undefined | Better HN

0 pointstheamk1y ago0 comments

Not really, you still need some system to distribute the shared key.

The paper's method suppresses original message then generates btand-new one, so if the key is easy to find out, then the spoofed message will have a correct MAC. Which means you need a cryptographically secure method to distribute the key, but you also have multiple consumers and you want to be able to replace broken devices too. This sounds like a non-trivial cryptosystem, and assymetric crypto + certificates is one possible solution.

0 comments

GTP1y ago

Key distribution can be done manually at the factory where the plane is built. Which can also keep a keystore holding the key used for each plane. But we don't need to delve deep in this scenario, as ultimately op's point was that, by introducing crypto, you risk adding failure modes to the plane.

j / k navigate · click thread line to collapse

0 comments

GTP1y ago

j / k navigate · click thread line to collapse