IoT module mesh

Wireless Sensor System Security…Essential…

Table of Contents

Security is mandatory in Bluetooth mesh networks. Phantom features Unparalleled Security Features.

By offloading decryption, encryption, and authentication works to our CryptoCell-310, Phantom can deliver high performance in Bluetooth mesh networks.

IoT module mesh

Mesh network, individual applications, and Bluetooth 5 devices are all secure.  This cannot be switched off or reduced in anyway.

  • All mesh messages are encrypted and authenticated.
  • Network security, application security, and device security are addressed independently.
  • Security keys can be changed during the life of the mesh network via a Key Refresh procedure.
  • Message obfuscation makes it difficult to track messages sent within the network providing a privacy mechanism to make it difficult to track nodes.
  • Mesh security protects the network against replay attacks.
  • The process by which devices are added to the mesh network to become nodes, is itself a secure process.
  • Nodes can be removed from network securely, in a way which prevents trashcan attacks.

Three security keys provide security to different aspects of the mesh and achieve a critical capability in mesh security, that of “separation of concerns”.

  • NetKey (network key) possessed by all nodes. It allows a node to decrypt and authenticate up to the Network Layer. A Relay node uses NetKey to decrypt and authenticate messages before relaying.
  • AppKey (application key). Application data for specific application can only be decrypted by nodes possess the right AppKey.
  • DevKey (device key) is unique to each node. It is used for secure communication with the Provisioner during provisioning process.

In a mesh network with many nodes, a lot of processing power is required for decryption and authentication at least for the Relay nodes and possibly for other nodes. Phantom  is embedded with an ARM CryptoCell-310 cryptographic co-processor. To achieve acceptable mesh network performance, Phantom should be used in mesh networks with many nodes.

CryptoCell-310 provides the following key features:

  • Cryptographic hardware engines, providing CPU host offloading, operation acceleration and power consumption reduction.
  • Cryptography and security middleware services
  • Platform Security building blocks libraries
  • Device Life-Cycle-State management
  • Key Management infrastructure
  • Secure Boot.

By offloading decryption, encryption, and authentication works to CryptoCell-310, Phantom can deliver the highest performing security of all  Bluetooth mesh wireless sensor networks.

ABOUT THE AUTHOR

Michael

Michael Howard, D.Sc is an American entrepreneur, a veteran of the United States Air Force, and respected leader in the predictive maintenance industry. Michael is an avid CrossFit® athlete, CrossFit® CF-L1 Trainer and passionate advocate of revolutionary concepts in the wireless instrumentation and the IIoT communities for the maintenance & reliability industries.

Michael is a native of South Glens Falls, New York and a graduate of Excelsior College, Capella University, & Charter University with degrees in Electro-Mechanical Engineering, Leadership, & Organizational Management, & Engineering Management. Mike is a Certified Reliability Engineer, Six-Sigma Black Belt & Certified Maintenance & Reliability Professional. Mike is the CEO of Erbessd Instruments and is responsible for Strategic Direction, Distribution, Sales, Marketing and Operations throughout the English speaking markets.

ERBESSD INSTRUMENTS is a leading manufacturer of Vibration Analysis Equipment and Dynamic Balancing Machines with facilities in Mexico and the United States and representatives around the world. ERBESSD INSTRUMENTS – MASTERS OF MACHINE HEALTH

Meet Our Products: