Wireless Security Issues Grow

The “Internet of Things” moniker exists because the physical world is changing. It is becoming its own information system.


The Internet, as we know it today, is still mostly an information highway. However, even as we speak, more and more once autonomous, physical objects are becoming intelligent. That includes the obvious ones, such as today’s smart communications devices, to the not so evident ones, such as pacemakers, vehicles, audio/video, and environmental sensors. There are microscopic cameras that are swallowed and send wireless data to nearby monitors and databases as they pass through the human body. There are various types of physical equipment, in areas and places such as construction, retail, transportation, enterprises, infrastructures, etc. that is now controlled by intelligent electronics. Virtually, all of this is connected to the Internet, most by one form or another of wireless interconnect.

While there are almost infinite layers of security that can be added on top of software and operating systems, the real trick is to embed the security as low on the hardware level as feasible. This approach helps make the objects of the Internet of things intrinsically bulletproof, and universally available to applications without worrying about their security vulnerability. That way, when these objects are integrated into an application, the issue of security becomes moot for them. It’s a tall order, but progress is being made. And to that end, there is one chip-level methodology that has been around a long time and is ideal for securing data over the airwaves — spread spectrum.

What makes this such a big challenge for the chip manufacturers is that hackers are amazingly adept at finding ways to crack security layers. If it gets hacked at the chip level, every device that uses that particular hardware becomes compromised. The tools hackers use are ubiquitous, even to the point of physically disassembling the chip to retrieve data locked in physical memory. There is even the concern that, despite the best practices of design, that errant security holes and backdoors could be coded into hardware by not-so-nice designers with ulterior motives.

While there are a myriad of susceptibilities that chip manufacturers have to consider, the two major challenges they face at the hardware level are how to make it hacker-proof and future-proof. Because hardware-based security is more rigid than software-based, and in some cases, unable to be altered once implemented, chip manufacturers are proceeding with trepidation in coming up with solutions. Depending on the depth of the security integration, (physical tamper detection vs. ROM decoding, for example), different approaches are available.

With that in mind, what are the chip makers up to when it comes to hard-coded security? Frankly, virtually all of them are aware of the need for security at the chip level. Depending upon the industry segment, they are in a variety of places along the chip security road map. Some, like the RF industry, are a lot further along than others, such as embedded application chips. The rest of this article will discuss the implementation of spread spectrum wireless technology and how it can secure wireless interconnect,

Spread Spectrum – Wireless Security’s Secret Weapon
The wireless arena has had a leg up when it comes to securing data transmission for a long time because of spread spectrum. Securing RF transmissions via spread spectrum has been around since WWI. In fact, the theory was first mentioned in a 1908 book by German radio pioneer Jonathan Zenneck and a primitive form was used by the German military in WWI. However, perhaps the best known and the most celebrated development was when actress Hedy Lamarr and composer George Anthell developed a reasonably complex (for that time) version and received a U.S. patent for it in 1941. However, it really didn’t come to pass until a few decades later when the U.S. Navy implemented that technology in its communications rigs during the Cuban missile crisis. After that, the U.S. military awoke to its phenomenal ability to code transmissions and make them virtually bulletproof. It has been relying on spread spectrum as a primary security scheme for RF communications ever since. In fact it can be called the single most significant development that launched the digital age of communications.

Applying spread spectrum technology to RF transmissions is an extremely effective method of securing both wireless voice and data at the hardware level. It is a very robust TX/RX technology that is inherently immune to inter-symbol interference (ISI), reflections, noise and other environmental factors, as well as jamming. While mainly used by the military in voice radios until the last decade or so, it is how being implemented in various consumer and commercial technologies. All types of radio-based systems, such as Bluetooth, hobby radio control, Wi-Fi, WiMax wireless local area network (WLANs), broadband wireless access (BWA), near-field communications (NFC) and radio-frequency identification (RFID – especially collision avoidance) are all being fitted with spread spectrum hardware.

Types of Spread Spectrum
Spread spectrum comes in two flavors, direct sequence (DSSS) and frequency hopping (FHSS). Both technologies work equally well in benign environments, but at the fringe, i.e., crowded frequencies, cell edges, and areas with la lot of interfering objects, FHSS is more robust and forgiving. The major advantage of DSSS is that it offers better capacity.

