On the security of security extensions for IP-based KNX networks. Aljosha Judmayer
|
|
- Rebecca Henderson
- 5 years ago
- Views:
Transcription
1 On the security of security extensions for IP-based KNX networks Aljosha Judmayer 1
2 SBA Research Area 1 (GRC): Governance, Risk and Compliance P1.1: Risk Management and Analysis P1.2: Secure BP Modeling, Simulation and Verification P1.3: Computer Security Incident Response Team P1.4: Awareness and E-Learning Area 2 (DSP): Data Security and Privacy P2.1: Privacy Enhancing Technologies P2.2: Enterprise Rights Management P2.3: Digital Preservation Area 3 (SCA): Secure Coding and Code Analysis P3.1: Malware Detection and Botnet Economics P3.2: Systems and Software Security P3.3: Digital Forensics Area 4 (HNS): Hardware and Network Security P4.1: Hardware Security and Differential Fault Analysis P4.2: Pervasive Computing P4.3: Network Security of the Future Internet
3 TU Vienna automation systems group => 10th IEEE Workshop on Factory Communication Systems (WFCS), 2014 Lukas Krammer (lkrammer@auto.tuwien.ac.at) Wolfgang Kastner (k@auto.tuwien.ac.at) 3
4 What the h3ck is KNX? 4
5 What the h3ck is KNX? KNX is a standard for home and building automation KoNneX Association pool of companies publish KNX Systems specification Develop the ETS (Engineering Tool Software) 5
6 What the h3ck is KNX? KNX is a standard for home and building automation KoNneX Association pool of companies publish KNX Systems specification (first version 2002) Develop the ETS (Engineering Tool Software) Ensuring the interoperability between products, applications and systems Different physical layers e.g. : Twisted pair cable (TP1) Ethernet (IP) called KNXnet/IP 6
7 Building Automation Systems (BAS) Goal: intelligent buildings Old and busted: heating, ventilation and air conditioning (HVAC) BUS networks 7
8 Building Automation Systems (BAS) Goal: intelligent buildings Old and busted: heating, ventilation and air conditioning (HVAC) BUS networks New hotness: security and safety stuff (e.g. alarm systems, access control systems) remote management and stuff... >> connected to IP based networks <<!!!111! What can possibly go wrong? 8
9 Building Automation Systems (BAS) Goal: intelligent buildings Old and busted: heating, ventilation and air conditioning (HVAC) BUS networks New hotness: security and safety stuff (e.g. alarm systems, access control systems) remote management and stuff... >> connected to IP based networks <<!!!111! What can possibly go wrong? 9 Source:
10 Security features in current/classical KNX... 10
11 Security features in current/classical KNX... Optional 4 (in words four ) byte password 11
12 Security features in current/classical KNX... Optional 4 (in words four ) byte password... transmitted in clear text 12
13 What the spec has to say... For KNX, security is a minor concern, as any breach of security requires local access to the network (KNX Systems Specification) 13
14 What the spec has to say... For KNX, security is a minor concern, as any breach of security requires local access to the network (KNX Systems Specification) Filtering KNXnet/IP datagrams from the network requires network analysis tools and expertise. The content of a KNXnet/IP message is not selfdescriptive but requires semantic knowledge... (KNX Systems Specification) 14
15 What the spec has to say... For KNX, security is a minor concern, as any breach of security requires local access to the network (KNX Systems Specification) Filtering KNXnet/IP datagrams from the network requires network analysis tools and expertise. The content of a KNXnet/IP message is not selfdescriptive but requires semantic knowledge... (KNX Systems Specification) 15
16 How does a KNX BAS look like? 16
17 How does a KNX BAS look like? GAMMA Training Kit (GTK2) Source: 17
18 How does a KNX BAS look like? Backbone lv. Field lv. 18
19 How does a KNX BAS look like? Management devices (ETS) MD MD IP Backbone WAN Backbone lv. Field lv. Interconnection devices Sensors, Actuators, and Controller devices 19
20 How does a KNX BAS look like? Management devices (ETS) KNX IP KNXnet/IP MD MD IP Backbone WAN Backbone lv. Field lv. Interconnection devices Sensors, Actuators, and Controller devices 20
21 How does a KNX BAS look like? Management devices (ETS) C MD MD IP Backbone WAN Backbone lv. USB Field lv. Interconnection devices USB interface N 148/11 * USB interface to KNX bus * Connected to wiring by pressure contacts * eibd open source software Sensors, Actuators, and Controller devices 21
22 How does a KNX BAS look like? Management devices (ETS) C MD MD IP Backbone WAN Backbone lv. USB Field lv. Interconnection devices Sensors, Actuators, and Controller devices USB interface N 148/11 * USB interface to KNX bus * Connected to wiring by pressure contacts * eibd open source software * Eavesdrop * DoS * Inject * Identify (2^16 addresses) 22
23 Example Record all traffic on bus $ eibd --listen-local=/tmp/eibhandle -t1023 usb:2:4:1:0:0 $ vbusmonitor1 local:/tmp/eibhandle Send message on to group addr. $ groupswrite local:/tmp/eibhandle 1/1/5 1 Read configuration of device $ mread local:/tmp/eibhandle AA AA B 00 0B 02 FE FE 01 FE 02 FE FE 05 FE 06 FE FE 09 FE 0A FE 0B 04 0C FE 0D FE 23
24 Example Record all traffic on bus $ eibd --listen-local=/tmp/eibhandle -t1023 usb:2:4:1:0:0 $ vbusmonitor1 local:/tmp/eibhandle Send message on to group addr. $ groupswrite local:/tmp/eibhandle 1/1/5 1 Read configuration of device $ mread local:/tmp/eibhandle AA AA B 00 0B 02 FE FE 01 FE 02 FE FE 05 FE 06 FE FE 09 FE 0A FE 0B 04 0C FE 0D FE 24
25 Example Record all traffic on bus $ eibd --listen-local=/tmp/eibhandle -t1023 usb:2:4:1:0:0 $ vbusmonitor1 local:/tmp/eibhandle Send message on to group addr. $ groupswrite local:/tmp/eibhandle 1/1/5 1 Group addr. 1/1/0 Read configuration of device $ mread local:/tmp/eibhandle AA AA B 00 0B 02 FE FE 01 FE 02 FE FE 05 FE 06 FE FE 09 FE 0A FE 0B 04 0C FE 0D FE 25
26 How does a KNX BAS look like? Management devices (ETS) MD MD IP Backbone WAN Backbone lv. * tcpdump * tcpreplay * IGMP USB Field lv. Interconnection devices Sensors, Actuators, and Controller devices USB interface N 148/11 * USB interface to KNX bus * Connected to wiring by pressure contacts * eibd open source software * Eavesdrop * Identify (2^16 addresses) * Inject * DoS 26
27 Example UDP/IP port 3671 IPv4 multicast addr d 0c 00 5e 00 0e bc 00 7e 57 f e aa 0c f e c b b a c fa a e Just record and replay... $ tcpdump -nnvvxsw switchon.cap udp port 3671 $ tcpreplay -i eth0 -v switchon.cap 27
28 How does a KNX BAS look like? IP Controller N 350E * Scheduler & timer * TIME protocol (RFC 868) C Management devices (ETS) MD MD IP Backbone WAN Backbone lv. * IGMP * tcpdump * tcpreplay USB Field lv. Interconnection devices Sensors, Actuators, and Controller devices USB interface N 148/11 * USB interface to KNX bus * Connected to wiring by pressure contacts * eibd open source software * Eavesdrop * Identify (2^16 addresses) * Inject * DoS 28
29 * fuzzer (scapy) How does a KNX BAS look like? *... IP Controller N 350E * Scheduler & timer * TIME protocol (RFC 868) C Management devices (ETS) MD MD IP Backbone WAN Backbone lv. * IGMP * tcpdump * tcpreplay USB Field lv. Interconnection devices Sensors, Actuators, and Controller devices USB interface N 148/11 * USB interface to KNX bus * Connected to wiring by pressure contacts * eibd open source software * Eavesdrop * Identify (2^16 addresses) * Inject * DoS 29
30 How about the software...? 30
31 How about the software...? 31
32 How about the software...? 32
33 What's possible in classic KNX? 33
34 The solution?: KNXnet/IP Secure Security extension to KNXnet/IP Backward compatible Draft - now available for members, not yet implemented Multicast communication (group communication) Custom version of CCM (CTR + CBC-MAC) AES block cipher Unicast communication Custom protocol ECDH + Custom version of CCM AES block cipher 34
35 Interconnection devices KNXnet/IP Secure Management devices (ETS) MD IP Backbone using KNXnet/IP Secure Sensors, Actuators, and Controller devices 35
36 Interconnection devices KNXnet/IP Secure Management devices (ETS) MD IP Backbone using KNXnet/IP Secure Still possible: * Eavesdrop * Inject * DoS Sensors, Actuators, and Controller devices 36
37 KNXnet/IP Secure Unicast Interconnection devices Management devices (ETS) MD IP Backbone using KNXnet/IP Secure Unicast Sensors, Actuators, and Controller devices 37
38 KNXnet/IP Secure Multicast Interconnection devices Management devices (ETS) MD IP Backbone using KNXnet/IP Secure Multicast Sensors, Actuators, and Controller devices 38
39 KNXnet/IP Secure Multicast Interconnection devices Management devices (ETS) MD IP Backbone using KNXnet/IP Secure * No forward secrecy * No non-repudiation Sensors, Actuators, and Controller devices 39
40 KNXnet/IP Secure Multicast Interconnection devices Management devices (ETS) MD IP Backbone using KNXnet/IP Secure * Compromise => extract key information => impersonate this => compromise group => reconfigure other hash used as a pwd! Sensors, Actuators, and Controller devices 40
41 KNXnet/IP Secure Multicast Interconnection devices Management devices (ETS) MD IP Backbone using KNXnet/IP Secure Sensors, Actuators, and Controller devices this parameter specifies the acceptance window for length of the accepting incoming multicast frames with a past timestamp (sequence identifier) * Replay traffic within latency tolerance 41
42 KNXnet/IP Secure Multicast Interconnection devices Management devices (ETS) MD IP Backbone using KNXnet/IP Secure Sensors, Actuators, and Controller devices traffic after downtime * Replay It shall under no circumstances be decremented because this would weaken the resistance against replay attacks. To achieve this, the sequence counter must be persisted during power-off conditions. Even better it should be increased during power-off conditions using an RTC 42
43 Custom AES CTR 43
44 Custom AES CTR 44
45 Custom AES CTR 45
46 CBC MAC Forgery? depends on byte order and detailed construction of and Only possible on messages which are authenticated but not encrypted 46
47 CBC MAC Forgery? 47
48 CBC MAC Forgery? 48
49 CBC MAC Forgery? 49
50 Conclusio Current/classical KNX => no security unicast / multicast (+) yes, (-) no, (~) nice try Property KNX KNXnet/IP Secure Authentication -/- ~/- Authorization -/- +/- Non-repudiation -/- -/- Integrity -/- +/~ Freshness -/- +/~ Confidentiality -/- +/~ Forward secrecy -/- +/- Availability -/- -/- 50
51 EOF 51
Bitcoin/Namecoin/*coin: On Bitcoin like protocols and their relation to other IT-Security issues
: On Bitcoin like protocols and their relation to other IT-Security issues Aljosha Judmayer ajudmayer@sba-research.org 2014-11-07 SBA Research Area 1 (GRC): Governance, Risk and Compliance P1.1: Risk Management
More informationKNX Secure. KNX Position Paper on Data Security and Privacy
KNX Secure KNX Position Paper on Data Security and Privacy KNX Secure Position Paper This paper is intended as a guide for both installers as well as KNX manufacturers to learn about the current measures
More informationChapter 24 Wireless Network Security
Chapter 24 Wireless Network Security Wireless Security Key factors contributing to higher security risk of wireless networks compared to wired networks include: o Channel Wireless networking typically
More informationLecture 12 Page 1. Lecture 12 Page 3
IPsec Network Security: IPsec CS 239 Computer Software February 26, 2003 Until recently, the IP protocol had no standards for how to apply security Encryption and authentication layered on top Or provided
More informationLecture 13 Page 1. Lecture 13 Page 3
IPsec Network Security: IPsec CS 239 Computer Software March 2, 2005 Until recently, the IP protocol had no standards for how to apply security Encryption and authentication layered on top Or provided
More informationMing Ming Wong Jawad Haj-Yahya Anupam Chattopadhyay
Hardware and Architectural Support for Security and Privacy (HASP 18), June 2, 2018, Los Angeles, CA, USA Ming Ming Wong Jawad Haj-Yahya Anupam Chattopadhyay Computing and Engineering (SCSE) Nanyang Technological
More informationIPSECv6 Peach Pit User Guide. Peach Fuzzer, LLC. v3.7.50
IPSECv6 Peach Pit User Guide Peach Fuzzer, LLC v3.7.50 Copyright 2015 Peach Fuzzer, LLC. All rights reserved. This document may not be distributed or used for commercial purposes without the explicit consent
More informationSummary on Crypto Primitives and Protocols
Summary on Crypto Primitives and Protocols Levente Buttyán CrySyS Lab, BME www.crysys.hu 2015 Levente Buttyán Basic model of cryptography sender key data ENCODING attacker e.g.: message spatial distance
More informationWireless LAN Security. Gabriel Clothier
Wireless LAN Security Gabriel Clothier Timeline 1997: 802.11 standard released 1999: 802.11b released, WEP proposed [1] 2003: WiFi alliance certifies for WPA 2004: 802.11i released 2005: 802.11w task group
More informationContents. Configuring SSH 1
Contents Configuring SSH 1 Overview 1 How SSH works 1 SSH authentication methods 2 SSH support for Suite B 3 FIPS compliance 3 Configuring the device as an SSH server 4 SSH server configuration task list
More informationIntroduction and Overview. Why CSCI 454/554?
Introduction and Overview CSCI 454/554 Why CSCI 454/554? Get Credits and Graduate Security is important More job opportunities More research funds 1 Workload Five homework assignments Two exams (open book
More informationECHONET Lite SPECIFICATION. ECHONET Lite System Design Guidelines 2011 (2012) ECHONET CONSORTIUM ALL RIGHTS RESERVED
Part V ECHONET Lite System Design Guidelines i 2011 (2012) ALL RIGHTS RESERVED The specifications published by the ECHONET Consortium are established without regard to industrial property rights (e.g.,
More informationKNX TP1 Topology. KNX Association
KNX TP1 Topology Table of Contents 1 Topology Overall view... 3 2 Topology... 4 3 Topology: Area... 5 4 Topology: Several Areas... 6 5 Physical address... 7 6 Coupling Unit: Gate Function... 8 7 Coupler:
More informationSecure Ethernet Communication for Autonomous Driving. Jared Combs June 2016
Secure Ethernet Communication for Autonomous Driving Jared Combs June 2016 Agenda Motivation for Security The Multi-Level Security Architecture Proposal Level 1: Restrict access to the network Level 2:
More informationWhat do we expect from Wireless in the Factory?
What do we expect from Wireless in the Factory? And what are we doing about it? ETSI Wireless Factory Workshop, 15 December 2008 Tim Whittaker System Architect, Wireless Division 11 December 2008 S4989-P-188
More informationMisuse-resistant crypto for JOSE/JWT
Misuse-resistant crypto for JOSE/JWT Neil Madden OAuth Security Workshop, 2018 1 JOSE Content Encryption Methods Provide authenticated encryption AES-CBC with HMAC-SHA2 Requires random 128-bit IV Must
More informationCisco Wireless LAN Controller Module
Cisco Wireless LAN Controller Modules Simple and secure wireless deployment and management for small and medium-sized businesses (SMBs) and enterprise branch offices Product Overview Cisco Wireless LAN
More informationThe IPsec protocols. Overview
The IPsec protocols -- components and services -- modes of operation -- Security Associations -- Authenticated Header (AH) -- Encapsulated Security Payload () (c) Levente Buttyán (buttyan@crysys.hu) Overview
More informationOpenSSH. 24th February ASBL CSRRT-LU (Computer Security Research and Response Team Luxembourg) 1 / 12
OpenSSH ASBL CSRRT-LU (Computer Security Research and Response Team Luxembourg) http://www.csrrt.org/ 24th February 2006 1 / 12 SSH - History 1995 Tatu Ylonen releases ssh-1.0.0 (Forms SSH Communications
More informationBACdroid A versatile platform for building automation
BACdroid A versatile platform for building automation Markus Jung, Christian Mauser, Wolfgang Kastner Institute of Computer Aided Automation Automation Systems Group Vienna University of Technology Vienna,
More information05 - WLAN Encryption and Data Integrity Protocols
05 - WLAN Encryption and Data Integrity Protocols Introduction 802.11i adds new encryption and data integrity methods. includes encryption algorithms to protect the data, cryptographic integrity checks
More informationAIR-WLC K9 Datasheet. Overview. Check its price: Click Here. Quick Specs
AIR-WLC4402-12-K9 Datasheet Check its price: Click Here Overview Cisco 4400 Series Wireless LAN Controller provides systemwide wireless LAN functions for medium to large-sized facilities. By automating
More informationWPA-GPG: Wireless authentication using GPG Key
Università degli Studi di Bologna DEIS WPA-GPG: Wireless authentication using GPG Key Gabriele Monti December 9, 2009 DEIS Technical Report no. DEIS-LIA-007-09 LIA Series no. 97 WPA-GPG: Wireless authentication
More informationThe World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to
1 The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to compromises of various sorts, with a range of threats
More informationDeployment of Cisco IP Mobility Solution on Enterprise Class Teleworker Network
Deployment Guide Deployment of Cisco IP Mobility Solution on Enterprise Class Teleworker Network The Cisco Service Oriented Network Architecture (SONA) framework helps enterprise customers evolve their
More informationProposals and Evaluations aimed to improve Performances of KNX Home and Building Communication Standard
Università degli Studi di Catania Dipartimento di Ingegneria Informatica e delle Telecomunicazioni DOTTORATO DI RICERCA IN INGEGNERIA INFORMATICA E DELLE TELECOMUNICAZIONI XXIII CICLO Proposals and Evaluations
More informationNo Country for Old Security Compliance in the Cloud. Joel Sloss, CDSA Board of Directors May 2017
No Country for Old Security Compliance in the Cloud Joel Sloss, CDSA Board of Directors May 2017 Emerging Threats Specific/sequential targeting Effective reconnaissance Practiced tool usage Sophisticated
More informationCryptography and Network Security Chapter 12. Message Authentication. Message Security Requirements. Public Key Message Encryption
Cryptography and Network Security Chapter 12 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 12 Message Authentication Codes At cats' green on the Sunday he took the message from
More informationCSCE 715: Network Systems Security
CSCE 715: Network Systems Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina Security in Network Layer Implementing security in application layer provides flexibility in security
More informationAutokey Version 2 Specification
Autokey Version 2 Specification draft-sibold-autokey-00 Authors: Dr. D. Sibold PTB, Stephen Röttger IETF 85, Atlanta, USA, November 4 9, 2012 Introduction Scope: Autokey V2 shall provide Authenticity of
More informationConfiguring WEP and WEP Features
CHAPTER 9 This chapter describes how to configure Wired Equivalent Privacy (WEP), Message Integrity Check (MIC), and Temporal Key Integrity Protocol (TKIP). This chapter contains these sections: Understanding
More informationThe Secure Shell (SSH) Protocol
The Secure Shell (SSH) Protocol Mario Čagalj University of Split, FESB Introduction What is SSH? SSH is a protocol for secure remote login and other secure network services over an insecure network (RFC
More informationSNMP and Network Management
Contents SNMP and Network Management Network Management MIB naming tree, MIB-II SNMP protocol SNMP traps SNMP versions Nixu Ltd 2 Network management When you have 100s of computers in a network or are
More informationWireless Security Security problems in Wireless Networks
Wireless Security Security problems in Wireless Networks Security of Wireless Networks Wireless networks are everywhere more and more electronic devices are becoming wireless However, ensuring security
More informationSimplifying Device and System Integration Specifications for Building Automation Systems
Simplifying Device and System Integration Specifications for Building Automation Systems Ron Bernstein LonMark Chief Ambassador ron@lonmark.org LONMARK The Next Generation Greater system integration going
More informationCsci388. Wireless and Mobile Security Access Control: 802.1X, EAP, and RADIUS. Importance of Access Control. WEP Weakness. Wi-Fi and IEEE 802.
WEP Weakness Csci388 Wireless and Mobile Security Access Control:, EAP, and Xiuzhen Cheng cheng@gwu.edu 1. IV is too short and not protected from reuse 2. The per packet key is constructed from the IV,
More informationMigrating from Cisco HSRP to industry standard VRRP
Migrating from Cisco HSRP to industry standard VRRP Technical white paper Table of contents Router Redundancy Protocol overview... 2 Introduction to Cisco Hot Standby Router Protocol (HSRP)... 2 Introduction
More informationSecurity Requirements
Message Authentication and Hash Functions CSCI 454/554 Security Requirements disclosure traffic analysis masquerade content modification sequence modification timing modification source repudiation destination
More informationCIS 4360 Secure Computer Systems Symmetric Cryptography
CIS 4360 Secure Computer Systems Symmetric Cryptography Professor Qiang Zeng Spring 2017 Previous Class Classical Cryptography Frequency analysis Never use home-made cryptography Goals of Cryptography
More informationDD2490 p Layer 2 networking. Olof Hagsand KTH CSC
DD2490 p4 2010 Layer 2 networking Olof Hagsand KTH CSC 1 Literature Radia Pearlman Interconnections - Bridges, Routers, Switches and Internetworking Protocols, Addison-Wesley. Section 3: Transparent bridges
More informationNETWORK INTRUSION. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006
NETWORK INTRUSION Information Security in Systems & Networks Public Development Program Sanjay Goel University at Albany, SUNY Fall 2006 1 Learning Objectives Students should be able to: Recognize different
More informationImproved KRACK Attacks Against WPA2 Implementations. Mathy OPCDE, Dubai, 7 April 2018
Improved KRACK Attacks Against WPA2 Implementations Mathy Vanhoef @vanhoefm OPCDE, Dubai, 7 April 2018 Overview Key reinstalls in 4-way handshake New KRACKs Practical impact Lessons learned 2 Overview
More informationTinySec: A Link Layer Security Architecture for Wireless Sensor Networks. Presented by Paul Ruggieri
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof, Naveen Sastry,, David Wagner Presented by Paul Ruggieri 1 Introduction What is TinySec? Link-layer security architecture
More informationExperimenting Security Algorithms for the IEC based Substation Communication
Experimenting Security Algorithms for the IEC 61850-based Substation Communication Sugwon Hong 1, Dae-Yong Shin 1, and Seung-Jae Lee 2 1 Department of Computer Software, 2 Electrical Engineering Myongji
More informationBreezeACCESS VL Security
BreezeACCESS VL Security Technical Paper Alvarion Ltd. All rights reserved. The material contained herein is proprietary. No part of this publication may be reproduced in any form without the express written
More informationCN-100 Network Analyzer Product Overview
CN-100 Network Analyzer Product Overview CN-100 network analyzers offer an extremely powerful yet cost effective solution for today s complex networking requirements. Test Ethernet or ATM networks with
More informationContents 1. Summary
Guangzhou Video-star Electronics Industrial Co., Ltd K-BUS R KNX IP Router User manual-ver.1 BNIPR-00/00.1 KNX/EIB Intelligent Installation Systems Contents 1. Summary------------------------------------------------------------------------------------------------------------------------------
More informationPrivacy and Security in Smart Grids
Faculty of Computer Science, Institute of Systems Architecture, Chair for Privacy and Data Security Privacy and Security in Smart Grids The German Approach Sebastian Clauß, Stefan Köpsell Dresden, 19.10.2012
More information8. Network Layer Contents
Contents 1 / 43 * Earlier Work * IETF IP sec Working Group * IP Security Protocol * Security Associations * Authentication Header * Encapsulation Security Payload * Internet Key Management Protocol * Modular
More informationZigBee Security Specification Overview
Wireless Control That Simply Works ZigBee Security Specification Overview Copyright 2005 ZigBee TM Alliance. All Rights Reserved. Agenda ZigBee Security Overview Residential Applications Guidelines Typical
More informationNetwork Encryption 3 4/20/17
The Network Layer Network Encryption 3 CSC362, Information Security most of the security mechanisms we have surveyed were developed for application- specific needs electronic mail: PGP, S/MIME client/server
More informationTOBIAS ZILLNER ZIGBEE EXPLOITED THE GOOD, THE BAD AND THE UGLY
