So encryption isn't allowed, but is there any way to authenticate information sent over packet radio? Open communication has plenty of uses, but some of those can be spoiled by bad actors impersonating others.
> So encryption isn't allowed, but is there any way to authenticate information sent over packet radio? Open communication has plenty of uses, but some of those can be spoiled by bad actors impersonating others.
You are not allowed to encrypt data on ham bands (this seems to happen Worldwide, it is also true here in Brazil), but there is no restriction on use of cryptographic primitives for authentication. But some countries (France, AFAIK) also require the protocol specs to be openly available, what should not be a problem in this field.
Digital signatures are Ok as long as the content of the message is not hidden (i.e. all listeners can receive and decode the information) and the transmission is identified (as usual in ham).
There's no problem in principle with using public key cryptography to sign messages sent by ham radio. So authentication is possible although it's not common in practice. It's encrypting the content of messages that's not permitted.
Legally speaking, it's "messages encoded for the purpose of obscuring their meaning" [0] that's illegal, which is fraught with conflicting interpretations and loopholes.
Cryptography is not categorically illegal on the ham bands, and in the case of satellite/remote operation, it's encouraged (possibly required?) that you have some secure mechanism of controlling your radio.
In the general case, there is nothing illegal about sending a PGP-signed email over Winlink, for example. But the message itself must be in the clear. It's just about the fear of foreign spies obfuscating their messages and Red Scare fearmongering.
Of course, in a world with Tor and $30 TracFones with unlimited data, this concern is totally ridiculous. But it is what it is, for now.
Edit: I found this article on authentication that supposedly is fine, but I'm not licensed so I don't know how valid it is. https://rietta.com/blog/2009/08/17/authentication-without-en...