Beruflich Dokumente
Kultur Dokumente
Constraints
No human intervention
Lifetime depends order of
months to years
In summary the software must be
correct and minimal
Communication medium is RF
Contributions
Radio designers
Application Developers
Overview of 802.15.4
Security
Access Control
Message Integrity
Message Confidentiality
Replay Protection
Confidentiality
Replay Protection
802.15.4 Stack
LLC Logical Link Control
SSCS Service Specific
Convergence Sub layer
802.15.4 Protocol
64 bit Node ID
16 bit Network ID
Data
ACK (Sender explicitly requests it)
Where is security ?
Security Suites
No security NULL
AES-CTR - Encryption only, CTR Mode
AES-CBC-MAC MAC only (options of
32bit, 64bit and 128bit MACs)
AES-CCM Encryption and MAC (options
of 32bit, 64bit and 128bit MACs)
Replay protection can be turned on or
off for any of the above
Contd
Nonce
Is made up of
4 byte
1 byte
2 byte
blocks
More
on Nonce
Frame counter controlled by the hardware radio
AES-CBC-MAC
AES-CCM
Replay Counter
Frame counter
Key Counter (MSB)
Problems
Three classes
Nonce management
Key management
Integrity protection
Nonce Problems
Simple solution
Nonce Problems
Key Management
Problems
No group keying
Key Management
Problems
Integrity protection
Problems
Unauthenticated encryption
DoS on AES-CTR
Integrity protection
Problems
Take - away
Application Designers
Hardware Designers
Take - away
Specification writers
References