On Fri, Sep 15, 2023 at 10:06 AM Chris Thompson via pacsat-dev pacsat-dev@amsat.org wrote:
Ok, thanks for that Corey. Very interesting. We may not be susceptible to the length extension attack vulnerability though. If I understand correctly, then a message sent as: Hash( key + "Watch the enemy") could be manipulated to Hash(key + "Watch the enemy and attack them after 5 mins"), without knowing the key. But our commands are fixed at 18 bytes length (for now at least). So any extra appended message would be ignored. With that said, it may not be much harder to implement the scheme as described.
Yes, I was more worried about the "various security papers have suggested vulnerabilities with this approach" comment in the article on the key || message || key approach. It probably means there are other issues with the approach, possibly key extraction attacks. The HMAC approach seems generally more cryptographically sound.
I was going to say that I could implement it, though it's pretty trivial. You've probably already done it :).
-corey - AE5KM