What is an efficient recipe for extracting a payload from a downlink frame at an edge device?
Below are three contiguous frames generated by Chirpstack that have arrived at my edge device. Spaces have been added for visual effect. Note that the sizes are correct among them in term of bytes. This will involve some AES decryption with a final XOR. Only parts of these frames are encrypted. But how would I perform the XOR on a variable-length payload?
(1) 600b0b0b 009f c825 03000100700330ffff01050868e28c 01187f7ffa ad1af8
(2) 600b0b0b 008f c925 03000100700330ffff01050868e28c 01ad9eb655 316b42 052d7e
(3) 600b0b0b 008f ca25 03000100700330ffff01050868e28c d5248606
600b0b0b is my device address with a network derived code inserted in the first byte. c825,c925,ca25 are the frame counters incrementing on each frame (little endian). Note , again, those bytes are not encrypted.
(1) contains the payload FADE93
(2) contains the payload FADE93FADE93
(3) contains an empty payload.
So how do I get them out of the frames?
Related
Why does Berkeley Packet Filter allow filtering on ether[0:2] and ether[0:4] but not ether[0:3] which is the vendor?tcpdump 'ether[0:3] = 0x000000' returns with
tcpdump: data size must be 1, 2, or 4
This is confirmed by the pcap-filter man page (search for “byte offset”), although it does not provide additional information either.
My guess would be that libpcap refuses to create a program that compares three bytes at a time because the classic BPF programs it generates do not have instructions to directly support such comparisons. It can load one byte, one half-word (two bytes) or one word (four bytes) into one of the registers and compare it to a value, but it is not able to work with three-byte long values.
I suppose the workaround would be to compare the value in two steps, ether[0:2] then ether[2].
Let's say I'm sending a multipart request (or response). I need to choose a multipart boundary which does not appear in any of my payloads. However, my payloads are large binary files and I am streaming them to the destination. I want to avoid streaming them twice - once to scan for the boundary and one to stream out.
So my question is: is it possible to escape the boundary if it appears in the payload? If so, how?
Don't Panic. Your boundary can be up to 70 characters long. If you go with that maximum and randomly generate it out of characters and numbers you'll have 62⁷⁰ possible combinations for each position in a file. Chance of having the same sequence of bytes in your binary files is so infinitesimal that it shouldn't bother your sleep at all 😀. The probability of collision in a 1GB file is roughly 1-((1-(1/(62^70)))^(10^9)) ~= 3.4*10⁻¹¹⁸. Human brain can't really fathom how small that number is. For comparison the number of atoms in our universe is estimated to be ~ 10⁸⁰.
No, it's not possible; you need to either scan, or live with potential failures.
I want code to render n bits with n + x bits, non-sequentially. I'd Google it but my Google-fu isn't working because I don't know the term for it.
For example, the input value in the first column (2 bits) might be encoded as any of the output values in the comma-delimited second column (4 bits) below:
0 1,2,7,9
1 3,8,12,13
2 0,4,6,11
3 5,10,14,15
My goal is to take a list of integer IDs, and transform them in a way they can still be used for persistent URLs, but that can't be iterated/enumerated sequentially, and where a client cannot determine programmatically if a URL in a search result set has been visited previously without visiting it again.
I would term this process "encoding". You'll see something similar done to permit the use of communications channels that have special symbols that are not permitted in data. Examples: uuencoding and base64 encoding.
That said, you still need to (and appear at first blush to have) ensure that there is only one correct de-code; and accept the increase in size of the output (in the case above, the output will be double the size, bit-for-bit as the input).
I think you'd be better off encrypting the number with a cheap cypher + a constant secret key stored on your server(s), adding a random character or four at the end, and a cheap checksum, and simply reject any responses that don't have a valid checksum.
<encrypt(secret)>
<integer>+<random nonsense>
</encrypt>
+
<checksum()>
<integer>+<random nonsense>
</checksum>
Then decrypt the first part (remember, cheap == fast), validate the ciphertext using the checksum, throw off the random nonsense, and use the integer you stored.
There are probably some cryptographic no-no's here, but let's face it, the cost of this algorithm being broken is a touch on the low side.
I am trying to figure out how the calculate the CRC for very simple SDLC frames.
Using an MLT I am capturing the stream and i see some simple frames being sent out like: 0x3073F9E3 and 0x3011EDE3
From my understanding the F9E3 and EDE3 are the 2 byte checksums of the 3073 and 3011 since that is all that was in that frame.
using numerous CRC calculators and calculations I have been able to get the first byte of the checksum, but not the last byte (the F9 and the ED).
Using this calculator (http://www.zorc.breitbandkatze.de/crc.html):
Select CRC-CCITT
Change Final XOR Value to: FFFF
Check Reverse Data Bytes and reverse CRC result before Final XOR
Then type the input: %30%11
Which will give the output B8ED so the last byte is the ED.
Any ideas?
You are getting the correct crc16's (F9 F8, ED B8). I don't know why your last byte is E3 in both cases. This is perhaps a clue that the packets are not being disassembled correctly.
What is CRC? And how does it help in error detection?
CRC is a non-secure hash function designed to detect accidental changes to raw computer data, and is commonly used in digital networks and storage devices such as hard disk drives.
A CRC-enabled device calculates a short, fixed-length binary sequence, known as the CRC code, for each block of data and sends or stores them both together. When a block is read or received the device repeats the calculation; if the new CRC code does not match the one calculated earlier, then the block contains a data error and the device may take corrective action such as requesting the block be sent again.
Source: Wikipedia
CRC stands for Cyclic Redundancy Check.
it helps in error detection..
It consists of the following
b(x)-> transmitted code word
q(x)-> quotient
i(x)-> information polynomial
r(x)-> remainder polynomial
g(x)-> generated polynomial
step 1: x^(n-k) * i(x)
step 2: r(x) = (x^(n-k) * i(x))%g(x)
step 3: b(x) = (x^(n-k) * i(x)) XOR with r(x)
which results in a transmitted code word.
this b(x) is send to the reciever end from the sender and if u divide the
transmitted code word i.e. b(x) with g(x) and if the remainder
i.e. r(x) is equal to 0 at the reciever end then there is no error
otherwise there is an error in the transmitted code word during the
transmission from sender to reciever.
In this way it is helpful in error detection.
Cyclic Redundancy Check is a hash function that allows you to compute an unique value given some input which is guaranteed to be always the same for the same input. If the input changes somehow from the original, a different CRC checksum will be generated. So if you have an input and a checksum you could calculate a new checksum from the input and compare both checksums. If they are the same it means that the input hasn't changed.