[CQ-Contest] Unauthorized Posts on DX Cluster are NOT KY1V

Fabian Kurz mail at fkurz.net
Tue Apr 26 08:52:34 PDT 2011


On Tue, Apr 26, 2011 at 07:55:14AM -0500, Joe wrote:
> It would be nice but how?

The only way that's not bound to fail would need to be backwards
compatible. There are too many open nodes in the cluster networks and
it is not realistic that all of them will ever agree on a standard
that provides basic authentification. Just in the contrary, some of
the major web-clusters seem to be pretty indifferent even to large
scale abuse, for many years already.

A backwards compatible solution would be adding a digital signature to
each spot, in the comment-field. A spot would then look like this:

DX de DJ1YFK:  14025.0  AD5UR  599         #3ad6775562f845953#    0000z

The signature is generated on the spotter side by a cryptographic
function from the spot data and a secret key. It can be verified by
anyone who knows the public key of the spotter. Public keys could
easily be distributed by key servers. 

Everyone can create his own public and secret keys and upload the
public key to key servers. Like with PGP, other users may sign a
user's public key with their own key in order to establish a "web of
trust". [see http://en.wikipedia.org/wiki/Web_of_trust ]

A DX cluster node could then be configured only to accept spots that
are signed, or signed and verified by a significant number of others,
or a particular person you trust.
Naturally, all the filtering could also be done on the client side to
the same effect, so nodes which are unaware of the signing stuff are
not affected.

Pros of such a signing mechanism:

1) Fully compatible with the current DX cluster, no changes _needed_
   in the infrastructure or servers, but new functions _can_ be
   implemented.
2) Everyone can generate his own keys (and let a friend sign them).
   The user at the receiving end decides which level of trust he
   choses as his filter. There is not ONE authority which controls
   everything. 
3) The key servers can be freely duplicated (no single point of
   failure, decentral layout).

Cons:

1) Software on the client-side needs to be modified in order to
   support signing (but libraries exist which make this a relatively
   easy job) and verifying signatures.
2) The available space in the DX spot comment is limited. The shorter
   the keys/signatures, the less secure the system is.
3) It still doesn't prevent someone from making unsigned spots with a
   different callsign. (But smart nodes could reject unsigned spots
   from spotters that have a public key in the databases.)

This is an idea that just came to my mind, and there are probably even
more flaws in it. I know from LotW that many people are not very fond
of all the trouble with certificates and such stuff, but in the case
of the DX cluster it would be optional and a lot easier than with
LotW, because the security requirements could be a few dB lower...

73,
-- 
Fabian Kurz, DJ1YFK          web: http://fkurz.net/            .---.
Markgrafenstr. 63                                             |  |  |
81827 Munich, Germany        Learn Morse Code Online:         | /|\ |
phone: +49 176 24079617      http://lcwo.net/                  `---'


More information about the CQ-Contest mailing list