DSSS capacity comes at a price, though — environmental sensitivity. DSSS is influenced by many environment factors (the most problematic is reflections) so it isn’t the best choice in dense environments with lots of structures. It works best in point to multipoint for short-distance installations, or point to point in longer distance topologies. In these cases, advantage goes to higher capacity offered by DSSS technology, because reflections, the primary degradation element, can be minimized. As such, typical DSSS applications include indoor office WLANs, building-to-building links, point of presence (PoP) to base station links, and the like.

The robustness of FHSS technology makes it highly immune to the influences of noises, reflections, nearby RF signals and other environment factors. FHSS can support a much higher number of simultaneously active systems in the same geographic area (co-located systems) than DSSS. These metrics make FHSS the technology of choice for large-area cover where a high number of co-located systems are required. The one caveat is that directional antennas must be used to minimize the influence of environment factors. Typical applications for FHSS include cellular deployments for fixed broadband wireless access (BWA), which is expanding at phenomenal rates as small cell deployments come on line.

How the Technology Works
Spread spectrum relies on a handshake between the transmitter and receiver to pass a synchronizing code back and forth. It synchronizes a “key” that only the transmitter(s) and receiver(s) know. Once the key is synchronized and all transmitters and receivers have it, the information can be sent. Only the key holders know the spreading and de-spreading codes that modulated the information. To any other receivers, the information just looks like noise. This is why spread spectrum is such a useful and secure technology for any number of wireless communications links, and an ideal security lock for autonomous IoT objects.

In DSSS, each bit of the original signal is represented by multiple bits in the transmitted signal. A spreading code is injected that spreads the signal across a wider frequency band (see Figure 1). The spread is in direct proportion to number of bits used (see Figure 2), with the energy in the information “spread” across a width. The integral value of the power remains the same, just spread across the wider bandwidth.

Fig. 1: Modulation and demodulation of the information with spreading/despreading codes.

Fig. 1: Modulation and demodulation of the information with spreading/despreading codes.

Mathematically, it can be expressed as: (assuming binary phase-shift keying [BPSK])
sd(t) = A d(t) cos(2π fct)
by c(t) [takes values +1, -1] ∴ s(t) = A d(t)c(t) cos(2π fct)
A = amplitude of signal
fc = carrier frequency
d(t) = discrete function [+1, -1]

At the receiver, the incoming signal multiplied by c(t), since, c(t) x c(t) = 1. This is the original signal, recovered.

For FHSS, the technique is a bit different. Rather than spread the signal over a single wideband frequency, FHSS breaks the signal into multiple “pieces” and spreads them over multiple frequencies (see Figure 3). If the signal is viewed with a spectrum analyzer, is appears as a random series of RF frequencies with a tiny “blip” appearing on each frequency.

That blip is a piece of the information being transmitted. In reality, a pseudorandom code is used. It is not truly random since the receiver must be able to generate the same code as the transmitter, so there must be the ability to synchronize codes prior to the information broadcast. However, many references use the term random code. Since the blips appear randomly on multiple frequencies, it is impossible to collect and decode the bits of information in the original sequence and understand it. Again, it’s a very secure method of transmitting data. Even if there is an attempt to jam the signal, the chances of knocking out more than a few bits is extremely small. As a result, reconstruction of the data is generally very successful, even if jamming is attempted.

Depending upon a set of criterion, a number of channels are allocated to the transmission. How many channels are allocated depends upon a number of variables, but it is related to the bandwidth of input signal. The transmitter sets up the process, starts the hopping sequence, and sets the timing to hop the signals from frequency to frequency at fixed intervals, one channel at a time. The bits are transmitted using a predetermined encoding scheme. At the next interval, a new carrier frequency is selected, and the bits are transmitted on that one. The process repeats until all the data is sent (see Figure 2).

Fig. 2: FHSS channel hopping example.

Fig. 2: FHSS channel hopping example.

There are some other methods that can be used to encrypt signals such as orthogonal frequency-division multiplexing (OFDM) that provide a measure of security, as well. OFDM is a type of spread spectrum technology. Rather than sending random bits of information across several frequencies in many small waves at slow speed, with each small wave containing part of the signal, “division multiplexing” simply divides the signal into smaller chunks and then transmits them. Since this article is focused on the two types of SS, OFDM will not be covered here. There are significant differences in the modulation and signaling techniques between OFDM and spread spectrum, and if the reader is interested, a plethora of data exists that details the various technologies. IEEE Explore has a wealth of information on all of these subjects.

