[Cryptography] How to crypto secure speed limit signs
hbaker1 at pipeline.com
Wed Mar 25 16:30:18 EDT 2015
At 08:35 AM 3/25/2015, Stephan Neuhaus wrote:
>On 2015-03-25 14:39, Henry Baker wrote:
>>FYI -- In order to keep these Fords from being spoofed, we would need
>>to "secure" each speed limit sign with a crypto signature.
>>Presumably, this could be done with a QR code.
>>But how to avoid a "replay" attack -- i.e., cloning an existing sign
>>& installing it somewhere else? Should the QR code crypto sign the
>>sign's GPS coordinates? Wouldn't that make speed limit signs pretty
>>expensive to manufacture & install?
>I'm not criticising, but instead trying to understand the situation.
>Are you comparing the cost of creating a single QR code and signing that and then printing out hundreds of copies with the cost of creating many QR different codes, signing each one and then printing it out just once?
>I think that the second alternative will be more expensive, but not because printing or signing is the deciding factor. Rather, I think that the difference in price comes when you have to train the people who install the signs that they should install the right signs in the right places.
The problem is that every signed sign is different, because its signature signs both the speed limit itself and the sign's GPS location.
Without signatures, one can have an inventory of "55 MPH" signs, but that won't work with signatures. Furthermore, the GPS data would have to be accurate to within 10 meters or so to be good, and that might be difficult to determine prior to sending the crew out to actually install the sign. Therefore, the signature might have to be generated on-site and then the sign's QR code printed onto the sign.
Re GPS files: I believe that the laws of most countries deal with "posted" speeds, and "posting" currently involves visual signs, not digital databases of GPS coordinates.
Also, changing the "posting" laws by substituting GPS coordinates would then make an entire country's road system vulnerable to a GPS spoofing attack, which could be catastrophic.
More information about the cryptography