The EkaNet™ Smart Network uses local authentication at each meter node, thus avoiding vulnerable end-to-end network communication for authentication. Any attack involving false communications credentials is handled locally at each EkaNet™ Node and therefore will not have a network-level impact. Every communications link within an EkaNet™ Smart Network employs a robust challenge-response authentication scheme for mutual Node authentication. This is then supplemented by AES-encryption based on a derived per-session key for communications between that particular pair of authenticated wireless network Nodes. Each subsequent pair of EkaNet™ Nodes re-authenticates and derives another unique per-session key for data encryption and onward communications. This pattern continues throughout all of the wireless network segments.

All wireless communications in the EkaNet™ wireless mesh network are protected by mutual device authentication and derived per-session encryption keys. The derived session key is used for AES encryption. Careful attention is paid to the generation of cipher codes and random numbers to ensure that they are suitable for cryptographic use.

This hardened security technique allows for authentication, as well as confidentiality and integrity protection in each communication exchange between every pair of network devices – EkaNet™ Meter Nodes, Relays , Wireless Network Field Tool, or Wireless Gateways. Even “under-the-glass” at the individual meter, secure communications continues to utilize ANSI security specifications and standard protocols for authentication and access control.

The EkaNet™ Gateway WAN link communications to the back office are all over a Secure Socket Link (SSL) channel. On this path, AES cryptographic algorithms are used for traffic encryption along with RSA public key-based authentication and SHA-2 for integrity and industry standard X.509 v3 certificates are used. As yet another security measure, the EkaNet™ Network Manager at the head-end can use LDAP directory services for certificate validation, updating and revocation. Application-level access control is provided on top of the transport layer security afforded by SSL using application logins and respective roles.

An EkaNet™ Smart Network delivers security benefits you can count on: