Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RFC #2: Message Sequence Field #20

Open
brannondorsey opened this issue Oct 9, 2018 · 0 comments
Open

RFC #2: Message Sequence Field #20

brannondorsey opened this issue Oct 9, 2018 · 0 comments
Labels
RFC Request for comments

Comments

@brannondorsey
Copy link
Owner

Proposal

Add an optional message sequence field to the chattervox packet. Initially proposed here.

Details

This functionality can be useful in determining if messages have been lost in transmission. It can also be used to protect against replay attacks in the event that clock synchronization is not possible or no timestamp field is included in the packet (see RFC #1).

This RFC proposes protocol-level support for message sequence numbers, however, it is up to the chattervox client software to choose how use them.

Considerations

  • The sequence field should be optional. Applications can opt out of sequence field inclusion in their chattervox packets to reduce packet size overhead.
  • Client software that supports the sequence field could alert users to message sequence gaps and aid in identifying lossy transmissions.
  • The sequence field is compatible with he timestamp field RFC #1. Either, both, or neither could be used.
  • Used to mitigate replay attacks, message sequence numbers are not as effective as timestamps as users are vulnerable to replay attacks that include message sequence numbers created since they last made contact with the real station. E.g. Alice and Bob are communicating in a round-table discussion in the CQ "chat room". The last message Alice hears from Bob before logging off contains sequence number 43. Once Alice has logged off, Bob continues to chat in the group and sends 100 messages, which Eve records. The next day, Alice joins the CQ while Bob is not present. She is vulnerable to replay attacks by Eve for 100 different messages that Eve heard but Alice did not. Because Bob is no longer in the room, he can not inform her that his next sequence number is 144.
  • Global sequence numbers don't play nice when a station uses two different computers, each with their own message sequence counters. Support for SSIDs (e.g. KC3LZO-1, KC3LZO-2, ...) mitigates this problem to some degree. This wouldn't be a problem if the client chooses to reset the sequence number each session, but then session numbers are no longer useful to prevent replay attacks.
  • The sequence number format should be large enough that messages won't rollover too frequently (or at all if used for replay attack protection) but small enough that they don't cause too much packet overhead.

Protocol Changes

Byte Offset # of Bits Name Value Description
0x0000 16 Magic Header 0x7a39 A constant two-byte value used to identify chattervox packets.
0x0002 8 Version Byte Number A protocol version number between 1-255.
0x0003 5 Unused Flag Bits Null Reserved for future use.
0x0003 1 Sequence Number Flag Bit A value of 1 indicates that the message contains a message sequence number.
0x0003 1 Digital Signature Flag Bit A value of 1 indicates that the message contains a ECDSA digital signature.
0x0003 1 Compression Flag Bit A value of 1 indicates that the message payload is compressed.
[0x0004] [8] [Signature Length] Number The length in bytes of the digital signature. This field is only included if the Digital Signature Flag is set.
[0x0004 or 0x0005] [0-2048] [Digital Signature] Bytes The ECDSA digital signature created using a SHA256 hash of the message contents and the sender's private key.
[0x0004-0x104] 8 or 24 [Sequence Number]* Unsigned Integer A message sequence number. This number should increase by one each time a new message is sent by a chattervox client.
0x0004-0x11C 0-∞ Message* Bytes The packet's UTF-8 message payload. If the Compression Flag is set the contents of this buffer is a raw DEFLATE buffer containing the UTF-8 message. 
bold values indicate proposed changes.
[] indicates an optional field.
* indicates a member of the signed message if a digital signature is present.

Open Questions

  • Should this method really be used for replay attack prevention? I don't think it is a very effective method of prevention.
  • If we don't intend to use sequence numbers to defend against replay attacks, we can make the bit-length of the field much smaller. If sequence numbers are used only to indicate message gaps, an 8-bit field would probably suffice. In this case the field would be used simply to count the relative distance between received messages and not the absolute message number. Sequence number rollovers would be fine as it is unlikely that a station would miss > 255 messages before hearing a new message.
  • Does adding a sequence number overstep the keep-it-simple-stupid ethos of the protocol? Does the usefulness of this feature outweigh the complexity it introduces?
  • Is this something that client software should roll itself on top of the protocol instead?
@brannondorsey brannondorsey added the RFC Request for comments label Oct 9, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
RFC Request for comments
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@brannondorsey