Re: Wireless Device Security

[Akash Malhotra <akash () me umn edu>]

Hi All,

Thanks a lot for your replies. Let me reframe my question. I am sorry for 
not making my question clear..

Here is the scenerio

 
    Wireless Link       Wireless Link

              1   2
 ---|        |--|--\                   |-----------|
 ---|        |--|--\                   |-----------|
            
 Data        Data                       Device to Store Data 
 Source      collector                 



There is data source which is very low power device. Data colletor is 
needs to collect data from *source* through wireless channel. Again *data 
collector* is also a low power device. Data collector sends data to the 
data storage unit again thru wireless channel.


Now I would like you all to comment being very low power device(data
source and data collector) what kind of security features you would like
to put in these devices.Its a point to point collection and only one data
source and one data collector will be there. The dsitance between these 
tow devices can be maximum of 1 ft. I need data accuracy and its critical 
data.


Second what kind of security feature should be implemented in data 
collector and data storage unit. Distance can be 10-15 ft.


2> what kind of communication should be there between data collector and 
data source( i.e. Normal wireless, 802.11b or any other protocol)

 Same with data collector and data storage.


Thanks a lot again,

Looking forward to hear from you all soon,

-AKash

        

On Tue, 18 Mar 2003, Joe Shaw wrote:

> On Tue, 18 Mar 2003, Akash Malhotra wrote:
>
> > Hi All,
> >
> > I have a question about security in wireless system.
> >
> > 1> Is it possible for me to have AES encryption in physical layer.
> >
> > I dont want to have any kind of security feature at the MAC layer.
>
> What form of wireless are you talking about?  I'm assuming 802.11.
> You're not going to be adding AES to the physical layer of 802.11 without
> re-writing some firmware, as the physical layer controls are hardcoded.
> The operating systems have no control over the physical layer of 802.11.
>
> Furthermore, what effect do you hope to achieve by doing so?  Deny sync to
> rogue devices?  By putting encryption at layer 1, you're going to have to
> know a shared secret in order to even talk to any other device.  You're
> going to be encrypting Sync, Start Frame Delimeter, Signal Rate, Service,
> Length, Frame Check Sequence, and PSDU along with everything else from the
> upper layers, which to me seems to be a waste.  Putting encryption and
> authenticaion at the MAC layer of the Datalink is much more advisable, as
> that is where all of 802.11's security flaws lie.
>
> > 2> Will this reduce power consumption( battery will last longer)
>
> Why would it?  You've just increased the amount of data that is going to
> be encrypted, which should increase load and power consumption in theory.
> In contrast, WEP only encrypts the payload, not the framing information.
> While WEP has it's drawbacks, mostly in algorithm and implementation, what
> data it does encrypt is satisfactory.  Replace the static WEP key with
> dynamic keys, improve the WEP algorithm, provide an authentication
> mechanism for the 802.11 control/management frames and you've effectively
> secured wireless.
>
> --
> Joseph
> I survived Enron, but I still need a job.  Hire me.