ZyXEL Communications PLA-470 V2 - V3.0.5 Instalační příručka Strana 98
- Strana / 349
- Tabulka s obsahem
- KNIHY
Hodnocené. / 5. Na základě hodnocení zákazníků
Decryption Attacks
The purpose of this attack is to try to discover the NEK of a PLC network in order to
connect to it and to recover the exchanged data.
The two following techniques are used to discover the NEK in HomePlug 1.0:
•
Have access to the physical frames and store enough frames so that they can
be decrypted using suitable algorithms. However, this technique is very com-
plex and requires expensive specific hardware solutions.
•
Try out all possible combinations of NEK to have access to the network.
The time that is necessary to try out all the possible combinations of NEKs can
be estimated in the following way: the NEK is encoded with the DES-56-bit algo-
rithm derived from a password entered by the user of the PLC network, which may
vary from 4 to 24 characters.
Therefore, the maximum number of possible attempts is:
N =≈ ×2 2 88 10
58 17
.
For a 64-byte Ethernet frame with a 100-Mbit/s network interface card, the
transmission time is:
T
frame
=
×
××
≈×
−
64 8
100 1024 1024
488 10
6
bits
,,
.sec
The total time which is necessary to try out all combinations then is:
TNT
total frame
=× = × × × ≈ × ≈
−
288 10 488 10 14 10 44
17 6 12
. . . sec ,591 years
Security for PLC Networks 79
Table 4.1 Encryption-Key Management According to PLC Technology
TECHNOLOGY
KEY
MANAGEMENT
ENCRYPTION ADVANTAGES
DISADVANTAGES
AND FLAWS
HomePlug 1.0 NEK DES-56 bits Simplicity
– DES shortcomings
– A single key for
each device
HomePlug Turbo DEK Same Same Same
HomePlug AV
– NEK
– NMK
– DAK
AES-128 bits (key
rotation)
High encryption
level
Possible shortcom-
ings with easy con-
nect button
Ascom Key exchange
RC4 + Diffie-Hellm
an (128 bits)
Configuration made
easier by interface
RC4 shortcomings
DS2
Master-slave key
exchange
3DES
Central configura-
tion by administra-
tion console on
master device
Interception of key
exchanges during
authentications
Oxance
– NEK
– DEK
– DES-56 bits
– AES-128 bits
Management by
Web centralized
interface
Possible Web inter-
face shortcomings
- Power Line Communications 2
- To Yves, Françoise 6
- Contents 8
- Contents ix 10
- Contents xi 12
- Organization of the Book 14
- Organization of the Book xv 16
- Acknowledgments 18
- Introduction 20
- Standard Organizations 21
- PLC Technologies 3 22
- 4 Introduction 23
- COMPANY STANDARD: 24
- CONSORTIUM STANDARD: 24
- INDUSTRY STANDARD: 24
- GOVERNMENT STANDARD: 24
- 6 Introduction 25
- PLC Technologies 7 26
- Consortiums and Associations 27
- HomePlug Alliance 27
- PUA (PLC Utilities Alliance) 28
- PLC Forum 29
- Future IEEE Standard 29
- 12 Introduction 31
- PLC Theory 32
- Architecture 34
- 16 Architecture 35
- 18 Architecture 37
- Attenuation 39
- Coupling Between Phases 40
- Frequency Response 40
- Interface Sensitivity 40
- Modeling Electrical Networks 41
- Public Networks 43
- Private Networks 43
- Analogy with a Network Hub 44
- The Concept of PLC Repeaters 44
- 26 Architecture 45
- Layered Architecture 46
- 28 Architecture 47
- Layered Architecture 29 48
- Functionality 50
- Network Mode Functionality 33 52
- Peer-to-Peer Mode 53
- Network Mode Functionality 35 54
- Network Mode Functionality 37 56
- 38 Functionality 57
- Listening to the Medium 58
- Access to the Medium 59
- Back-off Algorithm 61
- T Random CW 61
- =×(, )0 time slot 61
- Number of 62
- 44 Functionality 63
- Data Transmission Example 64
- 46 Functionality 65
- ACK Response 66
- NACK Response 67
- FAIL Response 67
- SACK Response in HomePlug AV 68
- 50 Functionality 69
- Managing Frame Priorities 70
- 52 Functionality 71
- Frame Level Functionalities 73
- MAC Encapsulation 74
- Fragmentation Reassembly 75
- Fragmentation 75
- Other Functionalities 76
- 58 Functionality 77
- Service Quality 78
- Using VLAN Labels 79
- Cryptology 81
- 64 Security 83
- RC5 and RC6 84
- Blowfish 84
- Public-Key Cryptography 85
- RSA (Rivest, Shamir, Adelman) 86
- Diffie-Hellman 86
- Mixed-Key Cryptography 87
- Electronic Signatures 87
- Use of Public Keys 88
- The Hash Function 88
- 70 Security 89
- Security for PLC Networks 91
- Access to the Physical Medium 92
- 74 Security 93
- Access to Physical Frames 94
- Authentication 94
- Network Keys 94
- 76 Security 95
- MD5 Algorithm (RFC 1321) 96
- Security in HomePlug AV 97
- Security for PLC Networks 79 98
- Denial of Service Attacks 99
- RADIUS and Diameter 100
- IEEE 802.1x in PLC 101
- 84 Security 103
- Virtual Private Networks 104
- CHAPTER 5 106
- Physical Layer Frames 107
- Bit rate 108
- 90 Frames 109
- The OFDM Interface Frame 110
- OFDM Transmission Schemes 111
- The OFDM Interface Frame 93 112
- Functional Blocks 113
- The OFDM Interface Frame 95 114
- The PLC Physical Frame 115
- The OFDM Interface Frame 97 116
- Physical Frame Data Body 117
- Physical Frame End Delimiter 117
- The OFDM Interface Frame 99 118
- MAC Layer Frames 119
- Address Fields 120
- Hexadecimal Format 121
- MAC Layer Frames 103 122
- 104 Frames 123
- PLC in Practice 124
- 106 PLC in Practice 125
- Applications 126
- Telephony over PLC 127
- Actual Rate 128
- Transit Time 129
- Differentiating IP Packets 129
- Hi-Fi Quality Telephony 130
- Streaming 131
- Capacity Problems 132
- Multimedia 133
- PLC Local Networks 134
- Internet Connection Sharing 135
- File and Printer Sharing 135
- PLC Local Networks 117 136
- Audio Broadcasting 137
- Recreational Applications 137
- Video Surveillance 137
- InternetBox and PLC 138
- 120 Applications 139
- New Applications for PLC 140
- PLC in Public Spaces 141
- PLC over Coaxial Cable 141
- PLC in Motor Vehicles 141
- Economic Perspectives 142
- 124 Applications 143
- Equipment 144
- Master-Slave Mode 145
- PLC Technologies 127 146
- Case of Ascom APA Devices 147
- Centralized Mode 148
- PLC Modems 149
- Dissipation in PLC Modems 150
- PLC USB Modems 151
- PLC Ethernet Modems 152
- PLC Cable TV Modems 153
- PLC Modems 135 154
- PLC/Wi-Fi Modems 155
- Multifunction PLC Modems 156
- 138 Equipment 157
- PLC Modems 139 158
- 140 Equipment 159
- Coupling 160
- Choice of Injection Cable 161
- Transformers and Meters 162
- Transformers 163
- Repeaters 164
- Home-Made PLC Repeater 165
- Filters 147 166
- The Cost of PLC 167
- The Cost of PLC 149 168
- 150 Equipment 169
- Installation 170
- 152 Installation 171
- Frequency Bands 153 172
- Low Bit Rate PLC 173
- High Bit Rate PLC 174
- 156 Installation 175
- Frequency Bands 157 176
- 158 Installation 177
- Frequency Bands 159 178
- 160 Installation 179
- Single-Phase Wiring 180
- 222 22222 181
