3
Today, the Canopy system incorporates a flexible security model that supports a wide
variety of system configurations ranging from a fully open system to an
authenticated/encrypted air link with dynamic session key assignment. The Canopy
system uses industry proven authentication and encryption technologies to ensure that the
service provider maintains control of the network. The system comes with Data
Encryption Standard (DES) to protect against eavesdropping and Advanced Encryption
Standard (AES) is available as an option for customers requiring the most secure network
available. The following paragraphs highlight each of these advanced features in further
detail.
C
ANOPY
’
S
P
ROPRIETARY
P
ROTOCOL
Canopy’s proprietary air interface provides a strong foundation against attacks by
invaders. First of all, because the Canopy system is based on a proprietary protocol, there
are no published specifications for the product by which sniffer radios could be built. In
addition, a sniffer would require the proprietary Canopy chip set that is not readily
available. Second, the MAC protocol for packet assembly, disassembly and
retransmission is not published. Third, data transmitted over the air is scrambled into 64-
byte data packages thus providing an additional obstacle to unauthorized decoding.
Finally, the directionality of the Canopy system transmissions impedes eavesdropping.
In other words, the proprietary air interface presents a major hurdle for unauthorized
parties. Of course, the Canopy system’s security is not based merely on secrecy of its air
interface.
A
UTHENTICATION
Clearly it is inadvisable to transmit information that one assumes is secure using clear
text as it can be easily monitored. Unlike many fixed wireless broadband products, the
Canopy system does not use clear text transmissions but rather a proprietary protocol for
transmissions. When this protocol is combined with the Canopy Bandwidth and
Authentication Manager (BAM), an added level of security is achieved for the operator
and the network.
The BAM controls access to a Canopy system, and each AP module can be configured to
require secure SM authentication prior to providing network access. Each SM must be
authenticated by the BAM before entering the network. SMs are authenticated and keys
are managed individually. The authentication process also takes into account the
electronic serial number unique to each transceiver along with a 128-bit secret key that is
unique to each SM and is known only to the network operator. The eight step
authentication process is shown in Table 1.