freematics-traccar-encrypted

May 24, 2024 · 1 min read
project

freematics-traccar-encrypted (forked from the original project, now deleted from GitHub) is a custom firmware extension and intermediary proxy designed to secure telematics transmission between Freematics hardware trackers (such as Freematics ONE+) and a Traccar GPS server.

By default, Freematics devices stream vehicle telemetry and GPS data over unencrypted UDP channels because resource-constrained microcontrollers cannot handle the overhead of full TLS handshakes. This project resolves that gap by introducing a lightweight cryptography layer directly onto the device firmware and terminating it via a custom decryption proxy.

Architecture & Mechanics

  • Firmware Encryption: Extends the Freematics telelogger sketch with a fast, hardware-friendly symmetric encryption algorithm (ChaCha stream cipher) to secure UDP payloads before transmission.
  • Decryption Proxy: A lightweight intermediary service, written in Go, that listens for encrypted telematics packets from the tracker, validates payload integrity, decrypts the contents, and forwards standard unencrypted telematics records to the Traccar backend.
  • Tamper Prevention: Protects location coordinates, speed, and OBD-II vehicle diagnostic data against passive eavesdropping and man-in-the-middle spoofing vectors.
Florian Stosse
Authors
Cybersecurity engineer
Cybersecurity engineer at the European Space Agency, specializing in space systems security, embedded platform hardening, and software security defenses.