[EAS] Next Generation

Ed Czarnecki ed.czarnecki at monroe-electronics.com
Thu Nov 13 14:30:14 CST 2014 

This would be a machine-to-machine transaction.  Most sites are unattended
anyway.

There are two concepts floating here - authenticity and non-repudiation

Authenticity is about one party (say, IPAWS) interacting with another (EAS
Particular) to convince Participant that some data really comes from IPAWS.
They do that today with digital sigs in their CAP messages.  There are other
layers for alert originators interacting with IPAWS as well.   

For FSK messages, adding authenticity could mean adding a mechanism to
convince either PEPs that alert data is really from IPAWS, or to convince
all consumers of the FSK tones that the alert really comes from IPAWS.
Authenticity can be achieved via a message authentication code, just like
this red-card idea, whether embedded in an IP transaction between EAS units
and a trusted IPAWS server ... 

OR could be achieved if that message authentication code was added as an
additional FSK parameter in an test message coming from FEMA - say an NPT
with an additional FSK data burst containing the mac.  Wouldn't that be an
interesting value added to periodic national testing?  Of course, since the
mac is FSK, it migh have to be recycled more often than an IP authenticator
(since folks could here it over the air).

Non-repudiation is about one party (again IPAWS) showing to another (say the
PEP) a proof that the alert data really comes from IPAWS.  And that same
assurance can be used with others downstream interacting with the PEP
(monitoring assignments), such that all the downstream relays trust the
validity of the message.  This also could be accomplished via digital
signatures or even shorter hash, again potentially served via IP or FSK. 

Authenticity and non-repudiation are about solving "trust" problems.  Events
like Bobby Bones have challenged the nation that stations can automatically
"trust" the EAS they are receiving.  Adding digital measures to rebuild that
trust (in the technical sense) are essential.

Sean Donelan is probably going to slice me apart here, but I'm trying to
boil this down ...

-----Original Message-----
From: eas-bounces at radiolists.net [mailto:eas-bounces at radiolists.net] On
Behalf Of Kelly D. Alford

But what if there is nobody at the station to open the cypher-coded-FTP'ed
"red envelope"?  The one remaining station employee would show up on Monday
at 9:00AM to find the envelope waiting?  Hmmm....

Kelly D. Alford

More information about the EAS mailing list