802.15.4b is improving somewhat the link security. I *believe*, for example, that they have deprecated (or recommended against) CBC-CTR (one of the weaknesses identified in the paper) and recommend CCM* (also recommended by ZigBee according to their public tutorials at their open house events), supposedly a much improved mode. Not sure about other security related changes, but I'm sure there are plenty of 15.4b-savvy folks on this alias. Hopefully, they can respond. It might even be a good idea to have a quick update by one of those folks at the meeting.
-gabriel ps - another thing 15.4b is doing is increasing the speed for the sub-1GHz PHYs to bring them up to 250 Kbps. --- Samita Chakrabarti <[EMAIL PROTECTED]> wrote: > > > > From: "Kushalnagar, Nandakishore" <[EMAIL PROTECTED]> > > To: <[email protected]> > > Issue: > > The security considerations are still "TBD". Gabriel Montenegro proposed > mining the security considerations section of the format document for > possible input. > > > > NK: > > I am soliciting for some feedback here as to what this section is > supposed to have? > > Chairs/others? > -------------------------------- > > Hi Nandu, > > In the first meeting of LowPan wg (BOF?), folks brought up the > security consideration issues. It was mentioned that 802.15.4 > link-layer security should be enough. The following paper > depicts some of the problem scenarios with 802.15.4 security: > > http://www.cs.berkeley.edu/~nks/papers/15.4-wise04.pdf > > I was told by a security expert that 802.15.4 security is not > good enough. The above paper recomends a few modifications - does > anyone know if IEEE 802.15.4 workgroup is looking into improving > the link-layer security? > > I don't think IPsec security is a feasible solution on this kind > of small devices where 6lowpan would eventually run. It'd be > interesting to get people's viewpoint on this. > > Since we are routing at the link-layer, it would be better if we > have tighter link-level security and then application level security > using crypto. Perhaps the protocols running on top of LowPan > can run some security protocols that are appropriate for this kind > of network. > > Comments? > > -Samita > > > _______________________________________________ > 6lowpan mailing list > [email protected] > https://www1.ietf.org/mailman/listinfo/6lowpan > _______________________________________________ 6lowpan mailing list [email protected] https://www1.ietf.org/mailman/listinfo/6lowpan
