All Pages Tagged: ‘Wi-Fi’

Secure smart lighting: CSRmesh™ leading the way for secure home automation

Many readers may have come across this story regarding a brand of connected LED light bulbs which can be hacked to change the lighting, and worse, to reveal the homeowner’s Wi-Fi® Internet password. It’s a serious issue, and it has illuminated (pardon the pun) that security needs to be considered in depth when Internet of Things (IoT) devices are being developed.

On this note, I thought it would be worth allaying any fears that CSRmesh™, our game-changing protocol which allows for Bluetooth® Smart mesh networks, could be subject to similar breaches. We have considered security at every stage of the design and as such, it primarily prevents against eavesdroppers, man-in-the-middle attacks and replay attacks, and is considered highly robust.

To illustrate this, let’s consider how you add a new device into a CSRmesh network. The network is secured using an encrypted network key. This is derived from a password or phrase that the user is asked to input when they first download the app onto their smartphone. To make the process of adding devices into the CSRmesh network easier, it is possible to publish a ShortText code, barcode, or QR code with the device. This code may contain the device address (128-bit UUID), the 64-bit authentication code, and other short information that may be relevant. This is particularly useful for deployment of larger networks.

During device association, the smartphone app will exchange keys with the advertising device and an encrypted network key will be provided to the device upon completion of the association process

During device association, the smartphone app will exchange keys with the advertising device and an encrypted network key will be provided to the device upon completion of the association process

Eavesdropping

The next phase is about trusting the new device. Once each device has its peer’s public key, then they can start to generate a secret authorisation value using a complex algorithmic process. To test this authorisation value, both the configuring and new devices share a public key and then challenge the peer device’s knowledge of this authorisation value such that they can be assured that not only has the public key been distributed correctly, but that the peer device knows the authorisation value.

Once they have authenticated each other, only then will they distribute the network key, using AES-128 encryption. This mea

ns that nobody else can eavesdrop on this communication to determine the network key. All future messages sent over the network will be encrypted using the network key and only trusted members of the mesh network will know that key and be able to decrypt these messages. Messages containing a different structure or network key, such as those from neighbouring networks, cannot be decoded and are simply ignored and dropped. It is therefore not possible to control or listen-in to a neighbouring network, nor to derive the network key from it.

Man-in-the-Middle Attacks

An optional authentication procedure can be employed using the private key to verify the validity of new devices before adding them to the network. A QR code or similar, containing this authentication code or private key, can be used for out-of-band authentication of devices appearing on the network and requesting access or association to the network. The smartphone, or associating device can scan the QR code from the device’s original packaging and thus securely obtain the authentication code “out-of-band”. When this device later appears on the network requesting association to the network and therefore requesting the network key, it can be challenged to also provide this out-of-band information or private key. This is then compared with what the associating device already gleaned from the QR code. If the two match, then the device is authenticated and the network key is encrypted and securely passed to the device being associated.

This authentication process therefore prevents an unknown device from accidentally or intentionally gaining access  to the network, a process known as a “man-in-the-middle” attack.

The relaying of messages through the mesh network is also securely managed. To accomplish this, each device that relays messages must also know the encrypted network key. Only messages that can be authenticated against a known network key are relayed. This allows devices that are near other mesh networks, for example a device near to a neighbour’s property, to only relay messages for known networks and not for any foreign network messages.

csrmeshloopReplay Attacks

There is always the potential for someone to steal the network key from a trusted network device, either by recording the encrypted information it is sending over the airwaves and playing it back at a later time, or by physically removing a device and reading its non-volatile memory. For this reason we prevent against ‘replay attacks’, someone trying to mimic a good network device message at a later time to try to gain access. A sequence number identifier is incremented and transmitted with each mesh message. If messages are replayed out of sequence then they are simply dropped and ignored. The network key data is not stored in a logical location in non-volatile memory, but is distributed across the memory hash table, making it very difficult to locate and identify. We would also recommend that any external trusted network devices use a separate network key that does not, for example, provide access to buildings or other secure areas.

The current release of CSRmesh for lighting supports only one network key per device, but a future version will support multiple network keys. This facilitates a ‘class of service’ structure for sub-networks within a building e.g. hotels which may require the enabling of different security zones.

 

Within the CSRmesh protocol there are also other security and control features such as:

  • Time-to-Live (TTL) counter: which determines how many hops or relays a message is allowed to make within the mesh network. The TTL is decremented every time a message is relayed. When it reaches zero, the message can no longer be relayed. This limits the size of a network and sets a boundary
  • TID message identifier: each message carries a unique TID. Devices receiving a new message compare its TID with the last few previously heard messages’ TIDs. If they are the same, that message is dropped,  meaning that messages that have already been heard before are not repeated again. This limits the proliferation of messages and prevents echoes and infinite loops in the network
  • A Seq sequence number: this maintains the location of messages within network and time. If messages appear out of sequence they are ignored, preventing record and replay attacks upon the network

 

As you can see, security is not something that is simple. Nor is it something that should be an afterthought in terms of design. It must be integral to the design of both the architecture and implementation of a networking solution. CSRmesh has been designed from the ground up to be as difficult as possible to be compromised, but it still includes the flexibility to increase the level of security over time as security algorithms improve.

Read more about the new CSRmesh protocol here. For a full list of features and information about ordering a CSRmesh Development Kit, click here.

If you have any security-related questions please post them below or on our support forum and we’ll get back to you.

 

Posted in Bluetooth Smart, Connectivity, Technology | Tagged , , , , , , , , , , , , , , , , | Leave a comment

CSR at CES 2014 – Joep van Beurden on Wireless Audio Trends

CES has always provided a great snapshot of the hot new trends for the year ahead and this year was no different. In this video CSR’s Chief Executive Officer Joep van Beurden reveals what’s next for the world of audio streaming and how the reality of wirelessly connecting the entire home maybe a little closer than you might think.

Posted in Applications and Markets, Connectivity, Corporate, Technology, Voice & Music | Tagged , , , , , , | Leave a comment

CSR gears up for “connected car” showcase

CSR’s Automotive Infotainment team is gearing up to showcase its ground-breaking new connectivity products at the Telematics Detroit 2013 Conference & Exhibition over two days in June, the 5th and 6th. Held in Novi, Michigan in the heartland of the US automotive industry, this major industry event brings together the global telematics ecosystem to master the “connected car” user experience and build brand affinity. Here are some of the event highlights: over 100 expert speakers (from the likes of GM, BMW, Toyota, Honda, Mercedes-Benz) will deliver their visions for the connected car and the evolving automotive apps ecosystem that is set to revolutionise consumer interaction with the vehicle; a quintet of conference tracks including sessions on connectivity business models, end-to-end telematics platforms, V2X technologies, big data, and open app development.

CSR exhibits on booth 65.

Posted in Automotive Infotainment | Tagged , , , , , | Comments Off

Tapping the potential of unlicensed spectrum

Wi-Fi industry leaders, journalists, investors, and regulators assembled on the Stanford campus Wednesday, July 11, to discuss and debate the future of unlicensed wireless technology in a program called “The Power and Potential of the Unlicensed Economy.”

The most significant technologies that use unlicensed spectrum are Wi-Fi® and Bluetooth®; over 3 billion devices using these technologies are expected to be produced by 2015, and in a presentation by the University of Southampton, over 100 billion unlicensed devices are projected to be in use by 2020. In addition, many of these devices, such as smartphones (using Wi-Fi for data off-load), tablets, ultrabooks, laptops, and televisions will be used be used to watch videos online, creating a massive demand for bandwidth and backhaul to access points.

When added to the billions of “smart devices” that will be equipped with wireless technology such as Wi-Fi and Bluetooth, the wireless industry and spectrum regulators face a daunting challenge – such staggering numbers of devices using the unlicensed bands and their need for spatial data capacity will increase congestion many times over what users experience today.

To meet these challenges, several panelists at the conference discussed an emerging concept in spectrum policy: dynamic spectrum access using “white spaces” – spectrum that is unused or underused in some locations.  Inherent in this exciting new way to manage spectrum more efficiently is knowledge of a user’s location, so that a regulatory database can determine if there will be interference.  The Federal Communications Commission (FCC) in the United States was the first regulatory authority in the world to announce regulations for use of white spaces in the upper UHF bands from 470-690MHz, which will be shared with TV broadcasters and wireless microphones.  The United Kingdom is expected to announce its own regulations in these bands later this year.  In future years, regulators are looking to use these location databases in other bands to free up spectrum for unlicensed or “lightly licensed” use.

Dr. Jim Lansford, a Fellow in CSR’s Global Standards group, gave a presentation on “Automotive Applications for Unlicensed Spectrum” where he described the uses of Bluetooth and Wi-Fi in automotive applications, and the dramatic growth projected for these technologies in cars.  According to Strategy Analytics, by 2015 Bluetooth will be in 72% of cars, and Wi-Fi will be in 30%, enabling many exciting new usage models.  As regulators authorize use of new spectrum under these dynamic access rules, automobiles will be required to know their location within 100 meters in order to be able to determine what bands of spectrum are available, making use of GPS and related location technologies even more necessary in the automotive market.  As a leader in location technology, Bluetooth, and Wi-Fi for automotive markets, CSR will continue to bring innovative platform solutions to our customers in these emerging areas of wireless technology.

