Channel Unique Identifier: Shouldn't channel hash be independent of name? #5657
Replies: 1 comment
-
A small side note on that channel hash: From a purely theoretical security point of view (but without further analysis), using xor and feed it the PSK (among other thing such as name) might leak some additional information about the key, together with some other unencrypted information (packet number & node number to reconstruct the nonce) and knowledge about the structure of the encrypted payloads, this could further weaken the security. But that has probably no real practical (security) implication. If you treat the xorHash as a keyed hash function security primitive, the channel name could be considered the key for that keyed hash function, and the PSK the actual data that is hashed. That might be a one reasoning on why to make the name part of the hash function, but it is not that convincing. xorHash is no really a keyed hash function and even if, the channel name would be probably be a bad key for a keyed hash function. |
Beta Was this translation helpful? Give feedback.
-
I was testing and further investigating what would be a proper unique identifier for channels as part of my work on the home assistant integration.
As the channel index are clearly documented as node local concept, the channel PSK is kind of the only really globally unique identifier for a channel. The firmware uses internally the channel hash (
uint8_t
), but to my surprise the hash also depends on the channel name:firmware/src/mesh/Channels.cpp
Line 44 in 143e1d1
As a consequence of this (and this is also what I've seen in my test), nodes can't exchange messages on that channel if they name the channel differently, even though they have the correct PSK in use
I think it should be possible to name channels differently on different nodes and still be able to exchange messages as long as the PSK is the same.
Can someone with some more historic background (@geeksville ?) shed some light into the decision to make the channel name part of the hash?
Beta Was this translation helpful? Give feedback.
All reactions