success fail Jun JUL Oct 14 2006 2007 2008 45 captures 09 Jul 2005 - 29 Jan 2017 About this capture COLLECTED BY Organization: Internet Archive The Internet Archive discovers and captures web pages through many different web crawls. At any given time several distinct crawls are running, some for months, and some every day or longer. View the web archive through the Wayback Machine. Collection: nsdlweb this data is currently not publicly accessible. TIMESTAMPS
Schneier on Security
A blog covering security and security technology.
June 29, 2005
Sandia's New Wireless Technology
When dumb PR agents happen to good organizations:
Sandia Develops Secure Ultrawideband Wireless Network
The newly developed ultrawideband network, said the researchers at Sandia, is compatible with existing Internet protocols, which means that current Internet applications will be able to use standard transmission techniques and even high-level encryption up to and beyond 256 bits....
The newly developed network, said the researchers, is compatible with existing Internet protocols, which means that current Internet applications will be able to use standard transmission techniques and even high-level encryption up to and beyond 256 bits, which is currently double the amount considered essential for secure Internet transactions.
Wow. 256 is a lot of bits. I wonder where they put them all.
Upto and beyond... what a quaint phrasing, isn't it usually either upto or beyond? It makes one wonder why they're so gung ho about 256 bits indeed.
And a 256 bit Caesar cipher or ROT256 still doesn't amount to much. It being a US govt. sponsored technology I'll assume for the moment they're talking AES256.
Posted by: Jeroen van Rijn at June 29, 2005 01:27 PM
The article states:
"One level of protection is provided by encryption Latest News about encryption, said lab spokesperson Michael Padilla. Another comes from the fact that signals over ultrawideband wireless -- a next-generation communications technique that is based on transmitting short-duration pulses -- are difficult to distinguish from background radio frequency noise in general."
Security through "next-generation obscurity"...
Um... So they've developed a new network layer, below the IP level, which may or may not be secure... and you can use encryption over the top of it? Bravo, and this deserves recognition for its use of encryption why?
Can't you already use encryption over the top of TCP/IP anyway, or am I just imagining https, ssh,...?
The actual carrier that they are using is harder to detect and harder to jam. But won't it cause sporadic interference on large chunks of the "wireless" spectrum? That's going to be so nice for everyone in the area.
I have to admit that I love the complete cluelessness of the author. "There is no carrier" Surely without a carrier you can't have a signal. The fact that the carrier is spread over a wide range of frequencies and so is very low power at any given frequency does not make it less of a carrier does it?
Steganography and Wireless, soon in a WLAN near you?
Posted by: Jeroen van Rijn at June 29, 2005 01:49 PM
The only thing below the IP layer (in a standard IP network) is the physical layer. It sounds to me like they've created a physical layer where the transmission of radio information is difficult to detect (at least according to them).
Yes, you're correct; you can encrypt IP.
Posted by: Zimbel42 at June 29, 2005 02:08 PM
Scratch the last comment; looking at RFC 793 and 2401, the correct responses are:
1) The protocol under the IP layer is the local network protocol.
2) You can encrypt (and authenticate) IP v4 or IP v6 via RFC 2401.
Posted by: zimbel42 at June 29, 2005 02:15 PM
It sounds smackingly like frequency hopping. No carrier? Sounds like a phone modem hopped up on megahertz.
Posted by: jammit at June 29, 2005 02:48 PM
No, trust me, it does not have a carrier. Its does have some similarities to frequency hopping.
There is a fair bit of stuff out there if you google for ultra wideband.
Posted by: Anonymous at June 29, 2005 02:52 PM
without a carrier, you can still have a transmission. With a carrier signal, you need to detect the presence of the carrier frequence, lock onto it, and then depending on the type of transmisson, watch it's phase or its amplitude changes, or changes in frequency.
Spread-spectrum technologies work more or less "without a carrier". They dump small amounts of energy across a wide range of frequencies. Then, the receiver is watching the same wide range of frequencies, and separates the range into "buckets". If enough buckets are receiving energy, then it can assume that there's a signal there. Then the physical layer 1s and 0s can be combined using something like manchester encoding to provide actual logical bits (physical layer clocked at 2x the logical rate, with a logic change for every logical bit space, no intermediate change for 0s, and an intermediate change for 1s).
This is grossly oversimplified (because I only know the simplified version of how it works).
So, to me, it basically sounds like they're doing spread spectrum (nothing new), over a very wide frequency range, and tossing a layer of encryption on each "packet" of data that crosses the physical layer.
Posted by: Woody at June 29, 2005 03:02 PM
Perhaps it's more like frequency hopping for single sideband (ssb). Ssb doesn't use a carrier and one of its sidebands.
Posted by: jammit at June 29, 2005 03:27 PM
With frequency hopping, the carrier exists, but continually moves in a pattern. For some systems, it's sequential, others it's semi-random. Semi-random allows multiple devices to communicate at the same time, on the same range, with a low-likelyhood of stepping on each other. Redundancy is built in so that a fairly high number of "hops" can be squashed and the data still comes through.
With spread-spectrum, you generate a signal that contains a large number of frequencies simultaneously, but at a fairly low level.
By it's nature, an infinitely short duration impulse contains all frequencies from DC to Daylight (and beyond). Less ideal impulses contain less bandwidth (less HF and less LF energy).
Posted by: Woody at June 29, 2005 04:52 PM
"carrier" is being used in 2 different senses here.
There is the frequency that the baseband signal is being modulated to. That has to exist.
With spread spectrum you simply have lots of different frequencies that the signal is being modulated to simultaneously. with frequency hopping you have a single carrier that moves around (as has already been pointed out)
Then there is the question of whether or not energy is being output at that frequency.
You can output a "suppressed carrier" signal independant of the modulation used (SSB/DSB (single-side-band/double-side-band) or whatever).
As for the encryption, I'll just VPN/SSL over the top if I want security.
Posted by: Thomas Sprinkmeier at June 29, 2005 06:38 PM
Here is the original press release from Sandia: [web.archive.org]
Apparently, the interesting part is neither the usage of UWB, nor the possibility to use encryption, but the combination of UWB and AES-256 at the MAC or physical layer.
Yeah, that's where the mysterious 256 bit come from.
It seems that Wireless NewsFactor is afraid to overstrain their readers with complex abbreviations as AES. Even in the citation they replaced "combined with AES" with "combined with [encryption]". All in all, they rendered the news almost irrelevant.
Posted by: Dubu at June 30, 2005 02:43 AM
Maybe the theory is that illiterate marketing folks re-write all your communications before they go over the air, making them totally unintelligible. ("Up to and beyond 256 bits..." reminds me of a meaningless advertising slogan that has been one of my pet peeves for more than 20 years, but it refuses to die: "Save up to 50% and more".) A second layer of security might involve an attorney.
You're describing a one-way hash, not an encryption algotithm.
It's impossible to recover the plaintext after marketers and lawyers have been at it.
Unfortunately it's not even a very useful hash because it's randomised by the marketer and redundant information is added by the lawyer.
Posted by: Thomas Sprinkmeier at June 30, 2005 07:10 PM
@Thomas: I think you're neglecting that one particular area of expertise at Sandia is red tape, which anyone who has ever done business with the government will tell you is an inverse function for all marketing. I'm not sure how they're coping with the legal obfuscation, but while it seems intuitively obvious that there is no inverse function in this case, I don't think any mathematician has been brave enough to attempt a proof.
"Steganography and Wireless, soon in a WLAN near you?"
Yeah, it only works if you're browsing pr0n... now there's an encryption standard that would take off!
Posted by: Erik Carlseen at July 1, 2005 01:50 AM
Davi I think you will find that the journo was trying to describe "Spread Spectrum Communications" (SSC) after it was explained to them by an "expert" (who probably did not understand it either or could not explain it)....
Of the two basic types of SSC it sounds more like direct sequence which uses DSBSC modulation (no-carrier) for the "spreading" code sequence (chip) modulation than frequency hopping which might or might not have a carrier depending on the data modulation technique (not the spreading code "chip" modulation technique).
It might also be a very bad discription of another CDMA or other pulse/time controled multiple access system.
Spread Spectrum has many advantages, one of which is that it will alow effective communications below the noise floor of a non coherant reciever. It will also allow the co-existance of disparat modulation systems in the same spectrum allocation.
It is the properties (amongst others) that makes 802.11 work (semi) effectivly in the congested 2.5Ghz Industrial Scientific and Medical (ISM) licence exsempt band which also has microwave ovens, car alarms, bluetooth, video links and all maner of other systems occuping it.
It just goes to show what happens when an "expert" tries to simplify things for a Journo who then tries to put it in a way we all understand ;)
Let's get the actual specs and check, you never know it might be new original and cute (to a technologist ;)
Posted by: Clive Robinson at July 2, 2005 05:29 AM
Call me kooky, but everytime I see the words "secure" and "wireless" in the same sentence in a positive meaning, I want to twitch. RF wireless is inherently insecure for the simple fact that anyone with the right equipment can listen to and record the broadcast. "Secure" networking should only be done over wires. This ensures a physical level of security where somebody has to actually intercept the wire to get at the signal. I know I know, there are applications (like the battlefield) where wireless networking is needed, and it needs to be as secure as you can make it. But people who are using it should be aware that by its very nature, a RF wireless network has a level of vulnerability not present in wired communication.
Posted by: Dan at July 2, 2005 08:07 PM
Although I'm reasonably familiar with DSSS (direct sequence spread spectrum) and frequency hopping SS, I didn't know much about UWB so I read up on it over the weekend. A couple of points which might help edify those also wondering.
By carrierless, they mean it quite simply in the regular sense; it's a baseband system. When you're not actually transmitting a "1" bit, the transmitter is not radiating any energy at all (modulo physical realisability). Practical duty cycles are on the order of half a percent for broadband systems, and much lower for tactical digital voice radios (one example I read about was for a duty cycle of 80 ppm).
