摘要 |
A wireless communication module to provide security at a baseband layer is disclosed. A payload of plaintext may be divided into partitions. The module may use a block cipher such as the Advanced Encryption Standard (AES) algorithm to process a unique initiation vector (IV) for each partition so that each partition may be XORed with a key stream based on a respective IV, the result providing ciphertext. The IV may include a nonce, an upper level packet counter, a packet counter and a block counter. The state of the counters may be incremented in a predetermined pattern so as to provide a unique IV for use with each partition. The ciphertext may be transmitted in a packet with a security bit indicating that the payload is encrypted but omitting the nonce. Encrypted packets may include an integrity check value (ICV) to provide for integrity of the encrypted message.
|