6 min read

Wireless Security in the “Ring”

Featured Image

Authors 
Bart Shields 
Xavier Bush 
Oliver Kutolski

BACKGROUND

The news is constantly buzzing about the latest data hack or cybersecurity breach. The circumstances may differ, but the method is always the same: an intruder breaches a secure system without permission. What often gets glossed over is actual processes the intruder employs, as well as the security measures that can be taken in advance.

Despite Hollywood’s glamorized portrayal, the reality of hacking and cybersecurity is usually – but not always – rather more mundane, often hinging on a weakness or backdoor left open by human error or oversight. This is exacerbated by the fact that, for the vast majority of wired and wireless networks, the central security mechanism is a single static target: an encryption key. Much like the key to a house or the combination to a safe, encryption keys allow authorized users to access locked valuables (encrypted data) but through carelessness can easily fall into the wrong hands. 

Wireless communications are especially vulnerable to intrusion. Unlike wired networks, would-be intruders only require physical proximity to a wireless transceiver to breach and take over a network. Security therefore is a vital concern for industrial grade wireless networks with worker safety and critical heavy machine controls at stake.  

SECURITY IN LAYERS

Security for communications and IT systems is managed in layers. The first layer is comprised of data encryption and active countermeasures against various hacking methods.

Replay Attacks are one of these hacking methods; an intruder can intercept and capture encrypted data, then masquerade as a legitimate network user by playing it back to the network.

ReplayAttackDiagram1

Process of a Replay Attack

It’s important to emphasize that Replay Attacks can be executed even on encrypted data frames. A hacker that has captured and categorized enough of these frames can then “inject” them as necessary, gaining access and control of the network. This is known as a Command Injection.

R3-Technology-ComandAndInjectionDiagram

Process of a Command Injection

The point is that while encryption is important, it alone is insufficient to prevent an intruder from hijacking a system, causing chaos and costing the system owner significant time and money. Wireless security must therefore provide not just encryption, but a full suite of other precautions as well. These include prevention measures against Replay Attacks and Command Injections, as well as features like Perfect Forward Secrecy[1] and Denial of Service[2].

The most common type of encryption for wireless networks is a shared set of security credentials – known as a shared secret – spread over all stations within a network. Temporary encryption keys are issued for each session and each security relationship between nodes, allowing them to bypass the shared secret and perform actions.

The problem with scheme is that all stations effectively become breached whenever a single station is breached. Since the encryption for a shared secret is universal across the network, a hacker can use this info to access everything they can find, including the temporary encryption keys.

To help illustrate this point, consider the following real-world example: for safety purposes[3], all houses in a neighborhood share an electronic master key (a temporary shared secret). The key is generated from a single master secret in a secure location somewhere in the neighborhood. For added security, the master secret creates and issues a new key each morning that is only valid for 24 hours. On the surface, this sounds like a secure solution, yet what happens if an intruder manages to get their hands on a single key? They could quickly unlock every house in the neighborhood.

This example demonstrates a Holy Grail that all hackers yearn to discover – an infrequently-updated (in IT terms) set of centralized security credentials. Issuing encryption keys more frequently (such as every few minutes) can improve security by creating a moving target, yet this leaves the keys more vulnerable to interception while being transmitted. The master shared secret itself also remains an obvious target.

In short, the paradoxical dilemma facing wireless security is that the more complex a security system becomes, the more potential weak points are created. This is known as a network’s threat surface.

As IoT and Industry 4.0 become more and more widespread, innovative new security systems must be developed from the ground up to offer a diverse security suite while minimizing complexity.

Security the “EchoRing” Way

Industrial wireless networks require a security solution that:

  • Is lightweight and consumes fewer resources than traditional security systems
  • Avoids transmitting (and exposing) any secrets that could result in a network breach
  • Has almost zero latency – all security credentials are pre-calculated
  • Features extremely high entropy (making it more difficult to hack[4])
  • Runs on decentralized[5] architecture with no single point of failure[6]
  • Has a very simple security framework and a small, easily monitored threat surface
  • Requires virtually no maintenance after its initial deployment
  • Has built-in intrusion detection that gathers analytics on every frame[7]
  • Is specifically designed to operate at “IoT Scale”

In partnership with Olympus Sky Technologies, R3 provides just that. We’ve developed a full-scale security system to keep pace with EchoRing – fast, simple and flexible and easy to deploy, maintain and operate. It also comes at a fraction of the cost associated with world-class security. But how does EchoRing security work, exactly?

As outlined above, each EchoRing subnetwork (ring) has a continuously refreshing encryption key, the interval of which can be defined to best fit the use case. What makes this security system unique is that each ring within a larger network can refresh its encryption key at different times, while network nodes can connect to multiple rings at once. Furthermore, instead of transmitting keys directly from a vulnerable master station, security credentials are refreshed autonomously from pre-programmed sets encoded within each ring.

 Thanks to this system, EchoRing enjoys Perfect Forward Secrecy. This means that even if an attacker gains access to a single ring, only that small section of the network becomes compromised. Combined with EchoRing’s Replay Attack Counter, Message Authentication Codes and detailed analytics gathering for every frame, any network breach is easily located, isolated and contained.

Taken together, all of these features grant EchoRing a simple, robust and comprehensive solution for the future of wireless industry.

 

 

[1]A device that can both transmit and receive communications, in particular a combined radio transmitter and receiver Source

[2] Read more about security in Layers

[3] A typical reason is to allow police, fire or other first responders to easily gain access in case of an emergency.

 

[4] The total number of potential security key sequences between back-to-back sessions exceeds the age of the universe measured in seconds.

[5] Decentralized redundancy is incredibly important for mission critical systems

[6]Single Point of Failure (SPoF) refers to system components or system paths through which the system is no longer operational in the event of a failure. Source

[7] This is possible when the core technology of the underlying security framework is a security protocol itself.