welcome l.
Skip this Video
Loading SlideShow in 5 Seconds..
Welcome PowerPoint Presentation
Download Presentation

Loading in 2 Seconds...

play fullscreen
1 / 32

Welcome - PowerPoint PPT Presentation

  • Uploaded on

If there were no errors, the receiving radio sends an acknowledgement packet (ACK) to the ... Each radio frequency packet you send over a Locus radio is encrypted, ...

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Welcome' - Kelvin_Ajay

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

ISA Wireless Communications Conference

April 15-17, 2003

Memphis, TN

“Ensuring Security in Wireless Applications”

John Callison, Regional Sales Manager

Locus, Incorporated


today s agenda
Today’s Agenda
  • Who is Locus?
  • Security--What’s the Big Deal?
  • Security Safeguards
    • Frequency Hopping Spread Spectrum (FHSS)
    • CRCs and ARQs
    • Encryption-- Where and How Makes all the Difference
    • Proprietary vs. Open Architecture
  • Security Issues With 802.11b
    • Authentication & TKIP
locus profile
Locus Profile
  • Founded in 1979 in Madison, WI
  • Privately-held
  • 35 experienced team members
  • Two product lines:
    • Industrial radios
    • Loran-C timing and navigation receivers
  • Customers include:
    • Motorola, USCG, Leica Geosystems, and AMCO Automated Systems
why is locus qualified to talk about wireless security
Why is Locus Qualified to Talk About Wireless Security?
  • Locus has been designing and supporting secure wireless networks for 25 years
  • Security is of utmost importance to our customers which span military, governmental, municipal and industrial sectors
  • We engineer our own products, own our code, and create our own architecture
security what s the big deal
Security. What’s the Big Deal?
  • Depending on your industry, security may or may not be an obvious issue
  • Regardless, giving unauthorized people access to your data is risky
  • Access means a person cannot only see your data, they can change your data and share your data!
wireless security safeguards
Wireless Security Safeguards
  • Frequency Hopping Spread Spectrum Technology (FHSS)
  • CRCs and ARQs
  • Encryption at the firmware level
  • Proprietary, non-open architecture
frequency hopping spread spectrum basics fhss
Frequency Hopping Spread Spectrum, Basics (FHSS)
  • A transmitted signal is spread over a wide frequency band
  • What is sent over the air is intentionally “different” from actual data
  • The benefits of spreading the signal are:
    • signal is immune to unwanted noise/interference
    • signal is immune to snooping/access
fhss continued
FHSS, continued...
  • Locus radios signals “hop” among 79 frequencies in the 2.4ghz band in a predetermined, apparently random pattern unique to that network
  • Spread Spectrum is different from Direct Sequence which continuously spreads data over a wide portion of the frequency band instead of hopping
fhss continued10
FHSS, continued...
  • Each radio network utilizes its own frequency hopping pattern
fhss continued11
FHSS, continued...
  • Only radios in that network can detect and communicate with other radios in that network
  • A radio from another network would have a different hopping pattern
  • A different brand of radio may or may not utilize FHSS at all, but if it did, its hopping sequence would also be different from a Locus radio network
fhss continued12
FHSS, continued...
  • Frequency hopping is less vulnerable to interference, because the frequency is always shifting
  • It is very difficult to intercept a frequency hopping communication; one must jam the whole band to attack
cyclic redundancy checks crcs automatic resend queries arqs
Cyclic Redundancy Checks (CRCs) & Automatic Resend Queries (ARQs)
  • Security means more than knowing someone else isn’t seeing your data
  • It means knowing your ARE seeing your data!
  • Locus uses CRCs and ARQs to make sure you are receving error-free data
what s a cyclic redundancy check
What’s a Cyclic Redundancy Check?
  • A Cyclic Redundancy Check (CRC) is an industry standard method of ensuring data integrity
  • To ensure that a message made it to the destination intact, the most straightforward method would be to check it “word for word” or “bit for bit” to make sure that it is what it should be
  • But that would mean sending the message at least twice so that two messages could be compared with each other to make sure that they agree!
crcs continued
CRCs, continued...
  • So, as not to waste that bandwidth, a shorter representation of the message is tacked on the end, called the CRC
  • Since the CRC is shorter than the actual message, it isn’t a perfect “bit for bit” check of integrity, and the longer the CRC, the better its ability to flag an error in the message
  • Common CRC lengths range from 8 bits to 32 bits
  • The 32-bit CRC that Locus uses, in conjunction with the rest of the correlation mechanisms in the radio, ensure that packets passed to the user contain accurate data only
what s an automatic resend query
What’s an Automatic Resend Query?
  • An Automatic Resend Query (ARQ) is a method of “asking” that a packet be re-sent from one radio to another if the packet arrived with an error originally
  • Locus radios use a common communications method between radios to have packets resent if they are received in error, and the sending radio transmits the packet over the air
  • The receiving radio checks the CRC to make sure it received the packet without errors
arqs continued
ARQs, continued...
  • If there were no errors, the receiving radio sends an acknowledgement packet (ACK) to the sender indicating that the message was received intact
  • If the sender does not receive the ACK, it resends the message (up to a specified amount of time) until it does receive the ACK
crcs arqs in summary
CRCs & ARQs in Summary
  • Your data travels in packets, which like trains, have engines and cabooses (starts and stops)
  • Radios are looking for those starts and stops in CRCs
  • If an error is detected, the radio will issue an ARQ which says, “Send that one again!”
  • This all happens transparently,


