Related Manuals for Motorola Wireless Broadband Platform
Summary of Contents for Motorola Wireless Broadband Platform
- Page 1 Security and the Motorola Canopy™ Wireless Broadband Platform (Advanced Security Techniques)
-
Page 2: Table Of Contents
Introduction... 1 Why Are Security Measures Clear Text Transmissions Passive Monitoring ... 2 End-to-End Security... 2 Security Features of the Canopy System Canopy’s Proprietary Protocol... 3 Authentication... 3 Key Management ... 4 Encryption... 5 Data Encryption Standard Advanced Encryption Standard (AES) Summary ... -
Page 3: List Of Acronyms
List of Acronyms AES...Advanced Encryption Standard AP ...Access Point BAM ...Bandwidth and Authentication Manager BH...Backhaul Module CMM...Cluster Management Module DES ...Data Encryption Standard DHCP ...Dynamic Host Configuration Protocol FIPS...Federal Information Processing Standards IP ...Internet Protocol LAN ...Local Area Network NAT ...Network Address Translation QoS...Quality of Service SM...Subscriber Module SNMP...Simple Network Management Protocol... - Page 4 Motorola’s product warranties. MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. Canopy is a trademark of Motorola, Inc. All other product or service names are the property of their respective owners. © Motorola, Inc. 2003.
-
Page 5: Introduction
Motorola is employing in the Canopy platform to ensure the security and integrity of this advanced system for our customers. -
Page 6: Passive Monitoring
ASSIVE ONITORING As mentioned previously, it is relatively easy to monitor clear text transmissions over an IP network. Unfortunately, most of the time invaders are not easily detected. This is because monitoring of the traffic is performed using passive devices that do not transmit any data of their own. -
Page 7: Canopy's Proprietary Protocol
Today, the Canopy system incorporates a flexible security model that supports a wide variety of system configurations ranging from a fully open system to an authenticated/encrypted air link with dynamic session key assignment. The Canopy system uses industry proven authentication and encryption technologies to ensure that the service provider maintains control of the network. -
Page 8: Key Management
Table 1. The Authentication Process Step When an SM attempts to enter the Canopy network it sends a registration request to the AP. The AP then sends an authentication request to the BAM. The BAM generates a 128 bit random number that is sent to the SM as a challenge. -
Page 9: Encryption
Key/Number Session Key Random Number Of the three numbers presented in Table 2, only the Authentication Key is settable by the network operator and it must be set both in the BAM and in the SM. Further information about Canopy’s authentication process is detailed in Bandwidth and Authentication (BAM) User Guide. -
Page 10: Advanced Encryption Standard (Aes)
Decrypting cipher converts the data back to its original form called plain text. The algorithms for DES described in the DES standard specifies both enciphering and deciphering operations which are based on a binary number called a key. A DES key consists of 64 binary digits ("0"s or "1"s) of which 56 bits are randomly generated and used directly by the algorithm. -
Page 11: Table 3. Methods Of Encryption And Their Associated Keys
In comparison, DES keys are 56 bits long, which means there are approximately 7.2 x possible DES keys. Thus, there are on the order of 10 keys than DES 56-bit keys. In the late 1990s, specialized "DES Cracker" machines were built that could recover a DES key after a few hours. -
Page 12: Summary
Motorola has taken a very proactive stance on the issues of security and offers a wide range of alternatives to its customers ranging from a fully open system to an authenticated/encrypted air link with dynamic session key assignment. - Page 13 Motorola Canopy 50 E Commerce Drive Schaumburg, IL 60173 www.motorola.com/canopy MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. Canopy is a trademark of Motorola, Inc. All other product or service names are the property of their respective owners.