[OpenTRV-dev] Thinking aloud: preventing replay attacks
EMAIL ADDRESS HIDDEN
Mon Dec 8 00:43:58 GMT 2014
> I imagine that at pairing / key exchange that I could set a largish (eg 64-bit) counter at both ends to the same value (or just 0) and send its value or a hash of it with nonce in each encrypted frame, and the hub with lots of memory could remember all previous values used to reject any replays and/or reject any received counter value less than the starting value and allow only a smallish window for new values to allow some frame loss. In fact maybe the hub only needs the counter which it advances to the received value when it gets a decent frame.
I think that I just badly reinvented something like the IPSec sliding window mechanism, which is potentially fine…
More information about the OpenTRV-dev