[Cryptography] How to crypto secure speed limit signs
Bill Stewart
billstewart at pobox.com
Thu Mar 26 01:53:51 EDT 2015
> > But how to avoid a "replay" attack -- i.e., cloning an existing
> sign & installing it somewhere else? Should the QR code crypto
> sign the sign's GPS coordinates? Wouldn't that make speed limit
> signs pretty expensive to manufacture & install?
> > Ditto with all kinds of other street signs.
There are at least three spoofing cases -
- some third party setting the speed limit lower than it should be
- some third party setting the speed limit higher than it should be
- you spoofing the signs so your own car ignores their annoyingly low
speed limits in favor of some higher one
If the speed limits using a radio-based system, you can probably
trick your car into ignoring it.
If it's a visual code, overriding it may be harder, maybe putting
stickers over the camera if that doesn't interfere with other
self-drive features, or messages on the OBD/CAN bus if they're exposed.
If it's visual, one third-party spoofing case is putting a bumper
sticker on your car with a low speed limit, to chase away tailgaters.
If the speed's marked on the sign by some QR-like code, then you're
only going to get individually marked codes if they're printable on
the spot, as opposed to baked into the paint. That's kind of a tough
call, because the amount of data you need for just the speed is 1 or
2 bytes, a few more with GPS, but a few hundred with signatures, and
the video (which didn't really say how it worked) looked like it was
doing an OCR for digits in a circle or the black-slash-on-white sign.
More information about the cryptography
mailing list