent and recieved by you, you have to set up a system where the frequency "hops" - changes very rapidly in what appears to an outsider as randomness. You do this by using cryptography to establish a connection and share a seed value for the variable that initiates the hopping sequence and a synchonization pulse for their internal clocks.
Then you need to build a transmitter and a reciever that will be able to change frequencies very very fast (hundreds or thousands of times per second), keep in sync with one another, and send packetized digital data between them.
If you are really paraniod, you encrypt the signals going to the transmitter, allow the transmitter to encrypt them again, the reverse the process at the receiver side.
If you are really, really paranoid, you iterate that cascading pattern over several layers of the network, multiplex the signal to the radio, and broadcast a solid stream of encrypted information, filling it the gaps between "real" information with garbage so that there isn't any variation in the RF between when you are saying something and when you aren't.
If you are more paraniod than that, you unplug everything, use very low tech methods executed by fanatically loyal zealots who would rather die horribly painful deaths than bring shame on their families, betray the cause, or endanger their eternal soul.
If you want to stop the paranoid, really paraniod, and really really paraniod folks from communicating, you build your own frequency hopping device, add a modulation hopping function, connect it to a really big tesla coil mounted on an electronically isolated & shielded truck, and broadcast megawatts of RF into the atmosphere while driving around in arbitrary paths.
If you want to stop the zealots, pull a Keiser Soze on them and kill them and everyone they've ever known, their dog, their neighbor, the guy who sold them coffee this morning, etc. Iterate until there aren't any more zealots.
Basically, the concept is that you use an array of antennas and cross-cancel signals for areas you do not want to recieve (or send to). See http://www.iec.org/online/tutorials/smart_ant/ among other sources.
Transmit a broadband signal to all recievers. Have the receiver narrow it's coverage to your area and send an authentication request. Then you are "in" if you pass, and if not the receiver decreases signal reception and transmission to your geographic area, and could even pass that information to other sender/receivers so that you are locked out of the network.
There are all sorts of fun ways to add on to this concept. And much of it has been mentioned in passing in Smart-Radio forums, like the Smart-Radio OMG meetings.
How do the big boys protect their signals?
You are worried about others transmitting on your bandwidth? Well don't worry there is a federal agency just for this. It's called the FCC. I'm sure that your company is paying a very large amount to license the spectrum that you want to prevent others from transmitting on. Well, just identify others that are transmitting on your licensed spectrum and the FCC will go out and if they don't stop transmitting on your licensed spectrum space they will be fined $10,000.
You are licensing spectrum from the FCC to be protected aren't you? If not, you must be using public spectrum space such as 802.11a/b/g. I hate to tell you this, but you can't stop others from transmitting. Well, you could try, but then the FCC would come after you.
Still, there are situations where these would be unworkable: severe cost restrictions might rule out encryption, or a moving transmitter might rule out a highly directional antenna on the reciever. What is needed is more information: what are your limitations? Just what is the mystery device you're designing intended to do?
Without any futher information, all I can suggest is to look into programs like SSH and standards like IPSec; these might give you a good idea of where to start if you can spare some simple computing hardware at each end. Ultimately, since you have a software background, I would suggest viewing the system you're creating as not unlike a VPN: you must create a secure trust boundary across a network which may harbor attackers. There's already significant development in identifying spoofed senders across the Internet; what you have to do is to transfer those concepts into the world of radio. While the two domains are certainly not isomorphic, there is a large body of knowledge that can be mapped from one to the other. The links I have given you, and the advice from other posters in this thread, should give you a good start.
That's it. I'm no longer part of Team Sanity.
It depends on the type of data and on who else will be broadcasting.
I assume it's a digital signal you are sending, but if it's analog audio you can do some cool things by adding something that sounds like white noise to the transmitter, then subtracting it on the receiver. A "sync" signal will need to be sent to get them together (or transmit the "white noise" on another frequency if 2 tranmitters is feasable). If the transmitter isn't adding the "white noise", but you subtract it, then the audio will sound like white noise. (something like this was done for WWII radio encryption).
Weather it's analog audio or digital, it depends on who else will be broadcasting. If it's an attacker who may put lots of effort to reverse engineer your signal then you may need crypto. If you're just worried about a random transmitter or script-kiddie-type trying to screw with you, then you may just need to add some "sync" or "i'm legit" signals occationally (possibly on another frequency).
You trust your credit cards, personal information, and bank account to it, so why wouldn't it be good enough here?
Of course, what happens if you move your reciever around or something else causes a period of affected reception? The transmitter has no way of knowing what packets of data you did or did not recieve, unless your reciever has a transmitter of its own... and one powerful enough to transmit back to the reciever, without interferring in its broadcast (or the other recievers) so that it would know whether to resend content - and to which recievers which packets should be resent.
