Posts Tagged ‘wireless security’

Sniffing ZigBee Packets

Saturday, September 6th, 2008




When engineers tackle a project that uses ZigBee communications they may get a surprise. Unlike point-to-point communications, ZigBee involves a network that can establish nodes, repeaters and complex mesh topologies. The proper test tools–often called “sniffers”–help engineers diagnose ZigBee-network problems that could otherwise turn into nightmares.

Microchip Technology includes the ZENA Wireless Network Analyzer with its PICDEM Z demonstration kit so engineers can see what goes on among ZigBee devices. The ZENA tool also can sniff and decode Microchip’s MiWi protocol that, like ZigBee, uses IEEE 802.15.4 radios. According to Steve Bible, an applications engineering manager at Microchip, ZENA time stamps packets and displays them in a graphical format. ”

The screen shows the destination and source addresses, the payload and the data,” explained Bible. “We add some color coding and provide data as hexadecimal values. Users also see a received signal strength indication, or RSSI–an uncalibrated relative value.”

“ZigBee and IEEE 802.15.4 technologies require a shift in how we analyze and manage ad-hoc wireless networks,” said Matt Perkins, VP of technology development at Awarepoint, a supplier of wireless asset-tracking systems. “An analyzer should take time-sliced snapshots of network traffic, ‘mine’ the traffic for metrics such as throughput, bottlenecks and end-to-end delays, and presents information in a concise graphical form.”

Source: Freaklabs

Tags: , , , , , ,
Posted in Gadgets, Reviews, Security, hardware, software, wireless | 2 Comments »

24C3 Mifare crypto1 RFID completely broken

Sunday, August 17th, 2008

It’s an old issue but still got a kind of relations to our days of life.

Another highlight for us at CCC was [Karsten Nohl] and [Henryk Plötz] presenting how they reversed Philips crypto-1 “classic” Mifare RFID chips which are used in car keys, among other things. They analyzed both the silicon and the actual handshaking over RF. Looking at the silicon they found about 10K gates. Analyzing with Matlab turned up 70 unique functions. Then they started looking “crypto-like” parts: long strings of flip-flops used for registers, XORs, things near the edge that were heavily interconnected. Only 10% of the gates ended up being crypto. They now know the crypto algorithm based on this analysis and will be releasing later in the year.

The random number generator ended up being only 16-bit. It generates this number based on how long since the card has been powered up. They controlled the reader (an OpenPCD) which lets them generate the same “random” seed number over and over again. This was actually happening on accident before they discovered the flaw.

One more broken security-through-obscurity system to add to the list. For more fun, watch the video of the presentation.

Source: Hackaday

Tags: , , ,
Posted in Humanities & Issues, Security, wireless | No Comments »