How to Protect Radio Signals Over Short Distances?

anth_007 asks: "I'm a software developer seeking to delve into the hardware world. I am trying to create a prototype for a new product that would broadcast signals over a very short range (100s of meters). The important part is that only authorized users (ie. no hackers) would be able to broadcast signals. Well, a more accurate description would be that anyone could broadcast (it's just a radio transmitter after all), but receivers would be able to differentiate between authorized signals and those which are not. I've been looking to find information on Satellite Radio (XM, Sirius, etc) and how they protect their signals, but I haven't had much success. I realize that I'm talking about two different problems here (I want to stop unauthorized people from broadcasting, satellite radio is trying to stop unauthorized people from receiving), but I need to start somewhere. Any ideas? How do the big boys protect their signals? Is there any readily available technology out there that would allow me to accomplish this?"

Tinfoil

[MarkGriz]

Tinfoil........lots of tinfoil.

Spread spectrum

[spaceyhackerlady]

With the right despreading key, you get signals.

Otherwise, you get noise.

...laura

Don't try to authenticate the radio waves.

[cbiffle]

Radio waves are radio waves. Once your frequency, modulation system, etc. are documented, anyone can fake your radio waves.

It's far easier to secure the higher layers (in the OSI sense) -- the data you're sending over the radio waves.

Authenticating this is pretty trivial, from a crypto standpoint. The simplest approach is to encrypt your data with a shared key; more robust approaches might include signing unencrypted data with a private/public keypair, etc. This would also introduce some noise resistance, since you could tell if the data's been corrupted by checking the signature. (Though for non-malicious interference, you're probably better off using a redundancy check of some sort.)

Good luck!

well technically speaking...

[Naikrovek]

... trying to make radio not transmittable is like trying to make water not wet. (ripped off from jwz i think, and transformed to fit your question)

the only way to actually attempt to control who transmits on what bandwidth would probably require some sort of licensing from the FCC. that way you have some sort of legal recourse if someone does decide to walk on your airwaves.

there are lots of techies out there who know how to build transmitters and recievers that can send and recieve at any frequency they want, so trying to put a technical barrier to the actual airwaves won't get you anywhere, as you mentioned.

an elegant solution would consist of some sort of stream verification, so that you can verify the sender of a signal via fingerprint, encryption, hidden messages, etc. Something that you control and that is difficult to reverse engineer would allow you to differentiate your signals from someone else's.

I think XM and Sirius encrypt their streams, or at least apply some sort of proprietary DRM to their streams to keep idle listeners from tuning in. They also use a fully digital stream, so encryption is pretty easy. And if I remember, they use an odd frequency that must be licensed from the FCC to use. The combination of those things seems to work great for them, a quick search on satellite radio hacking revealed almost nothing useful.

You're looking at the problem from the wrong side

[inio]

There is no practical way to provide secure RF transmissions. However, there are many many ways to protect the data carried on those transmissions. What you're interested in is public-key cryptography as it applies to message signing. It works like ths:

1. Send block of data
2. compute fingerprint ("hash") of the transmitted data
3. encrypt that fingerprint with the transmitter's private key
4. transmit that

on the receiving end, you do this:

1. receive data
2. receive encrypted hash
3. compute hash of received data
4. decrypt received hash using sender's public key and compare to actual hash of data

This process is called signing, and is used in many many places. The use you've most likely encountered is to verify the identity of online stores. (the store's encryption certificate is signed by the trusted certificate authority that issued it. Your browser has all the authorities' public keys built into it, and uses it to check the signature against the certificate contents.)

Radio? Nonsense, go optical

[marcus]

All you need is an LED at the transmitter and a telescope with a photodiode at the receiver. No one outside the field of view of the receiver would be able to interfere. If you want even better protection, put a telescope at the transmitter too.

A telescope is effectively a very high gain "antenna."

Despreading - yeah that's the ticket

[stevew]

The guy who mentioned "Despreading" had the right idea. Use of "Spread-spectrum" direct sequence modulation is probably the most secure you're going to get. Essentially, a "key" is used to control the spreading code. If you don't have the key, you can't receive the signal.

Further, the transmission by it's very nature is somewhat covert. Now - if you're the NSA, perhaps you can figure out, but it's likely to be able to put together a system that is for all intents and purposes "private" using this type of transmission.

Now -FCC licenses, and spectruma are your REAL problem. The technical problems have solutions.