ChatterBox Security

Unpredictable Frequency Hopping

Your cluster automatically changes (in unison) its central frequency every minute or so. The schedule is unpredictable to anyone or any device that does not have the cluster’s symmetric keys. The fact that its based on symmetric keys also guarantees that no two clusters or channels will have the same schedule, so it drastically reduces the chance of accidental inferference.

If a device is trying to sniff/record RF traffic, the device will have to record multiple (currently 64) frequencies simultaneously to try to make sense of the cluster’s traffic.

Additionally, when two devices begin to exchange packets directly, they use a different unpredictable frequency schedule, based around their asymmetric keys, while the rest of the cluster remains unaware of the activity or schedule of those devices in the exchange.

Encryption

The US version of ChatterBox uses strong encryption. It uses both symmetric and asymmetric encryption, depending on the situation. Encryption is certainly not the only layer of security in ChatterBox or any system, but it is extremely important.

By design, ChatterBox stores data for only as long as necessary, and preferably only in memory (usually encrypted there too). All types of data that have been deemed ‘possibly sensitive’ are encrypted at rest, during transmission, and typically even while in RAM, believe it or not.

Your password is never stored, and is not recoverable if you forget it. When you enter your password, ChatterBox attempts to decrypt a few things with it to determine if it was the valid password or not, and then immediately forgets the cleartext password you typed.

Encryption Algorithms

ChatterBox uses elliptic curve for generating keypairs and dealing with digital signatures. For performing block encryption activities, ChatterBox has a pluggable encryption algorithm architecture (capable of utilizing hardware encryption modules).

In the current publicly available release of ChatterBox, ChaCha-based encryption algorithms are utilized.

Encryption at Rest

At rest, data is stored in non-removable FRAM, a micro SD card, or flash depending on the model.

  • Any data deemed possibly sensitive is stored asymmetrically encrypted at rest using your password, or using a device-generated one if you don’t set a password.

  • Mesh-related payload data is always asymmetrically encrypted. If your device is holding mesh packets on behalf of another sender or recipient, it is already encrypted (and stored that way) and even your device is unable to decrypt that.

  • Portions of the data that are deemed not sensitive are often utilized for indexing/quick searches, including things like cluster ID, device ID, public keys, numeric device addresses are usually not encrypted.

Encryption Keys

ECC public/private keypair is automatically generated randomly when you factory reset (or enter a blank SD card, if the device supports it), using a hardware-based random number generator.

  • When the device is initialized, it also creates a new cluster, including two symmetric keys that are utilized by all devices in a cluster

  • Private key and symmetric keys are stored encrypted (using your password or a unique device hash if you don’t set a password)

  • Public key is shared as necessary to other devices in the cluster

  • Root device only shares symmetric key via encrypted LoRa transmission during once-per-device “onboard’ process.

Symmetric Encryption

Symmetric generally means “the same”, and it’s no different with encryption. With symmetric encryption, a single key/phrase is used to both encrypt and decrypt some data. Sometimes people call these keys “shared secrets” or passwords.

Each ChatterBox cluster has two symmetric keys that all devices in the cluster know. Symmetric encryption is used for:

  • Encrypting data on your device, using your password

  • Messages you broadcast to all devices in range, not intended for a specific recipient

  • Pings that announce a device is around, which may include data about connectivity of other devices in the cluster

  • Location coordinates (if you have location sharing enabled)

  • Choosing frequencies to hop to at certain intervals

Asymmetric Encryption

Asymmetric generally means “not the same.” So as you might expect, for encryption, this means one key is used to encrypt a chunk of data and a different key is used to decrypt the same chunk of data.

ChatterBox prefers asymmetric encryption in all cases possible. Specifically, asymmetric encryption is used for:

  • Messages sent to a specific recipient in the cluster

  • Selecting the next frequency to hop to for each packet when interaction between two ChatterBox devices is happening

  • When onboarding, after the root device and soon-to-be onboarded device exchange public keys, asymmetric encryption is utilized for the remaining packets exchanged for onboarding (including transmission of cluster symmetric keys)