- Three-Phase Wiring 182
- The Circuit Breaker Panel 183
- 166 Installation 185
- Propagation of the PLC Signal 187
- Interference 188
- 170 Installation 189
- Network Data Rates 190
- 172 Installation 191
- Network Data Rates 173 192
- 174 Installation 193
- Network Data Rates 175 194
- 176 Installation 195
- Data Rate Variation 196
- Security 197
- Configuration 198
- 180 Configuration 199
- 182 Configuration 201
- 184 Configuration 203
- Electrical Network 205
- 188 Configuration 207
- 190 Configuration 209
- 192 Configuration 211
- 194 Configuration 213
- (see Figure 9.24): 214
- Lastly, the next command: 214
- 196 Configuration 215
- PC using Ethernet; 218
- 200 Configuration 219
- Configuring an HD-PLC Network 224
- Configuring a DS2 Network 225
- Configuring a DS2 Network 207 226
- 208 Configuration 227
- Configuring a DS2 Network 209 228
- 210 Configuration 229
- Review of Network Parameters 230
- IP Addresses 230
- Structure of an IPv4 Address 231
- Address Classes 231
- Subnet Mask 233
- DNS (Domain Name Service) 233
- 216 Configuration 235
- PLC in the Home 236
- 218 PLC in the Home 237
- Choosing a PLC Technology 238
- Choosing Equipment 238
- 220 PLC in the Home 239
- 222 PLC in the Home 241
- Configuring the PLC Gateway 243
- 226 PLC in the Home 245
- Configuring PLC Security 247
- 230 PLC in the Home 249
- Firewall 250
- VPN and PPPoE 251
- 234 PLC in the Home 253
- 236 PLC in the Home 255
- DNS Addresses 256
- 238 PLC in the Home 257
- DHCP Architecture 258
- 240 PLC in the Home 259
- MAC Address 260
- 242 PLC in the Home 261
- 244 PLC in the Home 263
- PLC for Businesses 266
- Network Architecture 267
- Supervising a PLC Network 268
- Choosing a Standard 269
- QoS in HomePlug AV 271
- 254 PLC for Businesses 273
- Placing Equipment 274
- 256 PLC for Businesses 275
- Security Parameters 276
- Security Topologies 277
- HomePlug AV 278
- VLAN (Virtual LAN) 279
- VoIP Under PLC 281
- Network Implementation 282
- 264 PLC for Businesses 283
- Hotel Story PLC Networks 285
- # ifconfig eth0 287
- 268 PLC for Businesses 287
- Configuring a DHCP/NAT Server 288
- NAT Configuration 289
- MASQUERADE 290
- PLC for Communities 292
- Electrical Network Operators 293
- Topology of MV Networks 295
- Topology of LV Networks 295
- Figure 12.5 Ring topology 296
- Figure 12.6 Mesh topology 296
- 278 PLC for Communities 297
- POP = Point of Presence 299
- University 300
- Issues in Electrical Networks 301
- 284 PLC for Communities 303
- Configuring the Network 304
- 286 PLC for Communities 305
- Small-Scale PLC Networks 306
- Medium-Scale PLC Networks 307
- Large-Scale PLC Networks 308
- 290 PLC for Communities 309
- 292 PLC for Communities 311
- Hybrid PLC 314
- 296 Hybrid PLC 315
- Coexistence of PLC and Wi-Fi 317
- 300 Hybrid PLC 319
- Choosing the IEEE 802.11 Mode 320
- 302 Hybrid PLC 321
- 304 Hybrid PLC 323
- 306 Hybrid PLC 325
- 308 Hybrid PLC 327
- Resources 328
- 310 Resources 329
- Books and Articles 330
- About the Author 332
- 316 Index 335
- Index 317 336
- 318 Index 337
- Index 319 338
- 320 Index 339
- Index 321 340
- 322 Index 341
- Index 323 342
- 324 Index 343
- Index 325 344
- Telecommunications Series 346
© 2020, manymanuals.cz. Všechna práva vyhrazena. | 0.045 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentáře k této Příručce