LICAL-ENC-HS001 Linx Technologies Inc, LICAL-ENC-HS001 Datasheet - Page 5

LICAL-ENC-HS001

Manufacturer Part Number

LICAL-ENC-HS001

Description

IC ENCODER HS SERIES 20-SSOP

Manufacturer

Linx Technologies Inc

Series

HSr

Type

Encoderr

Datasheet

1.LICAL-ENC-HS001.pdf (9 pages)

Specifications of LICAL-ENC-HS001

Package / Case

20-SSOP

Applications

RF, IR

Mounting Type

Surface Mount

Supply Voltage (max)

5.5 V

Supply Voltage (min)

2 V

Maximum Operating Temperature

+ 125 C

Minimum Operating Temperature

- 40 C

Mounting Style

SMD/SMT

Lead Free Status / RoHS Status

Lead free / RoHS Compliant

Lead Free Status / RoHS Status

Lead free / RoHS Compliant, Lead free / RoHS Compliant

Available stocks

Company

Part Number

Manufacturer

Quantity

Price

Company:

Bonase Electronics (HK) Co., Limited

Part Number:

LICAL-ENC-HS001

Manufacturer:

Linx Technologies

Quantity:

135

Company:

Meier Automation Equipment Co., Limited

Part Number:

LICAL-ENC-HS001

Manufacturer:

LINX

Quantity:

20 000

Current page: 5 of 9
Download datasheet (393Kb)

HS SERIES SECURITY OVERVIEW

Figure 6: HS Series Data Structure

Page 8

Balancing

Encryption algorithms are complex mathematical equations that use a number,

called a key, to encrypt data before transmission. This is done so that

unauthorized persons who may intercept the transmission cannot access the

data. In order to decrypt the transmission, the decoder must use the same key

that was used to encrypt it. The decoder will perform the same calculations as

the encoder and, if the key is the same, the data will be recovered.

The HS Series uses the CipherLinx™ algorithm, which is based on Skipjack, a

cipher designed by the U.S. National Security Agency (NSA). At the time of this

writing, there are no known cryptographic attacks on the full Skipjack algorithm.

Skipjack uses 80-bit keys to encipher 64-bit data blocks. The CipherLinx™

algorithm uses Skipjack in a provably secure authenticated encryption mode

both to protect the secrecy of the data and ensure that it is not modified by an

adversary. 8 bits of data are combined with a 40-bit counter and 80 bits of

integrity protection before being encrypted to produce each 128-bit packet.

There are several methods an attacker may use to try to gain access to the data

or the secured area. Because a key is used to interpret an encrypted message,

trying to find the key is one way to attack the protected message. The attacker

would either try using random numbers or go through all possible numbers

sequentially to try to get the key and access the data. Because of this, it is

sometimes believed that a larger key size will determine the strength of the

encryption. This is not entirely true. Although it is a factor in the equation, there

are many other factors that need to be included to maintain secure encryption.

One factor is the way that the underlying cipher (in the case of the CipherLinx™

algorithm, Skipjack) is used to encrypt the data. This is referred to as the cipher’s

“mode of operation.” If a highly secure cipher is used in an insecure mode, the

resulting encryption will be insecure. For example, some encryption modes allow

an adversary to combine parts of legitimate encrypted messages together to

create a new (and possibly malicious) encrypted message. This is known as a

“cut-and-paste” attack. The mode of operation used by the CipherLinx™

algorithm is proven to prevent this type of attack.

Another critical factor is how often the message changes. To prevent code

grabbing, most high-security systems send different data with each transmission.

Some remote control applications will encrypt the message once per activation

and repeat the same message over again until it is deactivated. This gives an

attacker the opportunity to copy the message and retransmit it to maintain the

state of the protected device and “hold the door open”, or worse yet, have the

option to come back later and gain access. The HS Series goes a step further

and sends different data with EACH PACKET, so the data will change

continuously during each transmission. This means that at 28,800bps, there will

be a completely new 128-bit message sent every 25.5mS.

Preamble

Noise

Filter

Logic

Filter

Integrity Check

80 bits

128-Bit Encrypted Data

8 bits

Data

Counter

40 bits

HS SERIES SECURITY OVERVIEW (CONT.)

Another factor is how often the message will be repeated and the intervals

between repeats. Some applications use a counter to change the appearance of

the message. This is good, but at some point, the counter will roll over and the

message will be repeated. For example, if attackers were to copy an encrypted

message and save it, they could potentially gain access to the protected device

at a later time. Depending on the size of the counter, this vulnerability could

occur frequently. The HS Series uses a 40-bit decrementing counter to keep this

from ever happening. If the SEND line was held high continuously at the high

baud rate (28,800bps), it would take 889 years before the counter would reach

zero, at which point the key would be erased and the encoder would have to get

a new key. The math used is: [(2

889 years. This large counter prevents a packet from ever being sent twice and

prevents the encoder from ever losing sync with the decoder.

The key is generated with the decoder by the user through multiple button

presses. This is ensures that the key is random and chosen from all 2

keys. Since all of the keys are created by the user and are internal to the part,

there is no list of numbers anywhere that could be accessed to compromise the

system.

Encryption of the transmitted data is only one factor in the security of a system.

With most systems, once an encoder is authorized to access a decoder, it can

activate all of the decoder data lines. With the HS Series, each encoder can be

set to only activate certain lines. This means that the same hardware can be set

up with multiple levels of control, all at the press of a button.

Another factor in system security is the control of the encoder. If attackers gain

control of the encoder, typically they would be able to access the system. The

HS offers the option of adding a Personal Identification Number (PIN) to the

encoder that must be entered before the encoder will activate. Furthermore,

since each encoder has its own key and the Control Permissions are stored in

the decoder, all the attackers would be able to do is duplicate the device that

they have already taken. They will not be able to grant themselves greater

authority, create a new controller, or replicate another encoder.

Before the encoder sends a packet, it will calculate the Hamming Weight (the

number of ‘1’s in the string) of the packet to determine the duty cycle. If the duty

cycle is greater than 50% (more ‘1’s than ‘0’s), the encoder will logically invert all

of the bits. This ensures that every packet will always contain 50% or less ‘1’s.

Since the FCC allows transmitter output power to be averaged over 100mS, this

allows a legal improvement in link range and performance for many devices

using an ASK / OOK transmitter. A 50% duty cycle is generally the best

compromise between data volume and output power.

Some other manufacturers may use a Pulse Width Modulation (PWM) scheme

or Manchester Encoding scheme to maintain a 50% duty cycle. Both of these

methods work, but are inefficient and do not make use of the full link budget. The

HS Series uses true serial data while maintaining a 50% duty cycle. Application

Note AN-00310 covers these issues in detail.

* 25.5ms) / (1000mS*60s*60m*24h*365d)] =

possible

Page 9

LICAL-ENC-HS001 Linx Technologies Inc, LICAL-ENC-HS001 Datasheet - Page 5

LICAL-ENC-HS001

Specifications of LICAL-ENC-HS001

Available stocks

Related parts for LICAL-ENC-HS001