[Cryptography] How to crypto secure speed limit signs

Bill Stewart billstewart at pobox.com
Thu Mar 26 01:53:51 EDT 2015

> > But how to avoid a "replay" attack -- i.e., cloning an existing 
> sign & installing it somewhere else?  Should the QR code crypto 
> sign the sign's GPS coordinates?  Wouldn't that make speed limit 
> signs pretty expensive to manufacture & install?
> > Ditto with all kinds of other street signs.

There are at least three spoofing cases -
- some third party setting the speed limit lower than it should be
- some third party setting the speed limit higher than it should be
- you spoofing the signs so your own car ignores their annoyingly low 
speed limits in favor of some higher one

If the speed limits using a radio-based system, you can probably 
trick your car into ignoring it.
If it's a visual code, overriding it may be harder, maybe putting 
stickers over the camera if that doesn't interfere with other 
self-drive features, or messages on the OBD/CAN bus if they're exposed.

If it's visual, one third-party spoofing case is putting a bumper 
sticker on your car with a low speed limit, to chase away tailgaters.

If the speed's marked on the sign by some QR-like code, then you're 
only going to get individually marked codes if they're printable on 
the spot, as opposed to baked into the paint.  That's kind of a tough 
call, because the amount of data you need for just the speed is 1 or 
2 bytes, a few more with GPS, but a few hundred with signatures, and 
the video (which didn't really say how it worked) looked like it was 
doing an OCR for digits in a circle or the black-slash-on-white sign.

More information about the cryptography mailing list