Introduce measures and future development of wireless security systems against external attacks
2024-08-11 09:03:02
As the need for wireless deployment security increases, wireless systems that require secure authentication also require a higher level of security. Whether the application is a security system (eg, keyboard, wireless sensor or access control), a car's remote keyless entry (RKE) system, or an authentication system, today's wireless systems are becoming more complex. Since it is a consumer product, it must be kept at the lowest possible cost while still providing an adequate level of security. This requires a trade-off between cost and performance. Still, good designs can still achieve good results with relatively limited resources.
The level of security in the wireless domain is closely related to the importance of the information being transmitted. For example, a wireless doorbell or computer mouse may have no security issues, and a car's keyless entry application requires a high level of security. Unlike consumer security systems, which have relatively limited processing power, desktop computers have greater processing power and prices are declining. As a result, wireless security systems with limited security levels are more vulnerable to external attacks, often including code theft and brute force attacks.
To help protect the information contained in the RF message, the encryption algorithm is first used to disrupt the message. Encryption is the process of using an algorithm (password) to convert information (plaintext) so that it is unreadable (ciphertext) to someone other than having special information (such as encryption keys and/or encryption algorithms). Only those who have the same encryption algorithm and encryption key can successfully crack or interpret ciphertext messages. Unfortunately, just messing up the message is not enough. Because even if the message can't be cracked, the criminals can still use it to enter the vehicle. In order to prevent this from happening, the encrypted message must also be changed each time it is sent. This message change mode is sometimes referred to as a "hop code" or "roll code" mode, which prevents multiplexing of previously sent messages. Microchip Technology's patented KEELOQ code hopping security solution is an example of the well-known code hopping mode.
KEELOQ code hopping technology uses powerful encryption algorithms to achieve always changing messages.
Drivers: Why do you need stronger security algorithms?
So why do you constantly need stronger security algorithms? Experts in academia, encryption technology, and individuals who illegally use intent to crack algorithms are constantly reviewing security algorithms to find their weaknesses. One way is to try all possible bit combinations to determine the password or encryption key. This method is called a "brute force attack." The more possible combinations, the longer it takes to guess the correct value. As the computing power and speed of the computer increase, multiple brute force attack calculations can be performed simultaneously in a short period of time. Attacks that take a few months to complete ten years ago use the current technology in just a few days. Obtaining a password and key allows the hacker to see the actual command information stored in the encrypted message. After cracking or interpreting the encrypted message, the hacker can easily and quickly determine which information changes between the various control messages can be accepted and understood by the recipient as valid commands.
Security Algorithms: Proprietary and public security systems currently have a variety of security algorithms to choose from, both proprietary and public. This means that the actual calculation method used by the algorithm can be either publicly known or not. In the security field, there are two schools that represent proprietary and public algorithms. As long as the security algorithm is thoroughly reviewed by subject matter experts who are very familiar with current various attack methods, it is not important to choose which algorithm to use. However, there are still many people who believe that public safety algorithms are generally better because they have been reviewed by more attackers who may sometimes use new and innovative cryptanalysis methods to crack the algorithm.
In general, the cracking algorithm means reducing the number of combinations required to guess a password called a "key." For example, the Data Encryption Standard (DES) uses a 56-bit encryption key and converts it to 2^56 or 72,056,594,037,927,936 possible combinations, and the number of possible combinations has been reduced to 2^39 or 549,755,813,888 by the cracking algorithm. With current field-programmable gate array (FPGA) or PC processing capabilities, keys can be easily calculated in a matter of days.
This leads to the general rule that the more bits in the encryption key of the security algorithm, the stronger the algorithm. For example, the Advanced Encryption Standard (AES) algorithm can use a 128 or 256-bit key, which is considered a stronger solution in both. However, care must be taken when relying solely on the number of bits of the encryption key or the size of the encrypted data block, as there are many cryptanalysis attack methods that can detect any weakness in the way the key is actually mixed with the original algorithm calculations. Industry experts and hackers have carefully reviewed the AES algorithm by using various attack methods that are today recognized as standard in many security applications.
Choosing a Security Solution <br> So why not simply choose the strongest algorithm currently available (for example, AES with a 256-bit encryption key) for your next wireless system design? Unfortunately, security is not free. The stronger the algorithm, the more complex the calculations. The greater the software memory requirements required to support the algorithm, the more expensive the microcontroller is usually needed. All of this adds to the total cost of the security solution and its complexity. We also need to remember that while keeping the solution simple and easy to use for the ultimate consumer who actually purchased the system, we still need to provide a good enough level of protection to prevent illegal use. Stronger algorithms usually need to transmit longer encrypted messages. When sending wireless packets over the air, it will increase the delay time and increase power consumption, because the wireless packets take more time to send. Sending longer data is not always a good thing, which can have a negative impact on the site's on-site acceptance.
Advanced microcontrollers are more affordable <br> Today's embedded microcontrollers are not only more integrated, perform better, and cost less. These cost-effective microcontrollers support solutions that could only be implemented through an application-specific integrated circuit (ASIC) a decade ago. These microcontrollers support more advanced security encryption algorithms and require less development time. Today's microcontrollers also include an on-chip oscillator and other integrated features that help reduce component count and therefore the total cost of the wireless solution. Microcontrollers make it easier to develop wireless products while providing a high level of security by using software modules written in high-level languages ​​such as C that support most encryption algorithms. This significantly simplifies the development of security wireless applications and can be adapted to the ever-changing consumer market.
Low-Power Design <br> Another important design improvement in the embedded microcontroller industry that helps wireless design focuses on reducing power consumption. For example, reduce the amount of power required by a microcontroller to execute application code or be in an inactive low-power sleep state. For example, Microchip PIC microcontrollers (MCUs) with ultra-low power (XLP) technology can sleep as low as 20 nA. These new low-power devices help system-level designers create smaller, more compact portables. Handheld devices that allow you to run for longer periods of time with smaller batteries.
Integrated RF Solutions <br> The general preference for integrated RF transmitters, receivers or transceivers is a significant industry advancement that drives products for a short time to market today. These integrated devices integrate most of the RF circuitry required into a single silicon device, reducing the complexity of the RF design. These next-generation RF integrated circuit (IC) devices require only a few basic external components to fully implement high-performance RF wireless applications. In addition, these devices usually have an SPI interface that can be easily connected to a microcontroller. The microcontroller configures the wireless RF with appropriate settings and sends/receives the actual demodulated data packets.
There are many factors that influence the design factors of a wireless solution that affect the final design of a wireless solution. Below are some of the factors that must be evaluated and understood when designing low-cost mobile wireless products.
Design Complexity <br> Combining all of these technologies—advanced embedded microcontrollers, integrated RF devices, and advanced security encryption algorithms—designers can easily develop a complete secure wireless solution with the right level of security. The use of highly integrated microcontrollers and integrated RFIC devices also helps to significantly reduce the cost and complexity of today's wireless solutions because integration simplifies the process and reduces the number of components required on a printed circuit board.
The cost of the solution <br> Sometimes choosing the right level of security can be a daunting task. More complicated, however, is that the chosen security level is not always the strongest solution available. As mentioned above, designers must fully understand what they are trying to protect and then decide which security solution to use, which will in many ways affect costs. A microcontroller-based solution is more flexible than an ASIC-based solution. If some changes are needed, the designer can simply implement the software that runs on the microcontroller. The flexibility is also reflected in the fact that the same hardware design requires only minor changes to the code to support regulations in multiple countries. By simply changing the software, designers can configure wireless RF chips for other areas. By using other encryption libraries, designers can easily provide end users with additional security options.
Easy to use <br> The most common mistake in designing a security solution is to make the design too complicated. The best way to design a security solution is to keep it simple and user friendly. If it is too complicated or troublesome, this may have a negative impact on consumers. The basic tenet of designing a wireless system is to make the user feel more convenient to operate directly than the controlled application. If the key in the exit pocket is more convenient to drive the door than to directly press the button on the key fob, it completely deviates from the design goal.
Another good reason to keep the security system simple is that the more complex it is, the harder it is to test all possible combinations that are considered weak points. The fewer tests you do, the higher your chances of not fully determining all the weak points in the system. Unfortunately, even if you are using the strongest security algorithms available today, the security strength is only the same as the weakest link in the system. For example, in a vehicle alarm system, if only a strong security algorithm is used to encrypt the lock and unlock messages, but the messages are not changed every time the transmission is made, or if there is not enough information changed, the thief can easily capture and replay the messages. In this case, they can still enter the vehicle without knowing the algorithm or key you are using.
Physical Size <br> Typically, the RKE unit is powered by a small CR2032 coin cell battery. These button batteries only have a power of approximately 200 ~ 240 mAh. In general, it is expected that the device will last for three to five years under moderate daily use. Therefore, devices used in such designs, such as the XLP PIC microcontroller, are critical. In addition, at the time of design, there is a limit to the physical size of the moving parts (and many times even the main control parts). For example, the transmitter circuit must be able to fit into a small key fob that has a predetermined shape and shape. Given the relatively low frequency of these circuits, placing the antenna in such a small space can be a design challenge.
Choosing RF bands, data modulation schemes, and performance <br> The frequency of use depends primarily on the application and regulations. For example, in the United States, the Industrial, Scientific, and Medical (ISM) band is 315 MHz and 915 MHz. In Europe, the ISM band is 433 MHz and 868 MHz. There are also requirements related to the coverage distance of wireless links. Typical RKE applications require at least 20 meters and sometimes maximum distance requirements. For example, in Japan, due to stricter RF regulations, the maximum coverage is only 5 meters (this is true). One of the most common misunderstandings is the question of "What is the maximum range that the sender can provide?" When evaluating coverage, designers should keep in mind that transmitters and receivers are equally important. A good antenna design can significantly increase the ability to receive from weak transmitters.
RF modulation schemes and data rates also have a large impact on the reliability of wireless links. FM radio links typically produce less noise. However, this technology will increase costs. More advanced wireless links also increase the cost of moving parts and fixed parts (ie, receivers). However, with the development of integrated RF transmitters and receivers today, these devices tend to be in the same price range as low-cost hybrid RF modules. Some of the latest RF devices can act as both a transmitter and a receiver, making two-way communication possible.
Selecting a Single-Chip Microcomputer <br> When selecting a microcontroller, the designer should consider the on-chip program memory and data storage capacity to select the most suitable microcontroller for the application. It's helpful to have a cryptographic module on the board, but it's generally not free, so using a software implementation may be a better option at some point. If the encryption algorithm is easily implemented in software, then this is a preferable solution because it provides designers with a wider range of microcontroller choices. In addition, receivers are often incorporated into larger applications, such as car alarms or garage door remote switches. Sometimes, even the transmitter itself is part of a larger application circuit, such as a graphical keyboard interface. The microcontroller must provide enough memory to accommodate the main application and secure wireless link software.
Security is a system issue <br> Readers should keep in mind that an RF solution always has two elements -- the mobile/transmitter part and the base/receiver part. When designing a security system, it is necessary to fully review these two parts from a security perspective. This includes selecting the right microcontroller for the job and understanding the weaknesses of the hardware design. Again, the strength of the security system is only as strong as its weakest link.
What determines the security of the system?
Many factors can affect the best solution for determining a secure wireless design. The system designer should evaluate all of these factors together to determine the best solution, understand the various design tradeoffs, and the cost involved in each design.
Security Algorithms <br> Choosing a security algorithm can be a difficult decision, especially if the designer is unaware of all the attack methods that exist. Attack methods include plaintext, side channel, differential encryption analysis, intermediate phase attack and sliding attack. It is best to consult industry experts or evaluate some commonly accepted algorithms such as AES encryption (which is widely accepted, including the US government).
Key management When deciding to implement a security solution, one of the most important factors to keep in mind is how to generate, exchange, store, protect, use, and replace secure encryption keys throughout the system to crack or interpret encrypted messages. When it comes to security issues, the most important thing to remember is the Kerckhoff principle, which states that "security systems should not rely on the security of security algorithms, but rely on the security of the keys." Review the cracking of any encrypted messages. The three factors required are the complete encrypted message, the algorithm and key needed to crack the message (only the password that the authorized user knows). We should always assume that encrypted messages and algorithms will be known to the public at some point in time, even for proprietary algorithms. Therefore, system security should never rely on the security of security algorithms, because the information will leak out sooner or later.
Flexibility and extensibility <br> For any key management scheme, it is critical that all devices do not use the same key. This helps to increase the security of the entire system, so if a moving part is cracked, it will not endanger the entire security system. The easiest way to do this is to assign each mobile part its own unique password or encryption key. One method often used to implement this function is to assign each mobile part a unique number as the serial number and then perform a unique encryption key calculation based on the serial number and the main manufacturer code. A receiver component that supports multiple mobile components at the same time, and it is easy to use the serial number to export the encryption key needed to crack the information sent from a particular mobile device. Serialization of mobile devices is typically done at the time of production by pre-programming the embedded microcontroller before placing it on a printed circuit board, or by programming the microcontroller using an in-circuit serial programming interface (ICSP) after board assembly.
Productivity <br> As mentioned earlier, it is critical to always protect the encryption key in any security system. This includes the production process, especially when the actual product assembly is done by a third party contract manufacturing (CM) company. In this case, it is easier to provide a pre-programmed code-protected microcontroller to the CM than to try to ensure that the production process is secure and the encryption key is not illegally copied. Most microcontroller vendors, such as Microchip, offer the "quick batch programming with serial number" option on all of their microcontrollers. By providing device serialization information to the manufacturer, they can pre-program the application software and serialization information into the microcontroller during production testing.
Physical Security <br> Attacks on security systems go far beyond analyzing data and attempting to perform mathematical attacks on security systems. More specifically, the attack involves analyzing the application circuit and attempting to see if any hardware can be tampered with to access the security system. If the receiver's output only pulls the data line high to activate the relay, then this is a weak point that is vulnerable to attack. These types of attacks are obviously only effective if you have physical access to the hardware of the receiver component you are working on.
Another attack scenario involves analyzing mobile transmitter components from the physical component side. This includes analyzing the actual circuit and applying the specification voltage to signal the microcontroller or to limit the application to see if the attacker has a chance to read the security information stored in the device's non-volatile memory. There are other invasive and non-intrusive methods of attack that attempt to break the code-protection locking mechanism built into these microcontrollers.
No device is unbreakable. As long as you have time and money, you will eventually find a way to crack the device and read the protected information. Because of this, microcontroller chip designers need to add more physical hiding layers to protect the information stored in the device, especially the encryption algorithm code or key. Therefore, it is best to work closely with microcontroller vendors to understand which devices are using the latest tamper-proof circuitry to protect the information stored within the device.
Change is good for security <br> Another good way to protect your security system is to change things on a regular basis. Do not use the same security solution with the same security key information for a longer period of time. The following methods can be mixed: change the key management scheme, the primary encryption code used to derive the unique encryption key for each mobile part, or migrate to a new generation of algorithms when a new generation of security algorithms is available. Unsatisfactory, changes can make products lose backward compatibility. System designers need to weigh the pros and cons when designing. The biggest benefit of using embedded microcontrollers in these types of designs is that they can be made at any time without having to completely redesign. The same hardware design can be used for different products.
Conclusion <br> The need to provide a better level of security in the low-cost wireless arena is growing. It is important to understand and evaluate the various factors in order to find the best solution to provide adequate protection at a reasonable cost. There is no solution for all applications. Recent advances in microcontrollers, RF ICs, and compact security algorithms have significantly simplified the complexity of designing these low-cost, secure wireless solutions. Choosing the right wireless RF, microcontroller, and security algorithms requires an in-depth understanding of the various attack methods used today to break through security systems. Only when the system design engineer examines all aspects of developing a secure wireless solution can it be possible to find an affordable response.
The best advice is to discuss various design options and alternatives with your microcontroller vendor, rather than just focusing on the specific security features listed in the device data sheet. Security is a system-level issue and should be developed as follows: first select the security algorithm, then support the production/manufacturing requirements, and finally design the key distribution mechanism. Keep in mind that the security system is only as strong as its weakest link.
The level of security in the wireless domain is closely related to the importance of the information being transmitted. For example, a wireless doorbell or computer mouse may have no security issues, and a car's keyless entry application requires a high level of security. Unlike consumer security systems, which have relatively limited processing power, desktop computers have greater processing power and prices are declining. As a result, wireless security systems with limited security levels are more vulnerable to external attacks, often including code theft and brute force attacks.
To help protect the information contained in the RF message, the encryption algorithm is first used to disrupt the message. Encryption is the process of using an algorithm (password) to convert information (plaintext) so that it is unreadable (ciphertext) to someone other than having special information (such as encryption keys and/or encryption algorithms). Only those who have the same encryption algorithm and encryption key can successfully crack or interpret ciphertext messages. Unfortunately, just messing up the message is not enough. Because even if the message can't be cracked, the criminals can still use it to enter the vehicle. In order to prevent this from happening, the encrypted message must also be changed each time it is sent. This message change mode is sometimes referred to as a "hop code" or "roll code" mode, which prevents multiplexing of previously sent messages. Microchip Technology's patented KEELOQ code hopping security solution is an example of the well-known code hopping mode.
KEELOQ code hopping technology uses powerful encryption algorithms to achieve always changing messages.
Drivers: Why do you need stronger security algorithms?
So why do you constantly need stronger security algorithms? Experts in academia, encryption technology, and individuals who illegally use intent to crack algorithms are constantly reviewing security algorithms to find their weaknesses. One way is to try all possible bit combinations to determine the password or encryption key. This method is called a "brute force attack." The more possible combinations, the longer it takes to guess the correct value. As the computing power and speed of the computer increase, multiple brute force attack calculations can be performed simultaneously in a short period of time. Attacks that take a few months to complete ten years ago use the current technology in just a few days. Obtaining a password and key allows the hacker to see the actual command information stored in the encrypted message. After cracking or interpreting the encrypted message, the hacker can easily and quickly determine which information changes between the various control messages can be accepted and understood by the recipient as valid commands.
Security Algorithms: Proprietary and public security systems currently have a variety of security algorithms to choose from, both proprietary and public. This means that the actual calculation method used by the algorithm can be either publicly known or not. In the security field, there are two schools that represent proprietary and public algorithms. As long as the security algorithm is thoroughly reviewed by subject matter experts who are very familiar with current various attack methods, it is not important to choose which algorithm to use. However, there are still many people who believe that public safety algorithms are generally better because they have been reviewed by more attackers who may sometimes use new and innovative cryptanalysis methods to crack the algorithm.
In general, the cracking algorithm means reducing the number of combinations required to guess a password called a "key." For example, the Data Encryption Standard (DES) uses a 56-bit encryption key and converts it to 2^56 or 72,056,594,037,927,936 possible combinations, and the number of possible combinations has been reduced to 2^39 or 549,755,813,888 by the cracking algorithm. With current field-programmable gate array (FPGA) or PC processing capabilities, keys can be easily calculated in a matter of days.
This leads to the general rule that the more bits in the encryption key of the security algorithm, the stronger the algorithm. For example, the Advanced Encryption Standard (AES) algorithm can use a 128 or 256-bit key, which is considered a stronger solution in both. However, care must be taken when relying solely on the number of bits of the encryption key or the size of the encrypted data block, as there are many cryptanalysis attack methods that can detect any weakness in the way the key is actually mixed with the original algorithm calculations. Industry experts and hackers have carefully reviewed the AES algorithm by using various attack methods that are today recognized as standard in many security applications.
Choosing a Security Solution <br> So why not simply choose the strongest algorithm currently available (for example, AES with a 256-bit encryption key) for your next wireless system design? Unfortunately, security is not free. The stronger the algorithm, the more complex the calculations. The greater the software memory requirements required to support the algorithm, the more expensive the microcontroller is usually needed. All of this adds to the total cost of the security solution and its complexity. We also need to remember that while keeping the solution simple and easy to use for the ultimate consumer who actually purchased the system, we still need to provide a good enough level of protection to prevent illegal use. Stronger algorithms usually need to transmit longer encrypted messages. When sending wireless packets over the air, it will increase the delay time and increase power consumption, because the wireless packets take more time to send. Sending longer data is not always a good thing, which can have a negative impact on the site's on-site acceptance.
Advanced microcontrollers are more affordable <br> Today's embedded microcontrollers are not only more integrated, perform better, and cost less. These cost-effective microcontrollers support solutions that could only be implemented through an application-specific integrated circuit (ASIC) a decade ago. These microcontrollers support more advanced security encryption algorithms and require less development time. Today's microcontrollers also include an on-chip oscillator and other integrated features that help reduce component count and therefore the total cost of the wireless solution. Microcontrollers make it easier to develop wireless products while providing a high level of security by using software modules written in high-level languages ​​such as C that support most encryption algorithms. This significantly simplifies the development of security wireless applications and can be adapted to the ever-changing consumer market.
Low-Power Design <br> Another important design improvement in the embedded microcontroller industry that helps wireless design focuses on reducing power consumption. For example, reduce the amount of power required by a microcontroller to execute application code or be in an inactive low-power sleep state. For example, Microchip PIC microcontrollers (MCUs) with ultra-low power (XLP) technology can sleep as low as 20 nA. These new low-power devices help system-level designers create smaller, more compact portables. Handheld devices that allow you to run for longer periods of time with smaller batteries.
Integrated RF Solutions <br> The general preference for integrated RF transmitters, receivers or transceivers is a significant industry advancement that drives products for a short time to market today. These integrated devices integrate most of the RF circuitry required into a single silicon device, reducing the complexity of the RF design. These next-generation RF integrated circuit (IC) devices require only a few basic external components to fully implement high-performance RF wireless applications. In addition, these devices usually have an SPI interface that can be easily connected to a microcontroller. The microcontroller configures the wireless RF with appropriate settings and sends/receives the actual demodulated data packets.
There are many factors that influence the design factors of a wireless solution that affect the final design of a wireless solution. Below are some of the factors that must be evaluated and understood when designing low-cost mobile wireless products.
Design Complexity <br> Combining all of these technologies—advanced embedded microcontrollers, integrated RF devices, and advanced security encryption algorithms—designers can easily develop a complete secure wireless solution with the right level of security. The use of highly integrated microcontrollers and integrated RFIC devices also helps to significantly reduce the cost and complexity of today's wireless solutions because integration simplifies the process and reduces the number of components required on a printed circuit board.
The cost of the solution <br> Sometimes choosing the right level of security can be a daunting task. More complicated, however, is that the chosen security level is not always the strongest solution available. As mentioned above, designers must fully understand what they are trying to protect and then decide which security solution to use, which will in many ways affect costs. A microcontroller-based solution is more flexible than an ASIC-based solution. If some changes are needed, the designer can simply implement the software that runs on the microcontroller. The flexibility is also reflected in the fact that the same hardware design requires only minor changes to the code to support regulations in multiple countries. By simply changing the software, designers can configure wireless RF chips for other areas. By using other encryption libraries, designers can easily provide end users with additional security options.
Easy to use <br> The most common mistake in designing a security solution is to make the design too complicated. The best way to design a security solution is to keep it simple and user friendly. If it is too complicated or troublesome, this may have a negative impact on consumers. The basic tenet of designing a wireless system is to make the user feel more convenient to operate directly than the controlled application. If the key in the exit pocket is more convenient to drive the door than to directly press the button on the key fob, it completely deviates from the design goal.
Another good reason to keep the security system simple is that the more complex it is, the harder it is to test all possible combinations that are considered weak points. The fewer tests you do, the higher your chances of not fully determining all the weak points in the system. Unfortunately, even if you are using the strongest security algorithms available today, the security strength is only the same as the weakest link in the system. For example, in a vehicle alarm system, if only a strong security algorithm is used to encrypt the lock and unlock messages, but the messages are not changed every time the transmission is made, or if there is not enough information changed, the thief can easily capture and replay the messages. In this case, they can still enter the vehicle without knowing the algorithm or key you are using.
Physical Size <br> Typically, the RKE unit is powered by a small CR2032 coin cell battery. These button batteries only have a power of approximately 200 ~ 240 mAh. In general, it is expected that the device will last for three to five years under moderate daily use. Therefore, devices used in such designs, such as the XLP PIC microcontroller, are critical. In addition, at the time of design, there is a limit to the physical size of the moving parts (and many times even the main control parts). For example, the transmitter circuit must be able to fit into a small key fob that has a predetermined shape and shape. Given the relatively low frequency of these circuits, placing the antenna in such a small space can be a design challenge.
