Access control mechanism for repeaters

We have discussed it in the irc a bit but, it is nice to have it here. Open for everybody’s comments.
-First, repeaters must have their own private key. Which is only known by repeater owner, maybe even less.(just repeater itself, if we find a secure way to distribute personal keys)
-Repeater owner or repeater itself should generate personal keys for each callsign using a hash function. ie. sha(callsign+repeater_key)
-Radio’s should include this personal keys in their air data packets using another hash function. sha(data_itself+personal_key+session_id/date/time etc.)

-Repaters do not have to keep userid/key pair. Just a banned list is enough.
-Users can be added without programming repeater.
-Callsign theft is prevented.
-When session id in the hash function is used, injection attacks are prevented.
-When time/date used, replay attacks are prevented.
-Further, repeater sourced session id will solve both problems.

-Real time hash calculation for each packet is required.
-If some of users share their own key accidentally and insist on using exactly same callsign, repeater key must be changed. So, all users have to update their keys.

Bruce Perens HT of the Future - New Design was using a A71CH chip for various security items, as suggested in this link