Re: [HAM-AG] [IPv6] Request for feedback: draft-evan-amateur-radio-ipv6

[Alexandre Petrescu <alexandre.petrescu@gmail.com>]

Le 15/02/2023 à 20:58, Donald Eastlake a écrit :
> Hi,
> 
> On Wed, Feb 15, 2023 at 5:10 AM Alexandre Petrescu 
> <alexandre.petrescu@gmail.com> wrote:
>> 
>> Hi, Evan,
>> 
>> Thank you for this message.
>> 
>> I reply because I just applied for a listener identifier 
>> (F-something). Maybe one day I could find an use in converting it 
>> to an IPv6 address, without involving too many computers.
>> 
>> I have read the draft.  It says to use SHA-256 and compute a 64bit 
>> IID.
>> 
>> ...
>> 
>> - optionally use something else than SHA-256, maybe something that 
>> can be quantum-resistant (an algo implemented on classical 
>> computers that can resist attacks potentially using quantum 
>> computers).
> 
> I'm not sure the hash even needs to be cryptographic. The desirable 
> properties are (1) that it changes the call sign to a fixed length or
> at least relatively short bounded length and (2) that it has good 
> dispersion so collisions are not substantially more likely than if 
> the hashes were random.

I think I understand, and I agree.

> Given that stations are required to periodically broadcast their
> call sign in the clear, what would it matter if the hash was
> relatively easy to invert?

Well, it makes sense.

It depends how the usage is.  You propose a way of seeing its usage, in
which the station broadcasts the callsign in clear.  A callsign is
probably used widely that way.  I dont know.  I just know that people
call in ham radio something like 'CQ-something' where 'CQ' means
'seekyou' that 'something' is covering many callsigns, e.g. all
callsigns in a country.  A sort of IP broadcast messages to all
addresses in a group.  But I dont know whether ham radio users are
requested to perform periodic broadcast like routers do RAs in IPv6.

It might be that one might need to show some proof of owning that
callsign, or not - I dont know that much about ham radio.

If that ownership demonstration is not necessary, then a SHA-256 might
not be necessary either.  It is sufficient to make a public 1-to-1 table
between callsigns and Interface IDs.  This could lead to the advantage
of readable Interface IDs.  E.g. for callsign VA3ZZA it would correspond
1-to-1 to IID 'ABBA', just like that, out of the blue, because it is
easily readable.

Additionally: I think about _listening_ idenfitiers, which are like
callsigns: a callsign is not a _call_sign but an identifier; sorry I
dont have a better translation from French.  This identifier is only
used for listening.  Such a listening identifier is mandatory in some
places, including where I live; such listening identifiers are probably
not mandatory in USA.  Where I live one is not allowed to emit if one
uses such a listening identifier (what one might name wrongly a
_call_sign).  But if one listens, then one must use such an listening
identifier recorded in some database.  It is like a callsign but it is
not a callsign, because one can not be called by it, because one can not
answer.  My such listening identifier (similar to callsign) that I
obtained today is F-88888 where 88888 is false, but in reality there are
5 decimal digits there.  I am not sure whether I want or not to tell my
id publicly, because I just received it, for free.

If I want to tell somebody that I heard her, then I must send her a
postcard ('QSL' or something like that).  It is like in UDLR
(uni-directionaly links) in uni-dir satcom, or like in very very
asymmetrical links for IP.

In that sense, such a listening identifier could not be broadcast
periodically by the station, because one would not be allowed to emit.
So it could be more subject to the ownership demonstration necessity,
and hence more subject to applying stronger crypto.

Or maybe callsigns and listening identifiers have nothing to do with 
each other.

Alex

> 
> Thanks, Donald =============================== Donald E. Eastlake
> 3rd +1-508-333-2270 (cell) 2386 Panoramic Circle, Apopka, FL 32703
> USA d3e3e3@gmail.com