[OpenTRV-dev] Anti-replay-attack note

Damon Hart-Davis dhd at exnet.com
Fri Mar 4 21:38:21 GMT 2016


https://github.com/DamonHD/OpenTRV/blob/master/standards/protocol/IoTCommsFrameFormat/SecureBasicFrame-V0.1-201601.txt

I have just added Note3 below: comments welcome.

Rgds

Damon



*Note3: to avoid replay attacks at the point of association of an
existing node with a new receiver, as well as setting the node ID and key,
it may be desirable to set the most-significant (persistent/restart)
RX counter bytes to one hugher than the current value used by the transmitter
(with all zero ephemeral LSBs), and then force a restart of the transmitter
to force its TX MSB persistent reboot/restart count to increment,
thus ensuring that the receiver will not accept a replay of any of its
previous transmissions but can accept any of its new ones.


More information about the OpenTRV-dev mailing list