linkitlinkit 7697iotsecurity

Analysis of the Security Function of LinkIt 7697


When new development board comes out, we always want to figure out what features it is? Is it suitable for everyone to apply? According to feature list, there are lots of professional terms and nouns; it seems familiar but not specific enough. Therefore, this article tries to introduce the function and specification of this new development board, LinkIt 7697 HDK. In consideration of the space, I will focus on security field.
LinkIt 7697 HDK is a development board for the Internet of Things application, which is based on the MT7697 system-on-chip, with floating-point arithmetic micro controller ‘ARM Cortex-M4’, and it integrated 802.11b / g / n Wi-Fi wireless network and Bluetooth low energy solution, Bluetooth 4.2. The following will focus on the security of LinkIt 7697.

Secure boot and encryption engine



7697 uses Serial / SPI Flash to perform Secure Boot, which means, it will check the security and effectiveness of system file before boot. It prevents unauthorized programs from being executed on the system during the boot process.

The hardware encryption engine includes AES, DES / 3DES, network security SHA2, SHA256, SHA512 hash engines, as follows:
  1. Built-in hardware encryption engine (Hardware crypto engines), including advanced encryption standard (Advanced Encryption Standard, AES), Triple Data Encryption Standard (Triple Data Encryption Algorithm, DES / 3DES), security hash algorithm (SHA2) Decryption software.
  2. Advanced Encryption Standard (AES), also known as Rijndael cipher in cryptography, is a block encryption standard for the US federal government. This standard is used to replace the original DES, has been multi-analysis and widely used in the world. After five years of selection process, the Advanced Encryption Standard was published by the National Institute of Standards and Technology (NIST) on 26 Nov 2001 in FIPS PUB 197. And also it became an effective standard on 26 May 2002. In 2006, Advanced Encryption Standards have become one of the most popular algorithms for symmetric key encryption.
  3. Triple Data Encryption Algorithm (TDEA), or 3DES, is a symmetric key encryption block password. It applies three data encryption standard (DES) algorithms to each data block. With the enhancement of computing power, the original DES password key length becomes vulnerable to crack; 3DES is designed to provide a relatively simple way, that is, by increasing the key length of DES to avoid similar attacks, rather than design a new block cipher algorithm.
  4. SHA-2, the name comes from Secure Hash Algorithm 2, a cryptographic hash algorithm, developed by the National Security Agency, by the National Institute of Standards and Technology (NIST) in 2001. It is one of the SHA algorithms, a successor of SHA-1. It can be divided into six different algorithms standard, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256.

Wireless network security practices

In wireless network, LinkIt 7697 supports both Wi-Fi and Bluetooth. First, I’d like to introduce some security specifications of the Wi-Fi communication.

Wi-Fi security support


The Wi-Fi communication specification is a commercial push by the Wi-Fi Alliance (WFA), a commercial consortium with a Wi-Fi trademark. It is responsible for Wi-Fi certification, with trademark licensing work. WPA / WPA2 is a certified form of IEEE 802.11i standard certified by the Wi-Fi Alliance, full name is Wi-Fi Protected Access®(WPA) and Wi-Fi Protected Access®2 (WPA2), WPA2 is the enhance version of WPA, they are a technical certification, rather than a safety standard, its technical characteristics are as follows:
  1. In the WPA design, an 802.1X authentication server is used to distribute different keys to each end-user; however, it can also be used in a less secure"pre-shared key". It lets each user who under the same wireless router using the same key.
  2. Wi-Fi Alliance uses this pre-shared key version called"WPA-Personal Edition"or"WPA-Personal or WPA2-Personal", with 802.1X-certified version called WPA-Enterprise or WPA2-Enterprise, each wireless network user who uses Enterprise Edition has their own password.
  3. WPA encryption uses TKIP (Temporary Key Integrity Protocol), WPA2 AES (Advanced Encryption Standard) encryption technology, AES encryption technology is more secure than TKIP. TKIP security protocols (commonly known as WPA) can be cracked by improved attacks such as Beck-Tews Attacks (2008) and"Ohigashi-Morii Attack".
  4. WPS (Wi-Fi Protected Setup): This is a certificate issued in early 2007, the purpose is to allow consumers to set up wireless network devices easily, and to ensure a certain degree of security. Currently WPS allows wireless network devices to be set up via Pin Input Config (PIN), Push Button Config (PBC), USB Flash Drive Config (UFD), and Near Field Communication Contactless Token Config (NFC).
LinkIt 7697 also supports another security specification, WAPI (Wireless Authentication and Privacy Infrastructure). It is a Chinese national standard for wireless regional networks (GB 15629.11-2003), generally read as"WAIPI". This standard also set up a WAPI industry alliance, although it is designed to be based on WiFi implementation, but its compatibility with the 802.11 wireless network standard security agreement. In March 2006, ISO passed the 802.11i encryption standard and rejected the WAPI proposal. In June 2009, the Chinese government re-submitted the WAPI standard application. However, on November 21, 2011, the Chinese government withdrew the application, and ISO immediately canceled the WAPI project.
WAPI was originally designed to solve the security vulnerabilities in WEP. It was mainly composed of WAI (WLAN authentication infrastructure) and WPI (WLAN privacy infrastructure). WAI defines the security scheme for identity authentication and key management in wireless local area networks. WPI defines the security schemes for data transmission protection in wireless LANs, including data encryption, authentication and replay protection.

BLE security support


Bluetooth Low Energy (BLE) is a low-power Bluetooth technology from the 4.0 version of the Bluetooth Alliance, focused on intelligent wear equipment, smart home, and later intelligent city construction, mainly for small data transmission and management.

Low-energy Bluetooth (BLE) has the following features:

  1. Data Transfer: support for very short data packets (8 octet to 27 octet), the transmission speed up to 1Mbps. All connections are made using advanced sniff-subrating function mode to ultra-low duty cycle.
  2. Hopping: Use modulating frequency hopping, the other techniques interference may be reduced in 2.4 GHz ISM band.
  3. Host Control Technology: allows the host to sleep for a long time, by the intelligent controller to start, this feature will save energy.
  4. Short delay: the shortest connection setup is completed within 2 to 3 ms, and begins transferring data.
  5. Long range: modulation index can increase the firing range augmented, even more than 100m.
  6. Stability: The cycle was repeated using 24 sample loop (CRC), to ensure maximum stability when the packet is disturbed.
  7. Security: the use of CCM is fully AES-128 encryption technology, provides a high degree of encryption and authentication security of the data packet. CCM mode (the counter has a CBC-MAC) is an operation mode of a block cipher encryption. It is a certified encryption algorithm designed to provide authentication and confidentiality. CCM mode only for a block length of 128-bit block cipher defined.
  8. Topology: They used 32-bit access address on each packet, which theoretically allows billions of devices can be simultaneously connected to. Optimize for one-to-one links, and also use star topology to accomplish one-to-many links. Usually in the connection and disconnection quickly switch, the data will be kept between the mesh topology to move, it will not form a complex network burden.

The feature of BLE low energy Bluetooth 4.2 version:

  1. IPSP (Internet Protocol Control Protocol), which are designed to allow Bluetooth support IPv6 / 6LoWPAN, all wearable device or IOT device can connect to the cloud.
  2. Bluetooth 4.2 specification enhance the speed and reliability of data transmission between Bluetooth Low Energy devices. It establish a larger packet, so that the device can be 2.5 times faster than the previous generation. Increasing the data transfer rate and packet capacity will reduce transmission errors and thus further reduce power consumption.
  3. To strengthen the security and privacy protection, through the use of the US National Institute of Standards and Technology (NIST) certified P-256 elliptic curve (Elliptic curve cryptography, ECC) cryptography encryption and AES-CMAC (AES-Cypher- Based Message Authentication Code) hash function algorithm.

In conclusion

If only for Maker or RD used to do POC, in fact, LinkedIt 7697 does not have to have too strong security features. However, MTK, after all, It is the commercial market chip manufacturers. MT7697 on the LinkIt 7697 HDK is made for solution provider to produce a consumer products, so the security issue should be fixed, which means, if you use it to do the POC, in fact, can buy chips or modules to mass production, it will save a lot of production and transplant time.
Thanks for sharing this article to seeedstudio. The original author is Chen Jiongliang, a university teacher, engaged in IoT networking system development and teaching work, led the students to think and use the various types of sensors combined with Arduino / LinkIt 7697 / ARM mbed series MCU integrated applications. He is also committed to LPWAN technology, including LoRa, SigFox and so on for car networking, intelligent agriculture, intelligent campus applications.(https://makerpro.cc/2017/07/linkit-7697-safety-functionality-review/)

cheng.shuangAug 07,2017 20:52 PMAdd Comment

Comment

Popular Topics