Authenticating a device for remote motor control
I'm looking for a standard solution to the following problem. I've been unable to find how something like this is normally accomplished. Even a key word that points me in the right direction would be helpful at this point.
Imagine two devices connected to the same WiFi network:
- Device 1 - standard network host (smart phone, tablet, or computer)
- Device 2 - network host that can turn on a powerful motor (or any actuation of a dangerous real-world object).
A simple protocol exists (for example, built on top of a TCP socket), in which Device 1 sends commands to Device 2:
- Packet A: "MOTOR_ON"
- Packet B: "MOTOR_OFF"
Imagine both devices are aware of a super secret password that can be used for signing or encryption.
How is it possible to authenticate that a "MOTOR_ON" packet received by Device 2 comes from Device 1? The point is to be 100% sure that no unauthorized device can turn on the motor.
As far as I can tell (maybe I'm wrong), any authentication scheme (even TLS?) I've found so far could be defeated if an attacker simply listens on the network, notices that some packet turns on the motor, and spoofs that packet exactly (down to the MAC address). I've considered adding a value that increments with every message to the encryption, so the spoofing the "same" message doesn't work. But that seems brittle, what happens if a packet are dropped, etc.
I feel like I'm missing something obvious here.
Thank you.
