beautypg.com

5 secured traffic – Teledyne LeCroy UWBTracer User Manual User Manual

Page 189

background image

UWBTracer/Trainer User Manual

Chapter 11: Setting Up for Recording

LeCroy Corporation

171

11.5 Secured Traffic

The UWBTracer/Trainer™ system can perform real-time decryption for encrypted traffic.
The system can record the decrypted traffic and make real-time triggering/filtering
decisions based on the decrypted traffic.

The UWBTracer/Trainer system decrypts traffic using temporal keys, which it can obtain
by two methods:

Derivation Using Certified WUSB Four-Way-Handshake Protocol

Direct Programming

You can program a combined total of 32 different Connection Contexts and Temporal
Keys using these two methods.

For information about the recording options related to decryption and security, see
Section 12.2, “Recording Options: RF” on page 183.

For more information about the Device List, see Section 9.7, “Device List” on page 131.

Temporal Key Derivation Using Certified WUSB
Four-Way-Handshake Protocol

Certified WUSB hosts and devices allow you to derive a temporal key. To derive a
temporal key from a Certified WUSB host or device, you must add a valid Connection
Context to a WUSB host or device.

Note: Use the Direct Programming method to decrypt traffic between two WiMedia
devices that are not running the Certified WUSB protocol.

A Connection Context includes a connection host ID (CHID), connection device ID
(CDID), and connection key (CK). Entering the CHID and CDID into the analyzer memory
provides the analyzer with the “numeric association” connection context keys.

The UWBTracer/Trainer system uses a Connection Context to follow the
Four-Way-Handshake protocol between a host and device and consequently derive a
Pair-wise Temporal Key (PTK). The UWBTracer/Trainer system then uses the PTK to
decrypt traffic between the host and device.

The UWBTracer/Trainer system derives a new PTK whenever a new
Four-Way-Handshake protocol takes place between a host and device. Therefore, the
UWBTracer/Trainer system can only handle one Four-Way-Handshake at a time:

If multiple Four-Way-Handshakes are interleaved, the UWBTracer/Trainer system
cannot track them.

If multiple Four-Way-Handshakes are serialized, so that one finishes completely
before the next one starts, the UWBTracer/Trainer system can track them.

Note: The Connection Context from the USB Plug-in Module appears in the

Device List.

See also other documents in the category Teledyne LeCroy Equipment: