This is a read-only snapshot of the ComputerCraft forums, taken in April 2020.
tycoonlover1359's profile picture

Securing computer-to-computer communication?

Started by tycoonlover1359, 07 July 2018 - 05:35 AM
tycoonlover1359 #1
Posted 07 July 2018 - 07:35 AM
Is there any way of at least slightly securing communication between computers using the Rednet or Modem APIs, excluding using only wired modems to communicate between computers? (In short, is there a way of at least slightly securing wireless communication between computers?)

SpoilerScenario

For some fun on my end at the very least, I’m creating some base security programs. One of the things I want the programs to be able to do is communicate with each other and a ‘server’ computer, allowing for me to control other computers from a farm such as opening my front door when I’m in the back of my large base. I wouldn’t want other people to be able to do this, so is there any way of securing the communication between my computers, other than linking all my computers with wired modems and cabling? (This presents the problem of me being unable to use pocket computers in this system. If possible, I’d like to utilize pocket computers to control this system on the go.)
Bomb Bloke #2
Posted 07 July 2018 - 08:15 AM
Encryption is generally the key - this is how we handle it with real-life wireless networks. Unfortunately, coding an effective encryption API is a bit beyond the novice coder, but there are a few already available that you can use. ChaCha20 for eg.
InDieTasten #3
Posted 07 July 2018 - 08:21 AM
You only mentioned a requirement of tamper-proof communication. There's many different ways to go about things.

One way to prevent others from for example forging door-opening commands, you could share a private secret on all your computers and add a hashed signature including the secret:

ActualMessage: "abc"
Signature: "0e3bbd26f46012ccec4776d171f314a00c022d98"

Where the signature is the sha-1 of "abc" and the secret (in this case "xyz")
The receiver can use his secret key, also create the hash and check, whether the it matches the sent signature. This way, the receiver can verify, that the sender used the same secret key.
Note: The actual message is still visible to all listeners, so this communication does not meet a possible requirement of confidentiality.

To achieve both, you could use actual encryption, like AES. The principle is again to have a shared secret among your computers. All messages are encrypted and decrypted using the secret key.
This offers confidential and tamper-proof communication.

There are many different hash functions and encryption algorithms out there. The main restriction on what to use will be performance. Some hash function will be faster to execute than some encryption algorithms and vice-versa.


Also note, that with either of these techniques, your overlaying protocols still have to consider security as well. Something that came into my mind would be replay-attacks. An attacker could capture the encrypted door-open-command, and just send it again. To resolve this kind of issue, overlaying protocols should include expiration times in their messages, and/or a challenge scheme, which is kind of like the way remote car keys work.
1. Sender sends message to wanting to send a command with public token 1 ("def", random for each time)
2. Receiver will respond with public token 2 ("ghi", random for each time)
3. Sender sends actual command including both tokens
4. Receiver validates, that the token combination is in his working table, and removes the tokens from the valid combination list.

A replay of the message would be discarded by the receiver, because the token combination is no longer valid.

This makes a really simple program really complicated, so you need to consider whether to go for security or development speed. I'd go for the latter.
Maybe someone else knows other techniques, that are easier to implement.
Edited on 07 July 2018 - 06:37 AM