Spread Spectrum, 802.11, HetNets, and the IoT
The IEEE, early on, inked spread spectrum as the transmission protocols in the different versions of the 802.11 standard. Below is a brief description of it and where the various technologies are applied. The significance is that all of the standards use either spread spectrum or OFDM. Only the standard and extensions that deal with transmission are listed.

  • 802.11 – the original standard supporting 1 or 2 Mbps transmission in the 2.4 GHz band using either frequency hopping spread spectrum (FHSS) or direct sequence spread spectrum (DSSS).
  • 802.11b – an extension to 802.11 that provides 11 Mbps transmission (with a fallback to 5.5, 2 and 1 Mbps) in the 2.4 GHz band. 802.11b uses only DSSS.
  • 802.11a – an extension to 802.11 that provides up to 54 Mbps in the 5 GHz band. 802.11a uses an OFDM encoding scheme rather than FHSS or DSSS.
  • 802.11g – an extension to 802.11b that provides up to 54 Mbps in the 2.4 GHz band. 802.11g also uses OFDM.
  • 802.11n uses OFDM and MIMO technologies.

It is a safe bet that most of the autonomous objects that will be part of the IoT will communicate via WLANs and use WBA over links implementing spread spectrum radios., so that part of the security puzzle is generally covered. However, going forward, there is another infrastructure emerging that will redefine the networks of this millennium and largely be the infrastructure that the IoT will use. It is what is being labeled as the heterogeneous network (HetNet). HetNets are wireless communication nets that consist of a variety of cells that range from pico to macro, in a seamless, roaming network, across all communications protocols (GSM, CDMA, Wi-Fi, SS, OFDM, etc.)

Outside of the wireless interconnect that HetNets use, security issues abound. Presently, the components are largely in place. Except for test systems, trials, and some proprietary networks, HetNets, themselves are still on the drawing board. With the IoT looming on the horizon, autonomous objects, running rampant within these new networks, will add another order of magnitude to the challenge of locking down these HetNets against vulnerabilities. Autonomous IoT objects are an ideal vehicle for hackers and unscrupulous attempts to mine data for unauthorized use, precisely because they are autonomous. The security industry has its work cut out for it.

What’s next?
According to Theodore Rappaport, director of NYU Wireless, and David Lee/Ernst Weber professor of electrical and computer engineering at NYU, much of tomorrow’s communications will be in the millimeter wave bands where extremely wide bandwidth are available.

“Much of the security for millimeter waves will come from space — the transmission of very tight beams around the home of office,” says Rappaport, adding that “such beams will be difficult to intercept because it would be impossible to eavesdrop on the transmission from any point other than being directly in the beam, or off of reflections. As well, the spatial domain will come to the forefront of wireless communications over the next decade like we have never seen before and offer unparalleled wireless communications in the gigahertz spectrum.” Rappaport goes on to say, “there is spectrum in 28, 38, and 72 GHz, even up to 150 GHz, where wideband channels are available for use with advanced coding schemes that will offer high throughput and high security.”

This approach seems ideal for the IoT, and for a large portion of the objects that are stationary within small and large enterprises, and for things like appliances in the home, home and public theater equipment, office computers, and the like. The list is expansive. For mobile objects such as medical cameras that are swallowed, emerging technologies such as multi-carrier CDMA, a method that offers the security of spread spectrum combined with the high throughput and spectral efficiency of orthogonal frequency-division multiplexing (OFDM) will work for a multi-user environment such as a hospital. The bonus is that much of this can be coded in silicon, bringing signal manipulation and security down to the chip level.

This emerging IoT infrastructure will benefit greatly from the security spread spectrum offers. It is estimated as much as 70% of information that flows around small cells will be data and handled by the Wi-Fi component. Spread spectrum technologies make the transmission of these bits of data secure on the airwaves. However, that is only one component. Bad data can ride the spread spectrum frequencies as well as legitimate data. Spread spectrum is just able to protect that data while in space. So the industry must keep compromises out of the objects as well. Autonomous IoT objects, no matter how simple or complex, can pose a serious breach if not properly secured from attacks.

Finally, as with all things, Internet and otherwise, there is always an economic element that comes into play. Integrating a spread spectrum radio into a transportation medium such as an auto, bus, train, or airplane is both feasible and cost-negligible. Doing the same with inexpensive consumer objects such as NC/NO door and window sensors does not have the equivalent economies of scale. Today, the IoT is still a fuzzy and undefined object. Many people have many different visions of what it will ultimately look like. Nevertheless, one thing is clear. Securing this behemoth, whatever it turns out to be, is a first priority for all players.