TOBIAS ZILLNER ZIGBEE EXPLOITED THE GOOD, THE BAD AND THE UGLY TOBIAS ZILLNER ABOUT ME Senior IS Auditor @ Cognosec in Vienna Penetration Testing, Security Audits & Consulting IoT Security Research, Playing
More informationSNMP and Network Management
SNMP and Network Management Nixu Ltd Contents Network Management MIB naming tree, MIB-II SNMP protocol SNMP traps SNMP versions 2 Network management When you have 100s of computers in a network or are
More informationSecure Internet Communication
Secure Internet Communication Can we prevent the Cryptocalypse? Dr. Gregor Koenig Barracuda Networks AG 09.04.2014 Overview Transport Layer Security History Orientation Basic Functionality Key Exchange
More informationComputer Networks (Introduction to TCP/IP Protocols)
Network Security(CP33925) Computer Networks (Introduction to TCP/IP Protocols) 부산대학교공과대학정보컴퓨터공학부 Network Type Elements of Protocol OSI Reference Model OSI Layers What we ll learn today 2 Definition of
More informationSWITCHED ETHERNET TESTING FOR AVIONICS APPLICATIONS. Ken Bisson Troy Troshynski
SWITCHED ETHERNET TESTING FOR AVIONICS APPLICATIONS Ken Bisson Troy Troshynski 2007 Switched Ethernet is being implemented as an avionics communication architecture. A commercial standard (ARINC-664) and
More informationIPSec. Overview. Overview. Levente Buttyán
IPSec - brief overview - security associations (SAs) - Authentication Header (AH) protocol - Encapsulated Security Payload () protocol - combining SAs (examples) Overview Overview IPSec is an Internet
More informationNetwork Security: Broadcast and Multicast. Tuomas Aura T Network security Aalto University, Nov-Dec 2011
Network Security: Broadcast and Multicast Tuomas Aura T-110.5241 Network security Aalto University, Nov-Dec 2011 Outline 1. Broadcast and multicast 2. Receiver access control (i.e. data confidentiality)
More informationSecurity & Trust in Smart Cities. A Min Tjoa Vienna University of Technology & SBA Research
Security & Trust in Smart Cities A Min Tjoa Vienna University of Technology & SBA Research Overview General Intro Smart City / Digital Trust Activities Quest for Specific Smart City Activities Quest for
More informationSecurity for KNXnet/IP
Security for KNXnet/IP Daniel Lechner Wolfgang Granzer Wolfgang Kastner Automation Systems Group Institute of Automation Vienna University of Technology Treitlstraße 1-3, A-1040 Vienna, Austria {dlechner,w,k}
More informationPersistent key, value storage
Persistent key, value storage In programs, often use hash tables - E.g., Buckets are an array of pointers, collision chaining For persistant data, minimize # disk accesses - Traversing linked lists is
More informationCSCE 715: Network Systems Security
CSCE 715: Network Systems Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina Next Topic in Cryptographic Tools Symmetric key encryption Asymmetric key encryption Hash functions and
More informationBraindumpsVCE. Best vce braindumps-exam vce pdf free download
BraindumpsVCE http://www.braindumpsvce.com Best vce braindumps-exam vce pdf free download Exam : SY0-501 Title : CompTIA Security+ Certification Exam Vendor : CompTIA Version : DEMO Get Latest & Valid
More informationAnalysis of e Multicast/Broadcast group privacy rekeying protocol
CS 259 Final Report Analysis of 802.16e Multicast/Broadcast group privacy rekeying protocol Ju-Yi Kuo 1. Protocol Overview 802.16 is the wireless MAN standard for metropolitan area networks, and 802.16e
More informationSecuring the Frisbee Multicast Disk Loader
Securing the Frisbee Multicast Disk Loader Robert Ricci, Jonathon Duerig University of Utah 1 What is Frisbee? 2 Frisbee is Emulab s tool to install whole disk images from a server to many clients using
More informationSecuring Your Wireless LAN
Securing Your Wireless LAN Pejman Roshan Product Manager Cisco Aironet Wireless Networking Session Number 1 Agenda Requirements for secure wireless LANs Overview of 802.1X and TKIP Determining which EAP
More informationJunos Security. Chapter 8: IPsec VPNs Juniper Networks, Inc. All rights reserved. Worldwide Education Services
Junos Security Chapter 8: IPsec VPNs 2012 Juniper Networks, Inc. All rights reserved. www.juniper.net Worldwide Education Services Chapter Objectives After successfully completing this chapter, you will
More informationTLS1.2 IS DEAD BE READY FOR TLS1.3
TLS1.2 IS DEAD BE READY FOR TLS1.3 28 March 2017 Enterprise Architecture Technology & Operations Presenter Photo Motaz Alturayef Jubial Cyber Security Conference 70% Privacy and security concerns are
More informationComputer and Network Security
