A Secure and Robust Connectivity Architecture for Smart Devices and Applications
© Taeshik Shon et al. 2011
Received: 31 May 2010
Accepted: 2 August 2010
Published: 15 August 2010
Convergence environments and technologies are urgently coming close to our life with various wireless communications and smart devices in order to provide many benefits such as connectivity, usability, mobility, portability, and flexibility as well as lower installation and maintenance costs. Convergence has brought important change not only in the way we live but also in the way we think. It is the progress towards the attempt to create and to evolve new valuable services through the device convergence and fusion of in-home, office, and various environments around the personal mobile apparatus. Based on the dynamic trends of convergence, it is widely argued that the increased requirements on secure and robust connectivity between a variety of mobile devices and their applications provide us the era of real pervasive computing environment. Thus, in this paper, we present a novel connectivity architecture using RF4CE-(Radio Frequency for Consumer Electronics-) based wireless zero-configuration and enhanced key agreement approach. We analyze the security and performance of our proposed approach by the development of the prototype H/W and the construction of a testbed with CE and mobile devices.
Nowadays, various smart devices and their applications are rapidly increasing according to the smart grid environment based on the interlocking and controlling of in-home smart appliances. It means that the rapid and explosive increase of the mobile device like smartphone and tablet PC will have a big impact on human life more and more. The enlargement of the mobile devices based on wired and wireless mobile communication technologies becomes one of the important factors that brings into various and new convergence services, and then promotes it. Such recent trends request the innovative paradigm about the various convergence services satisfying the individualized desire and consequently brings into the new converged services and open media platforms. Open platform convergence services between devices evolve into D2S (Device-to-Solution) in the existing D2D (Device-to-Device), and also evolve into M2M (Machine-to-Machine), that is all things' convergence, based on interaction with devices that are not the simple coupling between device-to-device and device-to-solution [1–4]. As the convergence technologies of next generation wireless networks and smart devices are rapidly emerging, secure and easy connection between various mobile devices has become a primary concern and a mandatory requirement in order to ensure dependable, secure communications and simple connectivity services under mobile and wireless network environment to end users. In this sense, IEEE 802.15.4 technologies are presented, as one of the representative convergence connectivity technologies, and favored to be applied to diversified mobile devices and their WPAN environments. In last March 2009, a principal electronics 4 corp. (Panasonic, Philips, Samsung Electronics, and SONY) and ZigBee Alliance agreed to found the RF4CE (Radio Frequency for Consumer Electronics) consortium which is based on the existing IEEE 802.15.4 radio frequency [5–7]. Thus, the RF4CE standard can be one of the best candidates to fulfill the requirement for connecting heterogeneous mobile devices as well as various CE devices. In the security aspect, the link key generation scheme through exchanging key seeds is supported between the RF4CE enabled devices in order to provide reliable communication. However, the scheme provided by RF4CE standard has a vulnerability like Man-in-the-Middle (MITM) attack that key seed value can be exposed to the third party because the key seed is exchanged as a plaintext, and a third party can acquire and masquerade key seeds to generate link encryption key. Besides, the scheme also has the vulnerability of key seed retransmission and interception. In case key seeds are affected by a network attack like DoS (Denial of Service), additional seed retransmission is required because maximum 255 seeds should always be successively reassembled to generate a link key between nodes for secure communication. In case of Bluetooth, it has the risk of guessing of a PIN (Personal Identification Number) and the exposure of a random number according to a security mode [8, 9].
In this paper, we first address the RF4CE-based zero configuration in order to provide easy control and contents sharing for a smart digital home device and applications. We then propose RF4CE-based enhanced key agreement using certificate-based mutual authentication to prevent cloned or comprised devices from joining RF4CE network and two-phase key seed distribution to provide efficient and robust key seed exchange.
The first contribution of this paper is that the proposed zero-configuration approach provides energy efficient, simple, and easy configuration method to various devices during their connectivity control and data sharing. The second contribution is that the proposed RF4CE-based enhanced key agreement protocol provides a device identification and a forgery prevention using mutual device authentication, and generates a like encryption key without using all 255 key seeds which have the possibility of information disclosure to the third party, and resolves the vulnerability that key seed information is exposed to the third party by applying fundamental key seed encryption. Finally, we present a novel secure and robust connectivity architecture based on RF4CE for smart devices and applications.
This paper is organized as follows. In Section 2, we deal with the introduction of RF4CE and security issues of the existing techniques. In Section 3, the proposed approaches are presented such as the ad hoc and infrastructure configuration and advanced pairing method. In Section 4, the actual system implementation and experiment are illustrated. Discussion about the proposed approach is explained in Section 5. Finally, we draw a conclusion of this paper in Section 6.
2.1. Overview of RF4CE
The RF4CE of the ZigBee alliance is one of the defacto WPAN standard technologies determined in March 2009 by the representative electric home appliances enterprises including Panasonic, Samsung Electronics, SONY, and Philips in order to prepare for the rapid increasing demand of bidirectional communication and remote control functionalities in CE market such as TV, home-theater, set-top box, DVD, and so forth.
2.2. Connectivity Security Issues
The use of interoperation between various consumer electronics, for examples, TV, Set-top box and DVD players, and portable IT devices such as mobile terminals and net-book is highly increasing. The network connectivity among CE and portable IT devices are strongly needed primarily because they have various wireless interfaces. Any service on top of the connectivity, for example, content sharing service between devices is impossible without easy set up of network connection between digital devices. Not much easy set up of network connection is recognized as industry standard. In Wi-Fi alliance , Wireless Protected Setup (WPS) provides easy set up between AP (Access Point) and IT device with Wi-Fi interface. By using WPA/WPA2 security module, it near-automatically configures secure connectivity between IT device and AP (Access Point) as long as two devices are certified as Wi-Fi Protected Setup. However, although many options including PBC (Push Button Configuration) and PIN (Personal Identification Number) modes are available for WPS, it is only good for connectivity between AP and IT device, namely, AP infrastructure mode and does not support ad hoc mode. A technical working group for extension of WPS is hence progressing in Wi-Fi alliance [10–13].
RF4CE can provide the basic security functionalities such as frame encryption and data authentication in MAC layer because it is based on IEEE 802.15.4 specification. In the network layer of RF4CE, it first generates 128 bits link encryption key and stores the key in the pairing table after finishing the pairing process, and then the encryption key is utilized for secure data transmission. In the process of distributing the key seeds, it establishes secure channel between nodes. At this time, a controller and target node first performs the pairing process, and then checks the security capability option of the pairing request node. In case the correspondent node supports the security function, a key seed distribution process is performed. During the key seed distribution, the key seed values of the maximum n are delivered to a controller and then the same secret key is generated in an end-to-end. At this time, the maximum n of the transmitted key seed value is 255. In each node, the key seed value is reassembled through the XOR operation and then generates the link encryption key [6, 7, 12, 14]. However, the key seed values have the vulnerabilities such as data interception, masquerading, and denial-of-service by the third party as well as MITM attack because of being transmitted to the plaintext state without providing an encryption or any security functions. Therefore, the key seed wiretapping by malicious users should be fundamentally prevented, and a solution for forgery of seed value itself and a sequence number of a key seed frame is required, too. In order to prevent DoS attack, it is necessary to support tolerant and resilient capability to prepare for interrupting the normal key seed distribution and secret key generation. There is the protection method of the key seed value through an encryption by using a predistributed master key as a simple solution for solving this problem between nodes. However, there remains still security issues like a node capture and distribution the master key safely.
Recently, several researches related to connectivity and control platform such as universal control, home sensor service, and media processing multimedia platforms. In , the authors presented RF4CE-based remote control framework, however, it does not describe security analysis and performance analysis to address the proposed architecture's superiority. Some researches [16, 17] showed the multimedia processing platform based on p2p network and PTP/IP. In addition, sensor network platforms are suggested to show the applications using various connectivities in [17, 18]. However, such researches cannot provide enough security aspect and robustness.
3. Proposed Approach
In this section, we present novel connectivity architecture with zeroconfiguration and advanced pairing approach based on RF4CE. The zero-configuration approach is required to provide simple and easy connection between various Wi-Fi supported devices. And the proposed pairing scheme is good alternative for complementing the vulnerabilities of the existing RF4CE key agreement scheme.
3.1. Ad Hoc and Infrastructure Connection Mode
In order to provide zero-configuration functionalities, each device should have multi-RF (RF4CE and Wireless interface like Wi-Fi) zero-configuration core modules, and its application component. In this environment, a mobile terminal (user) can make a connection between TV and PC as well as their turning on and off using RF4CE interface, and then remote control and contents sharing services can be provided by simple Wi-Fi zero configuration. In Wi-Fi zero configuration, the proposed approach can support both infrastructure mode based on Access Point and ad hoc mode connection. The zero-configuration architecture capabilities can be performed by the distinguished features of RF4CE such as NLOS (No Line-Of-Sight or field of vision limitations) feature, bidirectional capability, reliable communications, power consumption, and true interoperability between vendors' products. In aspects of our implementation, we assume that the architecture has RF4CE and Wi-Fi RF interface. Thus, it can perform energy efficient power control, Wi-Fi zero configuration and exchanging control command by RF4CE and high-speed data transmission by Wi-Fi. The zero-configuration module supports lower layer's RF interfaces, zero-configuration component, and RF interface controller. In other words, the zero-configuration core module performs RF interface control and management, and zero configuration of Wi-Fi network based on RF4CE control channel. Application components have a variety of application service profiles to provide remote control service, energy efficient power control, and content sharing. If more application profiles are added on our devices, they can work with other devices using the same application profile based on the zero-configuration architecture.
As we already mentioned about two kinds of zero configuration modes, there are two connection modes like AP and ad hoc for Wi-Fi zero configurations using RF4CE. The proposed architecture can support ad hoc and Infrastructure modes when a device requires making a connection with other devices with Wi-Fi.
3.2. Advanced Pairing
In this section, we propose advanced pairing approach based on RF4CE key agreement scheme. We first present a mutual authentication process between devices entering RF4CE network is performed to provide enhanced RF4CE key agreement with two-phase key seed distribution based on a certificate like Mobile WiMAX . In the device authentication of the IEEE 802.16 standard called Mobile WiMAX, it prepared for a forgery attack like a cloned SS by using a certificate applied in the manufacturing process [19–21]. In other words, we concentrate on the authentication of the devices itself, however, it can verify whether a device participating in the RF4CE pairing process is normally manufactured or not. It also decreases the possibility of a masquerading attack in which a compromised controller or target participates in key seed allocation process.
After finishing mutual authentication process, the proposed connectivity architecture performs two-phase key seed distribution. Basically, after distributing 255 seed values in the existing method, these values were performed XOR operation to generate the link encryption key of 128 bits. However, the existing method have some problems such as key seeds are sent to a node as a plaintext and all key seed values (maximum 255 seeds) should be guaranteed their successful transmission each time without loss. Therefore, in this paper, we propose two-phase key seed distribution approaches called quick and main mode. In case of quick mode, it can provide DoS resilient capability because it does not need to send maximum 255 key seeds every time. And a main mode can provide the confidentiality of the key seed values using all different seed encryption keys. Current RF4CE standard does not provide any protection during key seed distribution, while our protocol provides the secure protection for the initial key seed distribution. In the pairing phase (Figure 5), controller device can verify target's certificate and obtain the public key of the target. Anyone who eavesdrop the communication cannot know or modify SEK_R since SEK_R is encrypted with accompanying hashed value. The message from controller device can be easily authenticated by target's private key, while previous methods do not provide the message authentication in this phase.
4. Experimental and Implementation Results
4.1. Implementation of Connectivity Architecture
Specification of RF4CE prototype board.
30 x 29 [mm2]
Enhanced 8-bit 8051 (hardwired MAC and AES-128)
96 KB flash memory
8 KB SRAM
16 Mhz crystal, 12-bit A/D, D/A converter
(Rx Sensitivity -95 dBm)
28 mA @ RF mode
1uA @ Deep Sleep mode
1.5V alkaline battery (x2) (AA Size)
SMA type RF connector
4.2. Experimental and Demonstration of Connectivity Architecture
On the other hand, the testbed of a simple RF4CE network for validating the fundamental functionalities of the proposed enhanced RF4CE key agreement system has been constructed in our laboratory. As shown in Figure 11(b), the RF4CE testbed is composed of two PCs as a controller and target simulator, and the simulators are connected with RF4CE prototype boards, separately. A discovery or pairing request packet from a controller node is sent to the target node, and then it is delivered to the simulator program using USB interface through UART serial socket. Thus, we can see that PC simulator is connected to RF4CE devices with USB-to-Serial interface, and then each node communicates on IEEE 802.15.4 standard.
5. Discussion of Secure and Reliable Connectivity Architecture
Energy consumption for contents sharing scenario.
TV status query (times)
Contents list query (times)
Contents delivery (1 Mbytes)
Total energy consumption (mA)
RF4CE + Wi-Fi With Zero-configuration
Bluetooth + Wi-Fi
In multimedia communications, energy is mostly consumed while devices exchange data and multimedia communications have not been much used for control. The age of various converged multimedia services is on its way and furthermore various hardware devices for these services are being developed. In light of this, sooner or later, these services and devices will be common in our real life and we are going to use a control unit to remotely control them. As demonstrated in this section, multimedia control communications in using such various converged multimedia services also requires a nonnegligible amount of energy. In this sense, the proposed low-power RF4CE-based zero-configuration architecture can play a key role delivering a new device control experience with the users in the new environment of multimedia converged services
Security analysis and comparisons.
Packet level and quick mode
While the existing RF4CE standard does not consider any authentication method for the pairing and the key seed distribution, the proposed approach employs the authentication scheme that is used for the wireless network standards such as IEEE 802.16. Applying our approach, two entities in RF4CE communication can mutually authenticate each other during initial pairing with the preinstalled certificate issued by CA. Thus, the proposed approach is secure against not only the unauthorized device from attaching any authorized devices, but also any malicious entity from compromising or forging the node. In case of the Bluetooth, the PIN (Security mode 2, 3) or ECDH (Security mode 4) are deployed for the mutual authentication. Our proposed protocol has the additional computation cost of three exponentiations for supporting PKC (Public Key Cryptosystem) as same as the ECDH (security mode 4) of Bluetooth. In case of the computation cost, our proposed approach has the computation cost of three exponentiations due to the public key operation in the mutual authentication procedure. It means the public key operation is prevailed against other security operations. Thus, the authentication row in Table 1 only has the computation cost and it shows the same level of burden compare to the cost of Bluetooth (mode 4).
Integrity of key seeds shared among the nodes in RF4CE networks is guaranteed by FCS (Frame Check Sum) initially supported by RF4CE MAC Frame and MIC (Message Integrity Code) provided to packet in Network layer (NWK). Bluetooth also supports similar level of packet integrity. However, the previous methods could not guarantee the security against modification or loss of the key seeds considering the integrity of transmitting max 255 number of key seeds. Instead, the proposed protocol provides the higher level of integrity than the previous methods by choosing n number of key seeds randomly from max 255 key seeds in quick mode. Note that we do not consider the integrity and confidentiality of key seeds of Bluetooth that does not use the key seed distribution. Thus, the existing RF4CE support a packet/frame level integrity function by the standard specification. And the proposed approach decreases the threat of the packet loss/interception and storage size (under 255 80 bytes) by providing selective transmission of key seeds.
The main mode of our proposed protocol provides the high level of confidentiality in comparison with the previous methods that key seeds are transmitted in plain text during the key seed distribution, since every key seed is encrypted by different keys using 128 bits AES algorithm. In case of Bluetooth, it still has the vulnerability that IN_RAND for generating Link Key is transmitted in a plain text in modes 2 and 3.
In this paper, we proposed a novel RF4CE-based zero-configuration and advanced pairing approach for a novel connectivity architecture of various CE and IT devices and applications. Deploying the proposed architecture enable users to control a variety of devices and share data, and save the power consumption in comparison with the existing Wi-Fi-based zero-configuration methods since RF4CE-based zero configuration is working on IEEE 802.15.4 standard technology. In case of advanced pairing, the novel approach to enhance RF4CE key agreement is presented according to these recent convergence trends. Our improved key agreement approach supports the mutual authentication using RF4CE device certification in order to resolve the threat of counterfeited or cloned devices. The quick mode of the proposed key seed distribution increases the possibility of the secure generation of a link encryption key against the disclosure to the third party and the DoS attack by providing the transmission of the selected key seeds. Key selection information is only shared between the paired nodes. The main mode solves the vulnerability of plaintext transmission through encrypting all transmitted seeds with different keys.
In order to verify the zero-configuration and advanced pairing approach in the connectivity architecture, we implemented the prototype's networking stack and its various prototypes H/W such as Samsung's "Omnia" dongle for a mobile terminal and PC/note-PC side dongles. We presented the implementation results with various verification scenarios using Omnia terminal, LED TV, and Note PC. The experimental scenarios demonstrated that the proposed architecture enables to construct a simple and easy control for an efficient smart home network between various devices. Moreover, we verified the feasibility and compared with the existing solutions of the proposed approach through analyzing security of Authentication, Integrity, Confidentiality, and Known Attacks. From the various security analysis and real implementation, we can say that the proposed RF4CE key agreement approach is more robust than any other previous schemes and works efficiently with RF4CE nodes. Therefore, to the best of my knowledge, these results show the potential to bridge the convergence environments with smart devices and applications to our life using the proposed connectivity architecture with RF4CE-based Wi-Fi zero-configuration and advance pairing approach.
This research was supported by the Basic Science, Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education, Science and Technology (2010-0017023).
- Jianliang Z, Lee M: Will IEEE 802.15.4 make ubiquitous networking a reality? IEEE Communications Magazine 2004, 42(6):140-146.View ArticleGoogle Scholar
- Callaway E, Gorday P, Hester L, Gutierrez JA, Naeve M, Heile B, Bahl V: Home networking with IEEE 802.15.4: a developing standard for low-rate wireless personal area networks. IEEE Communications Magazine 2002, 40(8):70-77. 10.1109/MCOM.2002.1024418View ArticleGoogle Scholar
- Gill K, Yang S-H, Yao F, Lu X: A ZigBee-based home automation system. IEEE Transactions on Consumer Electronics 2009, 55(2):422-430.View ArticleGoogle Scholar
- Egan D: The emergence of ZigBee in building automation and industrial controls. IEE Computing and Control Engineering 2005, 16(2):14-19. 10.1049/cce:20050203View ArticleGoogle Scholar
- ZigBee Alliance : ZigBee specification: ZigBee document 053474r13. Version 1.1, December 2006Google Scholar
- ZigBee Alliance : RF4CE Standard Specification. Release 1.0, March 2009Google Scholar
- IEEE STD 802.15.4-2006 : Part 15.4: Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications for Low-Rate Wireless Personal Area Network. September 2006.Google Scholar
- Bluetooth Special Interest Group : Bluetooth Core Specification v3.0 + High Speed Specification. Release 1.0, April 2009Google Scholar
- Scarfone K, Padgette J: Guide to Bluetooth Security. NIST Special Publication 800-121; 2008.View ArticleGoogle Scholar
- Wi-Fi alliance : Wi-Fi Protected Setup Specification Version 1.0h. December 2006.Google Scholar
- IEEE STD 802.15.4-2006 : Part 15.4: Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications for Low-Rate Wireless Personal Area Network. September 2006.Google Scholar
- Baronti P, Pillai P, Chook VWC, Chessa S, Gotta A, Hu YF: Wireless sensor networks: a survey on the state of the art and the 802.15.4 and ZigBee standards. Computer Communications 2007, 30(7):1655-1695. 10.1016/j.comcom.2006.12.020View ArticleGoogle Scholar
- Ha Y-H: Dynamic integration of zigbee home networks into home gateways using OSGI service registry. IEEE Transactions on Consumer Electronics 2009, 55(2):470-476.View ArticleGoogle Scholar
- Sastry N, Wagner D: Security considerations for IEEE 802.15.4 networks. Proceedings of the ACM Workshop on Wireless Security (WiSe '04), October 2004 32-42.Google Scholar
- Koo B, Ahn T, In J, Park Y, Shon T: R-URC: RF4CE-based universal remote control framework using smartphone. Proceedings of the International Conference on Computational Science and Its Applications (ICCSA '10), 2010 311-314.Google Scholar
- Qureshi B, Min G, Kouvatsos D, Ilyas M: An adaptive content sharing protocol for P2P mobile social networks. Proceedings of the 24th IEEE International Conference on Advanced Information Networking and Applications Workshops (WAINA '10), 2010 413-418.Google Scholar
- Corcoran P: Architecture for a home media network based on PTP-IP connectivity techniques. Proceedings of the 26th IEEE International Conference on Consumer Electronics, The Mobile Consumer (ICCE '08), January 2008 1-2.Google Scholar
- William P, Ravi S: An internet overlay architecture for global scale wireless sensor networks. Proceedings of the Wireless Telecommunications Symposium (WTS '10), 2010 1-6.Google Scholar
- IEEE Std 802.16-2004 : IEEE Standard for Local and Metropolitan Area Networks Part 16: Air Interface for Fixed Broadband Wireless Access Systems. IEEE, 2004Google Scholar
- IEEE Std 802.16e-2005 : IEEE Standard for Local and Metropolitan Area Networks Part 16: Air Interface for Fixed Broadband Wireless Access Systems, Amendment 2: Physical and Medium Access Control Layers for Combined Fixed and Mobile Operation in Licensed Bands and Corrigendum. IEEE, 2005Google Scholar
- Airspan Networks : Mobile WiMAX security. Release 1.0, September 2007Google Scholar
- Lee J-S, Su Y-W, Shen C-C: A comparative study of wireless protocols: bluetooth, UWB, ZigBee, and Wi-Fi. Proceedings of the 33rd Annual Conference of the IEEE Industrial Electronics Society (IECON '07), November 2007 46-51.Google Scholar
This article is published under license to BioMed Central Ltd. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.