It certainly isn't security by obscurity. Like DSSS and frequency hoppers, the system is keyed and obtains a "process gain" advantage against an opponent who does not know and cannot guess the keying sequence. The process gain represents the ratio of powers required to obtain equivalent performance for jamming, interception, or detection of the system. UWB achieves a process gain by dividing up each bit transmission period into many slices and concentrating the transmitted power into one of these (pseudorandomly selected) slices. For example, a system transmitting a 1.544 Mb/s T1 link (648 ns/bit) with a pulse width of 2.53 ns, would have 256 "slots" where each pulse could be transmitted. If each pulse slot is selected through a CSPRNG, then the opponent has no choice but to spread his jamming power over all 256--but the transmitter has concentrated all of its power into one slot, so if it had an average power of, say, 4 W, it is very briefly transmitting at 1 kW. Similarly an opponent trying to intercept a signal at the limit of interception will not know which slot to listen to, so he is forced to either listen to all 256 (thus getting 256 times as much noise energy), or risk listening to the wrong slot and missing it altogether.
The main interest in UWB arises from the fact that practically realisable process gains in simple, low cost transceivers seem to be much larger than practically realisable process gains from DSSS or frequency hopping. For UWB the process gain is approximately equal to the inverse of the duty cycle. So if you have a duty cycle of 0.39%, an opponent will require approximately 256 times as much radiated power to attain the same level of jamming effectiveness as he previously needed against a simple transmitter otherwise identical to yours (i.e. same average power output, same range, same antenna, same signal transmitted). Or alternatively, the maximum range at which he can jam you is reduced by a factor of 16 times. For the above mentioned tactical digital voice radio, the process gain is a power ratio of 12,500 times, or range ratio of 1/112 th -- an opponent who could previously jam me from, say, 10 km away, must now get to less than 100 m. By contrast civilian DSSS or frequency hoppers have process gains between about 10 and 64, while the best military systems are only about 1,000.
All three systems, through broadening their bandwidth, are also able to lower their spectral density, i.e. average transmitted power per Hz of bandwidth. This "loses the signal in the grass" (noise), making it much harder to even detect that a transmission is occurring. However it seems to me as though UWB, like frequency hopping, would not be as resistant to detection as DSSS is. In DSSS, the instantaneous power is spread over a wide bandwidth. In frequency hopping, only the average is, the instantaneous power is as high as usual. Thus if you merely wish to detect a frequency hopper and not intercept its whole signal, you need only listen to one of its frequencies; if you start getting bursts of power on that frequency roughly 1/(process gain) of the time, a frequency hopper is present. Similarly for UWB, you only need to concentrate on one of the time slices, when you keep getting pulses in it you know a UWB transmitter is present.
All of the above about jam resistance only applies if the opponent does not know the spreading code. If forced to use a public spreading code (as the FCC required for CDMA phones and 802.11 frequency hoppers), then it only applies to accidental interference, not deliberate jamming.
UWB has a couple of other advantages. Like both frequency hopping and DSSS, it allows multiple transceivers to share the same bandwidth, by using different spreading codes. And like DSSS (with very fast chipping rates) but unlike frequency hopping, it is also immune to most multipath interference, provided the path length variation is more than the speed of light x the width of a pulse (typically, just under 1 m). However some DSSS systems (CDMA) actually get ~improved~ signal strength through multipath interference, UWB is just immune to it.
Another advantage of UWB is that most of the work can be done in software. Unlike DSSS, the RF side of the system is relatively simple and can be shared by a variety of otherwise quite different systems. (In the past frequency hoppers also required some fancy RF circuitry, but with the rising prevalence of digital radio this is no longer the case.)
Posted by: Roger at July 3, 2005 08:41 PM
If you are interested in the more technical asspects of Ultra WideBand Signalling systems and how the fit within SS systems and other communications systems in general have a look at,
It is interesting to note that although the initial "magic" systems where (and still are) commercialy not realisable, the later OFDM systems are geared up and ready to run on a laptop or PC near you any time soon ;)
Posted by: Clive Robinson at July 4, 2005 07:10 AM
The developers obviously read: Garfinkel, S. (2002) Web Security, Privacy, and Commerce. 2edn. O'Reilly, United States of America. [web.archive.org]
p58: ``It should be pretty clear at this point that there is no need, given the parameters of cryptography and physis as we understand them today, to use key lengths that are larger than 128 bits."
Post a commentPowered by Movable Type 3.2. Photo at top by Steve Woit.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT Counterpane.Blog Menu
- Essay on Fear
- Comparing Rare Risks
- Risks of Data Reuse
- Designing Voting Machines to Minimize Coercion
- America's Newfound Love of Secrecy
- Credit Card Gas Limits
- Surveillance Cameras that Obscure Faces
- 4th Amendment Rights Extended to E-Mail
- Cell Phone Stalking
- Cocktail Condoms
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- September 2005
- August 2005
- July 2005
- June 2005
- May 2005
- April 2005
- March 2005
- February 2005
- January 2005
- December 2004
- November 2004
- October 2004
RSS 2.0 (excerpts) Crypto-Gram Newsletter If you prefer to receive Bruce Schneier's comments on security as a monthly e-mail digest, subscribe to Schneier on Security's sister publication, Crypto-Gram.