Choosing RF bands, data modulation schemes, and performance <br> The frequency of use depends primarily on the application and regulations. For example, in the United States, the Industrial, Scientific, and Medical (ISM) band is 315 MHz and 915 MHz. In Europe, the ISM band is 433 MHz and 868 MHz. There are also requirements related to the coverage distance of wireless links. Typical RKE applications require at least 20 meters and sometimes maximum distance requirements. For example, in Japan, due to stricter RF regulations, the maximum coverage is only 5 meters (this is true). One of the most common misunderstandings is the question of "What is the maximum range that the sender can provide?" When evaluating coverage, designers should keep in mind that transmitters and receivers are equally important. A good antenna design can significantly increase the ability to receive from weak transmitters.
RF modulation schemes and data rates also have a large impact on the reliability of wireless links. FM radio links typically produce less noise. However, this technology will increase costs. More advanced wireless links also increase the cost of moving parts and fixed parts (ie, receivers). However, with the development of integrated RF transmitters and receivers today, these devices tend to be in the same price range as low-cost hybrid RF modules. Some of the latest RF devices can act as both a transmitter and a receiver, making two-way communication possible.
Selecting a Single-Chip Microcomputer <br> When selecting a microcontroller, the designer should consider the on-chip program memory and data storage capacity to select the most suitable microcontroller for the application. It's helpful to have a cryptographic module on the board, but it's generally not free, so using a software implementation may be a better option at some point. If the encryption algorithm is easily implemented in software, then this is a preferable solution because it provides designers with a wider range of microcontroller choices. In addition, receivers are often incorporated into larger applications, such as car alarms or garage door remote switches. Sometimes, even the transmitter itself is part of a larger application circuit, such as a graphical keyboard interface. The microcontroller must provide enough memory to accommodate the main application and secure wireless link software.
Security is a system issue <br> Readers should keep in mind that an RF solution always has two elements -- the mobile/transmitter part and the base/receiver part. When designing a security system, it is necessary to fully review these two parts from a security perspective. This includes selecting the right microcontroller for the job and understanding the weaknesses of the hardware design. Again, the strength of the security system is only as strong as its weakest link.
What determines the security of the system?
Many factors can affect the best solution for determining a secure wireless design. The system designer should evaluate all of these factors together to determine the best solution, understand the various design tradeoffs, and the cost involved in each design.
Security Algorithms <br> Choosing a security algorithm can be a difficult decision, especially if the designer is unaware of all the attack methods that exist. Attack methods include plaintext, side channel, differential encryption analysis, intermediate phase attack and sliding attack. It is best to consult industry experts or evaluate some commonly accepted algorithms such as AES encryption (which is widely accepted, including the US government).
Key management When deciding to implement a security solution, one of the most important factors to keep in mind is how to generate, exchange, store, protect, use, and replace secure encryption keys throughout the system to crack or interpret encrypted messages. When it comes to security issues, the most important thing to remember is the Kerckhoff principle, which states that "security systems should not rely on the security of security algorithms, but rely on the security of the keys." Review the cracking of any encrypted messages. The three factors required are the complete encrypted message, the algorithm and key needed to crack the message (only the password that the authorized user knows). We should always assume that encrypted messages and algorithms will be known to the public at some point in time, even for proprietary algorithms. Therefore, system security should never rely on the security of security algorithms, because the information will leak out sooner or later.
Flexibility and extensibility <br> For any key management scheme, it is critical that all devices do not use the same key. This helps to increase the security of the entire system, so if a moving part is cracked, it will not endanger the entire security system. The easiest way to do this is to assign each mobile part its own unique password or encryption key. One method often used to implement this function is to assign each mobile part a unique number as the serial number and then perform a unique encryption key calculation based on the serial number and the main manufacturer code. A receiver component that supports multiple mobile components at the same time, and it is easy to use the serial number to export the encryption key needed to crack the information sent from a particular mobile device. Serialization of mobile devices is typically done at the time of production by pre-programming the embedded microcontroller before placing it on a printed circuit board, or by programming the microcontroller using an in-circuit serial programming interface (ICSP) after board assembly.