I suppose it depends on what content is being transmitted, too. If it's just audio, who cares if you miss a handful of packets.
http://www.cs.brown.edu/exploratories/freeSoftware /catalogs/signal_processing.html
Some "exploratories" on signal processing.
There's some other good stuff there as well.
You need to provide more information to get a coherent answer. You mention a range of 100's of meters, are the endpoints fixed with line of sight between them for antennas or are you going through concrete and steel walls? What bandwidth do you need? Is this an intermittent signal like polling for data or a continous stream of audio? These questions have implications on the frequency, power, bandwidth and modulation scheme of the signal generated. Give more info on the application and why you can't have "hackers". Does this mean you can't have someone steal your content as it passes over the air or does it mean that you can't have someone spoof your data or are you talking about interference problems causing downtime? All are important questions. What is the cost involved with link downtime? This is important in RF as well.
"ssh" pun (security? sound of static on radio?)
Take the 90-Day Challenge! http://rwmurker.bodybyvi.com/
to stop people from transmitting you would have to restrain them but from what I have read DSS could help avoid jamming of your signal.h tm
check here for a brief overview:
http://electronics.howstuffworks.com/question326.
ultra-wideband
supposed to sound like static
only readable/interpertable if you know exactly what you are looking for.
every day http://en.wikipedia.org/wiki/Special:Random
Check out Zigbee, it has some support for encryption in the protocol stack. http://www.zigbee.org/ has some info that may be of use. Zigbee is a "reliable, secure, low power wireless communications protocol based on IEEE 802.15.4" --buddy
a wonderful new RF transmission system that's almost impervious to outside interference. It's called coax cable.
I have a girlfriend whose name doesn't end in
At the very least get an Amateur Radio License. It is an easy way to learn the basic technology behind radio, and will also aquaint you with the legal aspects of broadcasting.
You should be able to get a no-code license in a few months through a local club. The Amateur Radio Relay League is a good place to start.
http://www.colorado.edu/physics/PHET/simulations-b ase.html
More "simulations" like "Radio Waves and Electromagnetic Fields"
The rest of the site is interesting.
spread spectrum is pretty cool, but to be /really/ effective, i'd suggest throwing in some steganography. for example, instead of choosing a single frequency at a time, you pick three and simultanenously transmit on all three channels. you choose one of those channels as the 'true' channel, and (using a stochastic process of some sort, i'd imagine), manufacture plausible signals on the other two channels that are totally ignored receiving side. joe average will pick up that you're using spread spectrum, but even if they do they've still got a nasty problem of figuring out which of each set of three signals is really the right one to use, especially since all three signals will be essentially undistinguishable in terms of information content.
the other option is to use a more interesting where the signal is encoded but as bursts in a kind of morse-code-y way. e.g: transmit several symbols on the channel, but only choose one of them to be significant; designate a single occurance of that symbol as a dot and two adjacent occurances as a dash, require that all dots and dashes be separated by some other symbol. lots of things you can do once you bring steg into play.
There is no practical way to provide secure RF transmissions.
Sure there is.
Take military GPS for example.
Try and explain to me how you're going to spoof a military GPS signal......
What this guy needs to do is research something called Electronic Counter-Countermeasures (ECCM). This is a common military problem.
For example:
Joe's shooting a radar-guided missile at Steve. If Steve can send back enough fake radar pulses to throw off the missile's tracking, Joe will never be able to shoot him down with a radar guided missile.
Note:
-Remember: "The important part is that only authorized users (ie. no hackers) would be able to broadcast signals."
Obviously you can't prevent someone from building/buying a transmitter. Encryption can be a solution, but you're looking at it from the wrong angle. He want's to stop people from spoofing transmissions, he doesn't seem to care if you can decode what he's transmitting. (Just like a missile doesn't care that much if you know that it's a missile, so long as you can't avoid it or jam it.)
One idea would be to have a set of matched filters at each end who's filter coefficients are determined by a continuously varying cryptographic keystream. This would actually allow you to reject spoofed signals pretty well. Think CDMA, but with a constanly changing code.
Life is too short to proofread.
realize that it's RADIO WAVES.
Everyone's "obvious answer" is encryption of some sort, but no one realizes that no matter what you do, someone can come in and broadcast out noise on your frequency to pretty much kill your broadcast in all regards. And THAT is what you need to really protect against. The encryption only makes sure someone isn't receiving when they shouldn't be.
To get it into your hard wired minds... you can encrypt anything and send it over a cable, but if someone hooks up a vacuum cleaner's motor to that cable, you can kiss your signal goodbye.
One way to get around this is to have a predictable, changing frequency that you are broadcasting on. I'd go into more detail, but in the end, someone can still interfere. So to answer your question, there's probably no good way.
Broadcast side:
The only way to stop unauthorized 'broadcasting' is to license a frequency and encourage the licensing body (US=FCC) to administer enforcement of your license rights. FCC does offer developmental/experimental licenses at reduced cost for exploring new technologies, product development, research, etc.
The link(one way is MUCH less expensive) may be secured the same way as wired is, through encryption.
One alternative is very broad band, low level, broadcast. I's difficult to discover but if someone learns it's there, your security is out the window.
Even if you can't send fake GPS signals because of the encryption, it's still entirely possible to jam the system with junk broadcasts on it's frequencies...
Use one-time pads.
The most effective means to deal with an unauthorized transmission is make it very easy to see when someone is not performing the authentication right, or there is transmissions from a source or type or format that you do not expect. Then the person can go looking for the offender with an appropriately sized stick (literal, or otherwise).
..don't panic
Active denial: Microwave the intruder's rig.
The Right Way: Use crypto, of course.
As long as the other guy has enough power to drown out your signal there is really nothing you can do about it. Anyone can broadcast on your freqs (in a technical sense) and you would be essentially helpless until they stop, or they get shut down
People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf.
1. Spread Spectrum.
2. A public key style encryption.
3. Highly directional signal if possible.
You could combine them as well to make it as secure as possible. Have fun.
See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
First, you need to be familiar with the license restrictions. In the US there are FCC regulations and, even if you are using frequencies in the unlicensed bands, you need to get your transmitter type approved.
It appears that what you need is spread spectrum along with encryption, possibly combining the two by using a secret spreading code.However, your question is not very clear which leads me to...
Second, you need to talk to somebody familiar with telecommunication systems and bridge the gap between what you think you want and what can be done in practice.
Secure encryption does not prevent jamming by any malicious third party. This problem is one of the main reasons why the FCC exists in the first place.
Make it line of sight, like microwave links. Of course only if that's suitable for the intended task.
Encryption will help, but it's still defeatable with brute force.
If I use direct sequence spread spectrum with a high chip rate, you are going to have a difficult time detecting that I am transmitting a signal, and the power requirements for a brute-force jammer can be made impractical, not to mention that your jammer is going to attract a lot of unwanted attention.
Mea navis aericumbens anguillis abundat
Sirius and XM Satellite radio are probably not the best place to start, since they use proprietary waveforms, and they are designed to avoid dropouts as you drive around in your car. They do this by combining two satellite signals and hundreds of local terrestrial transponders. While this does lead to few dropouts, it has a latency larger than 5 seconds (no big deal in broadcast radio, but is it for you?).
If you do want to broadcast a protected stream, look at the ITU Digital Video Broadcasting (DVB) standard (see www.dvb.org). While it is aimed as video, it allows for essentially any serial traffic to be concatinated onto a single broadcast and can be protected (stream by stream)at least as well as a DirectTV signal. I wont't say it is "safe", since I don't want to start a flamewar with all those HBO stealers out there. It has specific extentions for audio and for IP, which is how most satellite internet services work (they use many different standards for the return link, but I won't get into that here).
This standard includes a choice of waveforms (mostly QPSK or BPSK), but does not give you a licenced band in which to transmit. I am going to assume that you want to use the unlicenced band, since beginners don't own licenses (no offense). straight DVB is very narrowband, and would not handle the interference you might expect in that band. you might have to include occasional channel hopping within the unlicenced band to avoid jammers. Read up on this in the Frequency hopping option inside the 802.11 standard. If you are lucky, you will find that someone has implemented what you need in hardware already within that standard.
All of this assumes you are streaming data, since you talked about satellite radio. If you want something more interactive, well , that is a whole 'nuther post.
"I love his boyish charm, but I hate his childishness" - Leela
Thanks for all the feedback so far. Allow me to provide some more info as it seems my original question was a little ambiguous.
First, I am not really transmitting much info. A simple "signal is on" is ok... perhaps a bitmap, but that's it. I'm not transmitting audio/video/data at all. In terms of the broadcast stations, they must be mobile.
There can be no line of site.
I don't care who picks up the signal or what they do with it... the data is unimportant.
I just want to make sure no one can broadcast (or at least make it as hard as possible) the same signal.
Digitally Controlled Squelch using PLs
Basically a signal broadcast at the same time as the communication signal that opens the squelch up on the receievers. This is what most Police/Fire/Safety Departments use on their radios. You may also try using a (Digitally) Trunked System.
How PL Systems Work
What is Trunking?
Video Production Support
Certainly, anyone implementing some sort of wireless communication system should exercise due diligence in encrypting and/or cryptographically signing traffic, using directional antennas to the maximum extent possible, and using some spread spectrum technology to avoid narrowband interference, but guess what? It will still be vulnerable to jamming. This is a fundamental characteristic of radio communication, and the only practical way to get around it is to make the person jamming your transmissions stop jamming, and many people would prefer frequency disputes to be resolved by a government agency than the alternatives, which include spectrum anarchy and/or vigilante justice.