Computer and Network Security c Copyright 2000 R. E. Newman Computer & Information Sciences & Engineering University Of Florida Gainesville, Florida 32611-6120 nemo@cise.ufl.edu Network Security (Pfleeger
More informationCIT 380: Securing Computer Systems. Network Security Concepts
CIT 380: Securing Computer Systems Network Security Concepts Topics 1. Protocols and Layers 2. Layer 2 Network Concepts 3. MAC Spoofing 4. ARP 5. ARP Spoofing 6. Network Sniffing Protocols A protocol defines
More informationFIPS Management. FIPS Management Overview. Configuration Changes in FIPS Mode
This chapter contains the following sections: Overview, on page 1 Configuration Changes in FIPS Mode, on page 1 Switching the Appliance to FIPS Mode, on page 2 Encrypting Sensitive Data in FIPS Mode, on
More informationProf. Shervin Shirmohammadi SITE, University of Ottawa. Security Architecture. Lecture 13: Prof. Shervin Shirmohammadi CEG
Lecture 13: Security Architecture Prof. Shervin Shirmohammadi SITE, University of Ottawa Prof. Shervin Shirmohammadi CEG 4185 13-1 Network Assets and Security Threats Assets: Hardware (PC, workstation,
More informationConfiguring Internet Key Exchange Security Protocol
Configuring Internet Key Exchange Security Protocol This chapter describes how to configure the Internet Key Exchange (IKE) protocol. IKE is a key management protocol standard that is used in conjunction
More informationCompetence Center Europe Smart Buildings
MARCH 2019 Competence Center Europe Smart Buildings Thorsten Reibel, Jürgen Schilder, Stefan Grosse, Martin Wichary & Ilija Zivadinovic Copyright 2019 ABB. All rights reserved. Document ID.: Rev.: Agenda
More informationUNDERSTANDING SENETAS LAYER 2 ENCRYPTION TECHNICAL-PAPER
1 UNDERSTANDING SENETAS LAYER 2 ENCRYPTION TECHNICAL-PAPER CN encryption devices are purpose built hardware appliances that have been designed and developed in Australia by Senetas Corporation since 1997.
More informationImplementing Cryptography: Good Theory vs. Bad Practice
Implementing Cryptography: Good Theory vs. Bad Practice Viet Pham Information Security Group, Department of Mathematics Royal Holloway, University of London Outline News report What is cryptography? Why
More informationSecurity in KNX or how to steal a skyscraper
Security in KNX or how to steal a skyscraper Egor Litvinov e.litvinov@dsec.ru Egor Litvinov Specializes in ICS security of embedded devices Dedicated a lot of time to programming industrial controllers
More informationCisco SGE Port Gigabit Switch Cisco Small Business Managed Switches
Cisco SGE2000 24-Port Gigabit Switch Cisco Small Business Managed Switches High-Performance, Reliable, Stacking Switch for Small Businesses Highlights 24 high-speed ports optimized for the network core
More informationSession key establishment protocols
our task is to program a computer which gives answers which are subtly and maliciously wrong at the most inconvenient possible moment. -- Ross Anderson and Roger Needham, Programming Satan s computer Session
More informationIntroduction. Executive Summary. Test Highlights
Introduction Cisco commissioned EANTC to conduct an independent performance test of its new Catalyst 9000 family switches. The switches are designed to work in enterprise campus environments. Cisco offers
More informationComputer Security. 10r. Recitation assignment & concept review. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 10r. Recitation assignment & concept review Paul Krzyzanowski Rutgers University Spring 2018 April 3, 2018 CS 419 2018 Paul Krzyzanowski 1 1. What is a necessary condition for perfect
More informationNetwork Security and Cryptography. December Sample Exam Marking Scheme
Network Security and Cryptography December 2015 Sample Exam Marking Scheme This marking scheme has been prepared as a guide only to markers. This is not a set of model answers, or the exclusive answers
More informationSession key establishment protocols
our task is to program a computer which gives answers which are subtly and maliciously wrong at the most inconvenient possible moment. -- Ross Anderson and Roger Needham, Programming Satan s computer Session
More informationSecuring IoT devices with STM32 & STSAFE Products family. Fabrice Gendreau Secure MCUs Marketing & Application Managers EMEA Region
Securing IoT devices with STM32 & STSAFE Products family Fabrice Gendreau Secure MCUs Marketing & Application Managers EMEA Region 2 The leading provider of products and solutions for Smart Driving and
More informationµtasker Document µtasker Multicasting and Internet Group Management Protocol (IGMP)
Embedding it better... µtasker Document µtasker Multicasting and Internet Group Management Protocol (IGMP) utasker_igmp.doc/0.01 Copyright 2014 M.J.Butcher Consulting Table of Contents 1. Introduction...3
More informationSensor-to-cloud connectivity using Sub-1 GHz and
Sensor-to-cloud connectivity using Sub-1 GHz and 802.15.4 Nick Lethaby, IoT, Ecosystem Manager, Texas Instruments Agenda Key design considerations for a connected IoT sensor Overview of the Sub-1 GHz band
More informationAuthenticate and encrypt all serial data communications to protect critical assets
Serial Shield Authenticate and encrypt all serial data communications to protect critical assets Strong cryptography secures serial and dial-up devices. Up to 57,600 bps link speed protects engineering
More informationLecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005
Firewalls Lecture 33 Security April 15, 2005 Idea: separate local network from the Internet Trusted hosts and networks Intranet Firewall DMZ Router Demilitarized Zone: publicly accessible servers and networks
More informationAn Industry view of IPv6 Advantages
An Industry view of IPv6 Advantages March 2002 Yanick.Pouffary@Compaq.Com Imagine what IPv6 can do for you! 1 Where we are Today IPv4 a victim of its own success IPv4 addresses consumed at an alarming
More informationSecurity Handshake Pitfalls
Security Handshake Pitfalls 1 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: Authenticate each other Establish sessions keys This process may
More informationChapter 3 Managing System Settings
Chapter 3 Managing System Settings Using the System Settings Utility The navigation pane at the top of the web browser interface contains a System tab that enables you to manage your FS700TSSmart Switch
More informationUnderstanding Layer 2 Encryption
Understanding Layer 2 Encryption TECHNICAL WHITEPAPER Benefits of Layer 2 Encryption Lowest cost of ownership Better bandwith efficiency (up to 50%) Minimal ongoing maintenance routing updates transparent
More informationWireless Attacks and Countermeasures
Wireless Attacks and Countermeasures Wireless Network Technology Wireless network refers to any type of computer network which is wireless, and is commonly associated with a network whose interconnections
More informationIPv6 is Internet protocol version 6. Following are its distinctive features as compared to IPv4. Header format simplification Expanded routing and
INTERNET PROTOCOL VERSION 6 (IPv6) Introduction IPv6 is Internet protocol version 6. Following are its distinctive features as compared to IPv4. Header format simplification Expanded routing and addressing
More informationSymmetric Encryption 2: Integrity
http://wwmsite.wpengine.com/wp-content/uploads/2011/12/integrity-lion-300x222.jpg Symmetric Encryption 2: Integrity With material from Dave Levin, Jon Katz, David Brumley 1 Summing up (so far) Computational
More informationZIGBEE EXPLOITED. The good, the bad and the ugly. Tobias Zillner August 6th Cognosec 2015 Castellezgasse 16/ Vienna, Austria
ZIGBEE EXPLOITED The good, the bad and the ugly Tobias Zillner August 6th 2015 Cognosec 2015 Castellezgasse 16/2 1020 Vienna, Austria TABLE OF CONTENTS ABSTRACT... 1 INTRODUCTION... 1 THE ZIGBEE STANDARD...
More informationCIS 4360 Secure Computer Systems Applied Cryptography
CIS 4360 Secure Computer Systems Applied Cryptography Professor Qiang Zeng Spring 2017 Symmetric vs. Asymmetric Cryptography Symmetric cipher is much faster With asymmetric ciphers, you can post your Public
More informationCOOPERATIVE ITS SECURITY STANDARDIZATION AND ACTIVITIES ON EUROPEAN C ITS TRUST MODEL AND POLICY
COOPERATIVE ITS SECURITY STANDARDIZATION AND ACTIVITIES ON EUROPEAN C ITS TRUST MODEL AND POLICY ETSI IoT Security WORKSHOP, 13 15 June 2016 Brigitte LONC, RENAULT ETSI TC ITS WG 5 Chairman ETSI 2016.
More informationSECURITY OF CPS: SECURE EMBEDDED SYSTEMS AS A BASIS
SECURITY OF CPS: SECURE EMBEDDED SYSTEMS AS A BASIS Christoph Krauß, christoph.krauss@aisec.fraunhofer.de Dagstuhl Seminar 11441: Science and Engineering of CPS, November 2011 Overview Introduction Securing
More informationMessage authentication codes
Message authentication codes Martin Stanek Department of Computer Science Comenius University stanek@dcs.fmph.uniba.sk Cryptology 1 (2017/18) Content Introduction security of MAC Constructions block cipher
More information