FIrDA-SSL: experiments with securing communication in PANs

In personal area networks (PANs), a personal operating space (POS) surrounds the person up to 10 meters in all directions and it contains several types of wireless devices exchanging data between them (intra-PAN communication), or with devices from another POS or as part of broader networks (inter-PAN communication). Security is seen as a "big issue" both for intra and inter-PAN communication. The security mechanisms or protocols involved should also run on user devices within a reasonable amount of time. Clearly one of the first issues to be addressed in PANs is to transfer information securely and we provide a practical approach for this issue. In practice, we want to enable the exchange of "personal" data only to authenticated parties and doing this with standard protocols, client software or commercial products available at the moment. We developed a tool named FIrDA-SSL (Footprint Irda SSL transfer) for secure transfer of small amounts of data, like a credit card number, or a personal identification information, between devices with infrared ports. FIrDA-SSL's performance running on a Windows CE-enabled handheld PC and having a StrongARM processor at 206 MHz (i.e. HP Jornada 720) was compared with the one obtained when running FIrDA-SSL on 'powerful' Windows 2000fKP-enabled laptops. FIrDA-SSL connection latency was also confronted with the experiments run in other related work, e.g. on a Palm Pilot platform.