Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

TU 2 ESS > Security of communication protocols > Flashcards

Security of communication protocols Flashcards

1
Q

ZigBee

A
  • Communication standard for sensor wireless personal area networks
  • Topologies: star, mesh, tree
  • low cost
  • low energy
  • low bandwidth
  • Profiles: home automation, light link, green power
  • Device roles: Coordinator, Router, End Device
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

ZigBee layers

A
  • Network layer: Network setup, device dis-/connection, routing, device configuration, peer-to-peer multi hop
  • Application support layer: Provides services and addressing objects
  • Security Service Provider: Key management, generation
  • ZigBee Device Object: Device discovery, network management
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Three roles in ZigBee

A
  • Coordinator: exactly one, sets up network, scan and join processing, keeps track of devices, defines TrustCenter, always awake
  • Router: forwards packets, can include/exclude devices, can double as End Device, always awake
  • End Device: Applications runs on the device, can sleep
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

ZigBee Topologies

A
  • Star: Only coordinator and end devices
  • Tree: Routers include more routers or end devices
  • Mesh: self healing, multiple connections between routers
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

ZigBee Security

A
  • Profiles have different security specifications:
    -> Green Power for ultra low power devices
    -> Light Link for devices in vicinity
    -> Home Automation for devices in 10-100m range
  • Low energy consumption - security trade off
  • Ultra low power devices cannot receive packets, no challenge response or key agreement possible
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

ZigBee Key Hierarchy

A
  • Different profiles have different types of keys to encrypt communication
  • Only some keys are interoperable
  • Network Key is used between profiles
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Key Usage: Green Power

A
  • Green Power devices can be connected to each other (using a GP key) or to an existing ZigBee Pro Network using a Network Key
  • One type of GP key is chosen by the device: derived, pre installed, shared
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Key Types: Green Power

A
  • NWK: all devices in the ZigBee Pro are using it. It is sent to the GP device in plaintext
  • GP Key: Key for securing communication between GP devices
    -> Derived: Key is derived from the NWK and sent in plaintext
    -> Pre-installed GP key: GP devices are pre-installed by an (individual) key, every device without a pre-installed key will get this key in plaintext
    -> GP key derived from pre-installed key: Pre-installed key and MAC is used to derive an individual GP key per device, every device without a pre-installed key will get this key in plaintext
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Key Usage: Light Link

A
  • Can be connected to each other or to an existing Pro network with Light Link Network Key or NWK
  • Coordinator sends NWK to new Light Link device or another Light Link device is sending the NWK using Touch Link
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Key Types: Light Link

A
  • NWK: used for broadcast to all Light Link and ZigBee Pro devices
  • Pre-installed Link Key: Used to derive Key-Transport Key
  • Key-Transport Key: Used to transport the NWK
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Key Usage: Home Automation

A
  • If a new device joins, the NWK has to be shared, encrypted by a Key Transport Key
  • Transport Keys are derived from Link Keys
  • Link Keys can be unique per device, pre-installed or shared
  • For transporting link keys between devices, Key-Load Keys are used
  • Coordinator generates random NWK on a network startup
  • NWK is used to encrypt all communication
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Key Types: Home Automation

A
  • NWK: used for broadcasts to all devices
  • Link keys:
    -> Application/Trust Center Link Key: Used for unicast between devices (may be unique per device)
    -> Centralized/Distributed global link key: all devices have to know this key prior to joining the network
    -> Install code link key: Key derived from secret (printed) on joining device (unique)
  • Key-Transport Key: Derived from a Link Key using keyed-hash with key “0x00”
  • Key-Load Key: Derived from a Link Key using keyed-hash with key “0x02”
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Problem with pre-shared keys

A
  • When using key-exchange the pre-shared key is a single point of failure
  • Touch Link is trying to mitigate this by exchanging keys only to devices in proximity
  • If the pre-shared Link Key of any device is leaked, an attacker can listen to every key exchange
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Attack scenarios

A
  • Malicious firmware updates
    -> non-integrity protected OTA
  • Exploiting the use of default keys
  • Hardware attacks
    -> e.g. memory-protection-bit is not set (access through the chip’s external debug interface)
  • Side-channel attacks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Bluetooth Pairing and Bonding Security

A
  • Provides passive eavesdropping and MITM protection using asymmetric keys and PIN codes
  • Updates algorithms in pairing
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

TU 2 ESS (9 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions