A home network is intended for distribution of broadband services within a customer's premises and communication between various units of customer equipment. In current practice, both wire-line and wireless home network solutions are used. With a wire-line solution, an home network contains multiple nodes, all connected to a wire-line medium. Different nodes may be connected to different wire-line media, and some nodes may be connected to more than one medium including those which bridge between home network domains established on different media types. But as long as legitimate communication between two nodes is possible, they are considered to belong to the same home network. With wireless services, stations usually communicate with an Access Point, which is a central node of the network, generally connected to the other central nodes by fixed (usually wire-line) connections (links). The Access Point forwards (relays) messages between the wireless stations and the rest of the network. A home network may also be comprised of a combination of wireline and wireless networks: as long as stations and nodes can communicate with each other, they are considered to belong to the same home network.
One of the main issues for home network solutions, either wire-line or wireless, is security. Home networks operate over shared media which means that home network devices belonging to different people and intended to be operating in mutually disjoint and separate logical networks could be connected to the same wire (as in the case of home network over power lines or over cable), or simply have easy physical access to each other (e.g., wireless devices in close proximity, or by crosstalk between phone lines and power lines). Any unprotected communication over the media can be picked up by any equipment using the network.
The home network nodes may communicate both with a residential gateway (RG), to obtain broadband services such as TV, VoIP, and gaming from external sources, and internally with other home network nodes to share on-premise sources of digital content located in the customer's premises, such as a Digital Video Recorder (DVR) or a computer's streaming-video applications, entertainment centers, and so on.
For all these communications, confidentiality of the data stream is critical to the application. Even if all the people using a home network are in the same family, there will be information that should not be shared with parties not directly involved in the communication and if there are different groups of people sharing the use of an home network in one location (e.g., when the home network is used in a hotel or small-office setting), or if there are visitors using the home network, this is even more important. In addition, networks based upon a shared medium are often susceptible to having messages intended for some of the nodes of the network being physically detected and received by equipment that is not a legitimate member of the network.
For all these reasons, confidentiality of communications among nodes of the home network is a key criterion for the usefulness of the network.
It is equally important that communications received over the home network be trustworthy. The contents of messages should not be altered or if alteration occurs, it must not go undetected. The transmission system of the medium may use forward error correction (FEC) techniques to prevent misinterpretation due to transmission errors, but such techniques are not designed to protect against deliberate alteration to the content of the message, which would be done at a higher layer of processing.
Conventionally, the two issues of security, confidentiality and trustworthiness, between communicating nodes are addressed in the following way. Use of a cryptographic key known only to the transmitter node and to the receiver node. The transmitter processes the contents of every message to produce a cipher text. This cryptographic output cannot be understood by anyone who not possess the key but can be taken as the input to a decryption process by a possessor of that key to undo the encryption and produce the plaintext. Use a different cryptographic process on the original message to assure integrity of the communicated message. This process produces a short cryptographic output, called a Message Authentication Code. The Message Authentication Code is sent to the receiver along with the cipher text. If the received Message Authentication Code is the same as the Message Authentication Code calculated by the receiver on the basis of the received message, on the basis of an authentication key (which may or may not be the same as the confidentiality key) a strong assurance is provided that the received message has not been altered during the transmission because the cryptographic function chosen to calculate the Message Authentication Code is such that it is overwhelmingly unlikely that the message text could be altered without changing the result of the Message Authentication Code calculation.
Thus, the issue of providing confidentiality and message integrity boils down to the question of providing a set of keys to each pair of communicating nodes. In order to maintain security within each pair, no two pairs should share the same set of keys—not even in the case that the two pairs have a member in common.
The strength of encryption used to protect a communication depends on the length of the encryption key that is used. Thus, when two communication channels are protected by the same encryption technique, but one uses a longer key than the other, it will be better protected. Generally speaking, a good measure of the difficulty of “breaking” the security of a communications channel is the number of computations required to uncover the key. It is generally assumed when evaluating this difficulty that the attacker knows which technique and algorithm is being used, since there are many ways of finding this out for commercially provided equipment. This number of computations depends exponentially on the length of the key.
Within a home network, it may be the case that some communications may be of greater confidentiality than others. For example, it may not be as important to protect video-stream showing entertainment videos as much as to protect the transmission of confidential personal information or security-related information, such as passwords, or the data-stream of a confidential telephone call. Current methods of protection provided for home networks give the same degree of protection to all these communications.
In particular, current methods of providing home network security do not distinguish between different services or Client Applications that use the same node. The node offers the transport and the security as a complete package to all, and the security system cannot discriminate among them.