Productivity <br> As mentioned earlier, it is critical to always protect the encryption key in any security system. This includes the production process, especially when the actual product assembly is done by a third party contract manufacturing (CM) company. In this case, it is easier to provide a pre-programmed code-protected microcontroller to the CM than to try to ensure that the production process is secure and the encryption key is not illegally copied. Most microcontroller vendors, such as Microchip, offer the "quick batch programming with serial number" option on all of their microcontrollers. By providing device serialization information to the manufacturer, they can pre-program the application software and serialization information into the microcontroller during production testing.
Physical Security <br> Attacks on security systems go far beyond analyzing data and attempting to perform mathematical attacks on security systems. More specifically, the attack involves analyzing the application circuit and attempting to see if any hardware can be tampered with to access the security system. If the receiver's output only pulls the data line high to activate the relay, then this is a weak point that is vulnerable to attack. These types of attacks are obviously only effective if you have physical access to the hardware of the receiver component you are working on.
Another attack scenario involves analyzing mobile transmitter components from the physical component side. This includes analyzing the actual circuit and applying the specification voltage to signal the microcontroller or to limit the application to see if the attacker has a chance to read the security information stored in the device's non-volatile memory. There are other invasive and non-intrusive methods of attack that attempt to break the code-protection locking mechanism built into these microcontrollers.
No device is unbreakable. As long as you have time and money, you will eventually find a way to crack the device and read the protected information. Because of this, microcontroller chip designers need to add more physical hiding layers to protect the information stored in the device, especially the encryption algorithm code or key. Therefore, it is best to work closely with microcontroller vendors to understand which devices are using the latest tamper-proof circuitry to protect the information stored within the device.
Change is good for security <br> Another good way to protect your security system is to change things on a regular basis. Do not use the same security solution with the same security key information for a longer period of time. The following methods can be mixed: change the key management scheme, the primary encryption code used to derive the unique encryption key for each mobile part, or migrate to a new generation of algorithms when a new generation of security algorithms is available. Unsatisfactory, changes can make products lose backward compatibility. System designers need to weigh the pros and cons when designing. The biggest benefit of using embedded microcontrollers in these types of designs is that they can be made at any time without having to completely redesign. The same hardware design can be used for different products.
Conclusion <br> The need to provide a better level of security in the low-cost wireless arena is growing. It is important to understand and evaluate the various factors in order to find the best solution to provide adequate protection at a reasonable cost. There is no solution for all applications. Recent advances in microcontrollers, RF ICs, and compact security algorithms have significantly simplified the complexity of designing these low-cost, secure wireless solutions. Choosing the right wireless RF, microcontroller, and security algorithms requires an in-depth understanding of the various attack methods used today to break through security systems. Only when the system design engineer examines all aspects of developing a secure wireless solution can it be possible to find an affordable response.
The best advice is to discuss various design options and alternatives with your microcontroller vendor, rather than just focusing on the specific security features listed in the device data sheet. Security is a system-level issue and should be developed as follows: first select the security algorithm, then support the production/manufacturing requirements, and finally design the key distribution mechanism. Keep in mind that the security system is only as strong as its weakest link.
0 times
Window._bd_share_config = { "common": { "bdSnsKey": {}, "bdText": "", "bdMini": "2", "bdMiniList": false, "bdPic": "", "bdStyle": " 0", "bdSize": "24" }, "share": {}, "image": { "viewList": ["qzone", "tsina", "tqq", "renren", "weixin"], "viewText": "Share to:", "viewSize": "16" }, "selectShare": { "bdContainerClass": null, "bdSelectMiniList": ["qzone", "tsina", "tqq", "renren" , "weixin"] } }; with (document) 0[(getElementsByTagName('head')[0] || body).appendChild(createElement('script')).src = 'http://bdimg.share. Baidu.com/static/api/js/share.js?v=89860593.js?cdnversion=' + ~(-new Date() / 36e5)];
The LED tubes emergency kit is making your LED tubes into Emergency Mode, ideal for LED tubes 3-40W Full power emergency output wattage for LED emergency lighting 60-180mins. Automatic lighting up when main power failures. Suitable for LED fitting with external led driver and internal driver. Widely using for parking lot, office, building, warehouse, school, hospital, workshop etc.
Emergency Led Tube,Led Tubes Emergency,Led Tubes Emergency Kit,led tube light with battery
Foshan Nai An Lighting Electric Co.,ltd , https://www.fsnaipsled.com