1 / 12

Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs)

Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [ Adding the Freshness on the Control Message Packet ] Date Submitted: [May 8, 2002] Source: [Liang Li, Xin Wang and YunNeng Yuan] Company [Helicomm]

zorita-levine
Télécharger la présentation

Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [ Adding the Freshness on the Control Message Packet ] Date Submitted: [May 8, 2002] Source: [Liang Li, Xin Wang and YunNeng Yuan] Company [Helicomm] Address [1947 Camino Vida Roble,Suite 109, CA92008] Voice:[(760) 918-0856], FAX: [(760) 918-0833], E-Mail:[liang.li@helicomm.com] Re: [] Abstract: [This presentation gives an proposal of security architecture issues for the 802.15.4 draft standard.] Purpose: [To familiarize the working group with the security architecture.] Notice: This document has been prepared to assist the IEEE P802.15. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. Release: The contributor acknowledges and accepts that this contribution becomes the property of IEEE and may be made publicly available by P802.15.

  2. Adding the Freshness on the Control Message Packe

  3. Agenda • The Possible Attacking mode to the 802.15.4 Security • A Proposal for the 802.15.4 Security: Freshness • Add time info to the Packet Data • Conclusion

  4. The Possible Attacking Modes Based on the Experience and Reports of 802.11b, the following attacking modes may be used for the 802.15.4 WPAN • Attacking the weakness of Encryption Algorithm • The liner character of CRC-32 ICV is used to modify the eavesdropped text without breaking the ICV code • As the absent of the Freshness on the 802.11 data packet, the attacker could resend the eavesdropped text and false AP to decrypt this text.

  5. A proposal for the 802.15.4 security • Encryption Algorithms being used for the 802.15.4 network. • Add the Freshness on the 802.15.4 packet.

  6. Add a time tag to 802.15.4 packet • The Initial Vector (IV) is also generated and used. But it does not include in the packet. • The IV is used to carry the time information of the packet.

  7. Modified Encryption

  8. How to Define the Tiem Info • The Time Information includes the FrameID and TimeUnitID • FrameID is broadcasted in the BEACON Frame. • Each frame is separated to an amount of Time Units, and also indicated as with the TimeUnitID.

  9. Detail 1 • Every Device which want to send data should track the BEACON and calculate the TimeUnitID of the frame being sent. • The FrameID and TimeUnitID are coded with a Transform Algorithm. • The relation of two adjacent time units are broken with the Transform Algorithm.

  10. Detail 2 • TimeUnit <= the short data packet (HandShake 0.256 ms) • The complexity of the time-encreption should limited In general, it < the minimum backoff period (2*macBaseSlotDuration 1.25ms)

  11. Authentication and Access Control • The network coordinator will master the procedure of Authentication and Access Control. • When network startup, it will cost bandwidth to complete the Authentication. • The Receiver should calculate the IV based on the TimeUnitID and FrameID of receiving point. So , the Authentication is protected by the “Freshness”. • The time information is used to decrypt. • The related manage frames also are protected with Freshness Algorithm in order to avoid the attacking.

  12. Conclusion • It is very important for wireless network to verify the freshness of the data. • The user’s data are protected with Encrypt and Freshness Check. • Authentication and Access Control will only allow the legal user to join in the network.

More Related