[riot-notifications] [RIOT-OS/RIOT] ieee802154_security: Nonce is reused after reboot (#16844)

fabian18 notifications at github.com
Tue Sep 14 13:47:34 CEST 2021


So with `SRAM PUF` we could start with a random frame counter?
As far as I understand the problem, this does not really solve it, because the frame counter sequences of two boot up sessions could still overlap and if the second sequence starts at a lower counter than the first session finished with, the receiving device would identify the frames of the sender as replays. Given that the receiving device implements replay protection which is currently not the case for RIOT because it requires more memory and leads to more complexity.  

As far as I understand we would need persistent storage to solve the issue.
@maribu suggested to use `backup_ram`, which I think is very promising, but needs hardware features.
I coded something on a local [branch](https://github.com/fabian18/RIOT/tree/ieee802154_security_persistent_frame_counter), but I am not quite satisfied yet with it.
The frame counter starts at 0 on cold boot. On reset and flash it continues where it ended with.
To also not start at  0 on cold boot, we would probably need en external EEPROM.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/RIOT-OS/RIOT/issues/16844#issuecomment-919073939
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riot-os.org/pipermail/notifications/attachments/20210914/0067be75/attachment.htm>


More information about the notifications mailing list