encryption what is it
Encryption. What is it?
  • Essentially, encryption is disguising your data
  • “Keys” are used to mask your data
  • The encryption used today is known as ARC4 with 128 bit key
  • In addition, Locus implements an algorithm in its encryption which significantly distances the key from the encrypted data
encryption continued
Encryption, continued...
  • Each radio frequency packet you send over a Locus radio is encrypted, and the encryption happens INSIDE THE RADIO
  • This means that no un-encrypted data passes over the air
  • Since the encryption happens INSIDE THE RADIO, it is impossible to intercept the data stream
encryption continued21
Encryption, continued...
  • The data can only be deciphered by the receiving Locus radio
  • Locus radios also discard improperly encrypted data (possibly foreign or introduced) so it is virtually impossible for someone to (intentionally or accidentally) add data to the Locus data stream
proprietary architecture
Proprietary Architecture
  • Locus radios do not conform to open standards, they are designed only to talk with one another
  • Third-party radios cannot circumvent Locus security, nor can freeware programs such as AirSnort because they have different architecture
  • No other radio uses the same architecture that Locus does
in summary
In Summary…
  • In order for Locus radio data to be accessed
    • The radios must be Locus radios
    • The radios must be on the same Locus radio network
    • The radios must be on the identical frequency hopping channel
    • Both must have the same encryption key
    • Both must have Locus’ proprietary architecture
802 11b
  • Wireless devices such as 802.11b (Wi-Fi radios) are intended for consumer and office applications, not harsh industrial settings
  • They are specifically designed to meet open standards and are intended to be easily interfaced to other similar devices
  • What makes 802.11b radios “open” also makes them vulnerable and less secure
increasing 802 11b security
Increasing 802.11b Security

802.1x Authentication

TKIP Encryption

  • Authentication is the process by which 2 radios link to each other
  • “Open System” and “Shared Key” are the common authentication schemes in 802.11b
  • In both, the Access Point validates that the client (PC) is allowed to communicate with it
  • “Open System” uses no encryption
  • “Shared Key” does request that the client returns a message that has been encrypted and verifies that it matches its own before granting access...
authentication continued
Authentication, continued...

…however, it is easily possible for an unwanted user to pretend to be an Access Point and grant access to it, without having any key at all. The “rogue” Access Point can then begin listening to the encrypted data of the client and work on cracking the encryption key.

authentication continued28
Authentication, continued...

Locus prevents unwanted authentication in that both of the radios that form a link must share the same encryption key BEFORE the link is established.

If both radios do not have PRIOR knowledge of the key, the radios will not link and the encrypted data does not pass.

standard 802 11 b encryption
Standard 802.11 b Encryption
  • Off-the-shelf 802.11b encryption is flawed in that it is possible to inspect encrypted data, then work your way back to the key that generated it.
what is tkip encryption
What is TKIP Encryption?
  • Temporal Key Integrity Protocol
  • distances the encryption key from the actual data by performing several alogorithms to the key before generating the encrypted data
  • performs dynamic key management (changes the temporal keys frequently)
  • performs message integrity checks to prevent forgery and replay
in summary31
In Summary

Wireless is made secure through:

  • Inherent security within Frequency Hopping Spread Spectrum (FHSS) technology
  • CRCs and ARQs
  • Varations of encryption & authentication
  • Proprietary or non-open architectures
thank you
Thank You!

Any Questions?

John Callison, Regional Sales Manager