Home/ Questions/Q 7928073
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-03T19:38:30+00:00

I’m developing a protocol for wireless communication between two microcontrollers, using a 433Mhz modem

  • 0

I’m developing a protocol for wireless communication between two microcontrollers, using a 433Mhz modem which can send serial data in a raw format (plain text if you want). I know that this sounds more like an electronic question but my problem is in the coding part, let me explain myself.

Let say that unit one send this command “0x001/0x010/LIGHT1/ON” (this is plain text) to unit 2, the first is unit 1 name, the second the unit 2 name, the third a actuator and the last one the action. All ok and working, BUT I want to give the system a little level of security, because if somebody is listening to that frequency using a technique like “men-in-the-middle” can easily copy the command and resend it any time he wants.

I was thinking about crypting the messages transmitted over air, but then again this will not protect the system against the same type of attack, let’s say I encrypt the message using something like MD5, I will transmit something like “767b79ebb8061054d3ad1eaef428b469”, the attacker just need to copy that string and resend it to achieve the same result.

So how can I solve this? Take in consideration that I’m not controlling a nuclear reactor so I don’t need a very high level of security.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I assume, that each node “knows” the nodes it is supposed to take commands from – in this case have the receiving node store a (simple) key for each node it will take commands from, then add three fields to the protocol:

    • a salt (random number created by the sender)
    • a sequence number
    • an authentication field

    Both sender and receiver store the last used sequence number for a tx->rx relation, the sender increases it with every command.

    Both sender and receiver create a hash (SHA1?) of the concatenation SequenceNumber+Command+SequenceNumber+salt+nodekey

    Edit: nodekey ist the sending node’s key

    The sender sends this as the authentication field, the receiver checks it against the authentication field and accepts the command only, if the sequence number is higher than the LRU sequence number and the authentication field checks out OK.

    This is secure against a replay attack, as it would involve a sequence number reuse.

    Edit:

    There is concern in the comments about loss of synchronity in the sequence numbers, but the proposed solution is resiliant against that: Only the sender will ever increase the SN, and the receiver will accept all SNs higher than the last used. Loss of a message will make the SN jump, but it will still be accepted as higher than LRU.

    • 0