Posted in Connectivity | Tagged , | Leave a comment

CSR at Telematics, Detroit

Telematics Detroit is one of the top automotive industry events. The conference attracts leading vehicle manufactures and tier one suppliers and enables them to discuss their visions for telematics technologies that will give consumers a better driving experience and which are more enjoyable, safer, and at lower personal and environmental cost.

As a recognised leader in location and connectivity technology, CSR is always keen to have a presence at such an important event. For the 2012 conference, we prepared a number of innovative solutions to wow our visitors at our booth. Demos of these were filmed at the event by our team and can be viewed on our YouTube channel.

To express our vision of a more enjoyable in-car experience, we prepared a ZiiSound D5 Bluetooth® Speaker and a Motorola RAZR android smartphone to demonstrate the superb audio streaming quality of aptX®. Both commercially available products are equipped with aptX® CODEC technology and deliver CD-quality sound over a Bluetooth connection. The sound coming out of the speaker was well defined and the bass was unmistakable. We were certainly noticed by Telematics visitors! With more and more consumers carrying their favourite music in their phone, those who experienced the sound quality expressed how much they were looking forward to having the technology also available in their car stereo. View the demo

aptX® capability is not limited to just delivering CD-quality audio via Bluetooth. Another market defining feature of aptX® is its low latency. We set up two BlueCore5-Multimedia boards to stream audio from a PC playing a video clip via A2DP over to a headset demonstrating the differences between aptX® and standard CODEC in the “lip-sync” audio visual quality. The difference is readily noticeable by those tried it out and aptX® was very well perceived. View the demo

On the safety side, we prepared a Bluetooth low energy (BTle) multifunction steering wheel. The advantages of using BTle to replace the wired control mechanism are cost and weight reduction. It is estimated that each single wire costs car manufacturer one US dollar to install. For this particular steering wheel, five wires were replaced with CSR1001™ development board which sent commands (e.g. audio volume up/down, answering phone, skip track etc.) to our SiRFprimaII™ SOC platform. This demonstration created a lot of buzz and visitors at our booth were very excited by by this first-of-its-kind demonstration. View the demo

We also demonstrated RealVNC connectivity software running on our SiRFprimaII™ SOC platform. The software projected the full user interface of a smart phone onto SiRFprimaII™. The idea is that consumers will be able to use the projection on SiRFprimaII™ to directly control the phone: to start a navigation application, for example. In effect, consumers can bring their favourite/latest/greatest application into their in-vehicle infotainment system. The true uniqueness about our demonstration is the wireless connection (via Wi-Fi®) instead of the wired connection between the phone and SiRFprimaII™. This was a really impressive demonstration. View the demo

CSR’s introduction of the automotive grade CSRG35ea – SiRFstarVTM Automotive, the first announced product based on the SiRFstarV ™ architecture, was also well received. With this new market leading automotive grade GNSS platform CSR is positioned to address global, as well as regional preferences and requirements such as Glonass for Russia, Galileo for Europe, and Compass for China. Furthermore, the additional satellites accessible by SiRFstarV™ improve position accuracy and availability and will enable CSR customers to develop best-in-class next generation products for the Infotainment and Telematics markets.

CSR had a great show that attracted new interest in our technologies and strengthened our existing customer relationships. I’d like to thank everyone who attended from CSR for helping to wow our audience. And a special thanks to those who made those demonstrations possible.

Regards

Jimmy Pai
Technical Marketing Manager

Posted in Corporate | Tagged , , , , , , , , , , , , , | Leave a comment

We are CSR!

This is an important day for CSR! I’m writing this in a few quiet minutes after the shareholder votes which confirmed the merger of Zoran with CSR. This process began months ago and I want to reflect on why this transaction is happening and why I feel this is an exciting moment for all of us.

Continue reading “We are CSR!” »

Posted in Corporate | Tagged , , , , , , , , , , , , , | Leave a comment

I’m now a member of the Mile-High Club

As this is my first blog for CSR, I thought I would share finally achieving one of my ambitions.  Recently, during a business trip to the US I finally joined the mile high club.

As I got on the Southwest Airlines plane I could feel my heart pounding in anticipation.  Once the plane was in the air at 36,000 feet I started discussing the financial transaction with the cabin crew.  I paid my $5, got my dongle out, connected it to my laptop – and I was able to use Wi-Fi inside the plane – and connect to the internet.

Continue reading “I’m now a member of the Mile-High Club” »

Posted in Technology | Tagged | 1 Comment