[OpenTRV-dev] Anti-replay-attack note
Damon Hart-Davis
dhd at exnet.com
Fri Mar 4 21:38:21 GMT 2016
https://github.com/DamonHD/OpenTRV/blob/master/standards/protocol/IoTCommsFrameFormat/SecureBasicFrame-V0.1-201601.txt
I have just added Note3 below: comments welcome.
Rgds
Damon
*Note3: to avoid replay attacks at the point of association of an
existing node with a new receiver, as well as setting the node ID and key,
it may be desirable to set the most-significant (persistent/restart)
RX counter bytes to one hugher than the current value used by the transmitter
(with all zero ephemeral LSBs), and then force a restart of the transmitter
to force its TX MSB persistent reboot/restart count to increment,
thus ensuring that the receiver will not accept a replay of any of its
previous transmissions but can accept any of its new ones.
More information about the OpenTRV-dev
mailing list