Wireless Security: Which standard should I use for maximum security?

With the advent of wireless security, a variety of security standards have been developed and used. Each standard was developed to plug some vulnerability in its predecessor. As a result, a number of security options are available to the customer today. Some of the less secure and deprecated standards are also available to maintain backward compatibility with older Wi-Fi equipment.

When installing wireless networking equipment (Access Points or Routers) in their homes, customers should use the most secure standards for their home network. In this blog, l will introduce the various encryption standards available and recommend the most secure standard when setting up a home network.

Let’s take a quick look at the evolution of wireless encryption standards in chronological order. These standards are also listed from being least secure to most secure:

Wireless Security Blog

When setting up your home network, GainSpan recommends that you use WPAv2 standard on your home networks and use a long passphrase. When using WPAv2 with a strong passphrase, chances are very slim of a hacker breaking into your home network.

Will you use WPAv2 on your home Access Point / Router to secure your home network from potential hackers?

Please let us know your comments.

 

Provisioning Made Easy!

One of the key challenges that ODMs have to contend with while developing IoT products is the ease of installation on the customer’s network. This process of associating an IoT product to a network is called Provisioning.

The challenge in Provisioning stems from the fact that most IoT devices do not have any input or output mechanism for customers to enter their home network credentials (SSID and Passphrase). As such, Wi-Fi silicon manufacturers provide some mechanism to provision the IoT device on the network.

At GainSpan, we provide a comprehensive suite of provisioning techniques for the ODMs to choose from depending upon the use case of their IoT product. Most people now prefer to use their smart phones and tablets for provisioning.

Let’s take a look at some of GainSpan’s provisioning mechanisms:

  • Patented Concurrent provisioning:
    • IoT device comes up in Limited AP mode (GainSpan recommends using WPA2 security in Limited AP mode)
    • Customers uses an App on their smartphone to send the provisioning credentials to the IoT device
    • The IoT device attempts to associate to the desired network
    • Upon successful or unsuccessful (in case of mistyped SSID or Passphrase) association, the device provides a feedback to the user
    • Eliminates the need for BLE device for provisioning
  • Patented Web provisioning
    • IoT device comes up in Limited AP mode (GainSpan recommends using WPA2 PSK security in Limited AP mode)
    • IoT device starts a secure web server and advertises provisioning as a service
    • Configuration data (SSID, Passphrase) is exchanged through RESTful API
    • Smartphone is used as an I/O device
  • Limited AP mode:
    • This is similar to web provisioning, except instead of hosting a web server on the device,the user uses a mobile App on their smart device to send the provisioning credentials
    • Smartphone is used as an I/O device
  • Wi-Fi Protected Setup (WPS)
    • User pushes a button on their home Access Point to put it in WPS mode
    • User invokes WPS mode on the device (typically via a push button)
    • The device and home Access Point exchange credentials and the device is provisioned on the network
    • Easy provisioning – as easy as just pushing a button 
  • Apple Wireless Accessory Control (WAC) protocol
    • Uses iOS framework to provisioning from an iOS device
    • No mobile App needed for provisioning
    • Uses iOS framework to provide success / failure status
    • Use your iOS device to send the home network credentials to the device
  • Group Provisioning
    • Facilitates provisioning a number of devices from the mobile App in one shot
    • Within the Mobile App, each IoT device shows up as an unprovisioned device
    • Customer enters the network credentials within the Mobile App once and then selects the number of IoT devices to provision
    • The App connects to each IoT device and provisions them serially

Which method would you use when designing your IoT product? We are keen to hear from you!