'%3e%3cpath%20fill='%23eee'%20d='M144%200h223l33%20256l-33%20256H144l-32-256z'%20/%3e%3cpath%20fill='%23496e2d'%20d='M0%200h144v512H0z'%20/%3e%3cpath%20fill='%23d80027'%20d='M368%200h144v512H368z'%20/%3e%3cpath%20fill='%23ffda44'%20d='M256%20277v10h12l10-22z'%20/%3e%3cpath%20fill='%23496e2d'%20d='M160%20242a96%2096%200%200%200%20192%200h-11a85%2085%200%200%201-170%200zm39%2017l-4%202c-2%202-2%206%201%208c15%2014%2034%2022%2054%2024v17h12v-17c20-2%2039-10%2054-24c3-2%203-6%201-8s-6-2-8%200a78%2078%200%200%201-53%2021c-19%200-38-8-53-21z'%20/%3e%3cpath%20fill='%23338af3'%20d='M256%20316c-14%200-28-5-40-13l6-9c20%2013%2048%2013%2068%200l7%209c-12%208-26%2013-41%2013'%20/%3e%3cpath%20fill='%23751a46'%20d='M256%20174c22%2011%2012%2033%2011%2034l-2-4c-5-11-18-18-31-18v11c6%200%2011%205%2011%2011c-7%207-9%2017-4%2026l4%208l-13%2023l29-7l18%2018v-11l11%2011l23-11l-35-21l-5-21l28%2016c4%2011%2012%2021%2023%2026c9-83-42-91-61-91z'%20/%3e%3cpath%20fill='%236da544'%20d='M222%20271c-15%200-33-12-38-40l11-2c4%2023%2018%2031%2027%2031q4.5%200%206-3c0-2%200-3-6-5c-3-1-7-2-10-5c-10-12%204-24%2011-30c1-1%202-2%201-3c0%200-2-2-5-2c-7%200-12-4-14-11c-2-6%202-13%208-17l5%2011c-2%200-2%202-2%204c0%200%201%202%203%202c7%200%2014%204%2016%209c1%203%202%209-5%2015c-7%207-11%2012-9%2015l5%201c5%202%2014%205%2013%2017c-1%208-8%2013-17%2013h-1z'%20/%3e%3cpath%20fill='%23ffda44'%20d='m234%20186l-12%2011v11l18-9c3-1%203-5%201-7z'%20/%3e%3ccircle%20cx='172'%20cy='275'%20r='8'%20fill='%23ffda44'%20/%3e%3ccircle%20cx='189'%20cy='302'%20r='8'%20fill='%23ffda44'%20/%3e%3ccircle%20cx='216'%20cy='323'%20r='8'%20fill='%23ffda44'%20/%3e%3ccircle%20cx='297'%20cy='323'%20r='8'%20fill='%23ffda44'%20/%3e%3ccircle%20cx='324'%20cy='302'%20r='8'%20fill='%23ffda44'%20/%3e%3ccircle%20cx='341'%20cy='275'%20r='8'%20fill='%23ffda44'%20/%3e%3crect%20width='34'%20height='22'%20x='239'%20y='299'%20fill='%23ff9811'%20rx='11'%20ry='11'%20/%3e%3c/g%3e%3c/svg%3e){kind=small}
'%3e%3cpath%20fill='%23eee'%20d='M167%200h178l25.9%20252.3L345%20512H167l-29.8-253.4z'%20/%3e%3cpath%20fill='%230052b4'%20d='M0%200h167v512H0z'%20/%3e%3cpath%20fill='%23d80027'%20d='M345%200h167v512H345z'%20/%3e%3c/g%3e%3c/svg%3e){kind=small}
'%3e%3cpath%20fill='%23ffda44'%20d='m0%20345l256.7-25.5L512%20345v167H0z'%20/%3e%3cpath%20fill='%23d80027'%20d='m0%20167l255-23l257%2023v178H0z'%20/%3e%3cpath%20fill='%23333'%20d='M0%200h512v167H0z'%20/%3e%3c/g%3e%3c/svg%3e){kind=small}
Security is Mandatory in Bluetooth Mesh Networks
PHANTOM® features Unparalleled Security Features
By offloading decryption, encryption, and authentication works to our CryptoCell-310, PHANTOM® can deliver high performance in Bluetooth mesh networks.
Mesh Network, Individual Applications, and Bluetooth 5.0 Devices Are All Secure
This Cannot Be Switched Off or Reduced in Any Way
- All mesh messages are encrypted and authenticated.
- Network security, application security, and device security are addressed independently.
- Security keys can be changed during the life of the mesh network via a key refresh procedure.
- Message obfuscation makes it difficult to track messages sent within the network providing a privacy mechanism to make it difficult to track nodes.
- Mesh security protects the network against replay attacks.
- The process by which devices are added to the mesh network to become nodes, is itself a secure process.
- Nodes can be removed from network securely, in a way which prevents trash can attacks.
Three Security Keys Provide Security to Different Aspects of the Mesh and Achieve a Critical Capability in Mesh Security, that of “Separation of Concerns”
- NetKey (network key) possessed by all nodes. It allows a node to decrypt and authenticate up to the Network Layer. A relay node uses NetKey to decrypt and authenticate messages before relaying.
- AppKey (application key). Application data for specific application can only be decrypted by nodes that possess the right AppKey.
- DevKey (device key) is unique to each node. It is used for secure communication with the provisioner during provisioning process.
In a mesh network with many nodes, a lot of processing power is required for decryption and authentication at least for the relay nodes and possibly for other nodes. PHANTOM® is embedded with an ARM CryptoCell-310 cryptographic co-processor. To achieve acceptable mesh network performance, PHANTOM® should be used in mesh networks with many nodes.
CryptoCell-310 provides the following key features:
- Cryptographic hardware engines, providing CPU host offloading, operation, acceleration and power consumption reduction.
- Cryptography and security middleware services
- Platform security building blocks libraries
- Device life-cycle-state management
- Key management infrastructure
- Secure boot.
By offloading decryption, encryption, and authentication works to CryptoCell-310, PHANTOM® can deliver the highest performing security of all Bluetooth mesh wireless sensor networks.
