This is an old revision of the document!
OpenBeacon packets are encrypted using a private symmetric key using the XXTEA algorithm.
As the key is the same for every participant of the camp it must kept secret inside the firmware. This creates the need to protect the flash memory of the main micro controller from being read by an attacker. It will therefore be read protected.
The public firmware does not contain the secret key residing in your badge. If you compile your own firmware and flash it onto the controller you will loose this key. This has the following implications for you:
The Vcard transfer is based on asymmetric cryptography using elliptic curve cryptography(ECC). We are using the ECC code published in Phrack Nr. 63(see http://www.phrack.org/issues.html?issue=63&id=3#article )
As every badge has its own pair of private/public key these keys can be read and changed by you. They reside as a pair of files on the file system. When you want to receive a VCard from another badge your public key will be broadcast. After you have confirmation that the other badge has received the correct key the VCard can be sent to you.