challenges of wireless security tcp in wired cum wireless environments n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Challenges of Wireless Security TCP in Wired-Cum-Wireless Environments PowerPoint Presentation
Download Presentation
Challenges of Wireless Security TCP in Wired-Cum-Wireless Environments

Loading in 2 Seconds...

play fullscreen
1 / 27

Challenges of Wireless Security TCP in Wired-Cum-Wireless Environments - PowerPoint PPT Presentation


  • 149 Views
  • Uploaded on

Challenges of Wireless Security TCP in Wired-Cum-Wireless Environments. Presented by – Vijaiendra Singh Bhatia CSCI 5939 Independent Study – Wireless Security. Introduction . Most of the wireless technologies were not designed with security as top priority.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Challenges of Wireless Security TCP in Wired-Cum-Wireless Environments' - alea-wallace


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
challenges of wireless security tcp in wired cum wireless environments

Challenges of Wireless SecurityTCP in Wired-Cum-Wireless Environments

Presented by –

Vijaiendra Singh Bhatia

CSCI 5939 Independent Study – Wireless Security

introduction
Introduction
  • Most of the wireless technologies were not designed with security as top priority.
  • It is challenging to implement security in wireless devices due to device characteristics.
  • Difficult to consider various security related issues like integrity, confidentiality, authentication and access control at the same time.
security approaches in
Security approaches in -
  • LAN 802.11 standard
    • The Wired Equivalent Privacy (WEP) algorithm is used to protect wireless communication from interception and to prevent unauthorized access to wireless network .
    • WEP relies on a secret key which is used to encrypt data that is shared between a mobile station (eg. a laptop with a wireless ethernet card) and an access point (i.e. a base station).
security approaches in1
Security approaches in -
  • WAP
    • WAP specifies the WTLS ( wireless transport layer security protocol ) which provides authentication, data integrity and privacy services.
    • WTLS is based on the widely used TLS security layer used in Internet.
    • WTLS generally uses RSA-based cryptography, and can also use elliptic-curve cryptography (ECC), which provides a high level security.
security aspects
Security aspects -
  • Authentication
    • WPKI – provides a set of technologies that relies on encryption and digital certificates. ( slimmed down version of PKI )
    • Smart Cards – it is a local way to authenticate user, provides more security on top of username password structure.
    • NES (Neomar’s Enterprise Server) – act as a single point of access for mobile devices and provides integration with the corporation's management and security infrastructure.
security aspects1
Security aspects -
  • VPN ( Virtual Private Network ) – These system uses encryption and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.
  • Firewalls - A system designed to prevent unauthorized access to or from a private network. A WAP gateway can be used as a single point of entry for an enterprise’s wireless systems.
wireless security issues
Wireless Security Issues -
  • In IEEE 802.11
    • WEP was intended only to provide the basic security found in wireline LAN’s.
    • It has serious weaknesses as it shares single secret key.
    • Cryptography – It has problems with the way WEP uses the cryptographic primitives.
    • 802.11 encryption is readily breakable, 50-70% networks never even turn on encryption.
wireless security issues1
Wireless Security Issues -
  • WAP Phones -
    • Many e-commerce sites uses SSL security.
    • At the WAP gateway, during the conversion of encryption from WTLS to SSL format, message is briefly unencrypted and is thus subjected to interception.
future standards
Future Standards -
  • PIC (Pre-IKE Credential ) - A PIC-based system's authentication server would authenticate devices that are authorized to communicate with the system. 
  • OMAP (Open Multimedia Applications Protocol ) - a library of software from various vendors that will permit secure transactions on wireless devices that use TI's digital signal processors.
  • MeT (Mobile electronic Transactions ) - Ericsson, Motorola, Nokia, and Siemens have formed an alliance to develop standards for secure mobile activities.
tcp in wired cum wireless environment
TCP in Wired-Cum-Wireless Environment
  • TCP assumption
    • Homogeneous: data network
    • Wired transmission error: rare
  • Wireless Environment
    • Heterogeneous network
    • Limited bandwidth
    • Long round trip time (RTT)
tcp in wired cum wireless environment1
TCP in Wired-Cum-Wireless Environment
  • TCP in wireless environment
    • Random loss
    • A segment loss triggers congestion avoidance
    • Frequent restarts and small sender’s window
    • Retransmissions
    • Poor throughput
a wired cum wireless internet
A wired-cum-wireless Internet
  • Diversification in end-host capabilities
    • Workstations coexist with WebTVs, wireless phones, and PDAs.
  • Reliable transmissions are needed for web browsing, e-mail, file transfers, etc.
  • Wireless media exhibit different transmission characteristics than wired.
    • Random losses due to fading, shadowing
    • Often, long RTTs and low bandwidth
  • Power consumption becomes an issue
end user wireless networks
End-user wireless networks
  • Wireless LANs
    • Sufficient bandwidth and relatively small RTTs, but limited user mobility (IEEE 802.11, HIPERLAN/1)
  • Wide Area Wireless Data Networks
    • Limited bandwidth, long RTTs, jitter, increased user mobility (CDPD, GPRS)
  • Cellular Networks
    • Handle voice and data (GSM, IS-95)
    • Same characteristics as WAWDNs, but circuit-switched
    • Not so economical for data transfers
tcp in a wireless environment
TCP in a wireless environment
  • Limited bandwidth
  • Long round trip times
  • Random losses
  • User mobility
  • Short flows
  • Power consumption
taxonomy of solutions
Taxonomy of solutions
  • Link layer solutions
    • TCP-aware LL protocols (e.g. snoop)
    • TCP-unaware LL protocols (e.g. TULIP)
  • Split connections
    • Indirect-TCP
  • Wireless Application Protocol
  • TCP modifications (e.g. SACK, Santa Cruz)
  • New transport protocols (e.g. WTCP)
link layer solutions
Link Layer Solutions
  • Link layer know packet drop
  • Locally buffer and retransmission
  • Fast response
  • Transparent to existing software & hardware
  • Relative reliable delivery, with TCP
link layer solutions1
Link Layer Solutions
  • TCP-Aware LL
    • Snoop agent in BS
    • Knowledge of TCP
    • Snoop timeout < TCP timeout
  • TCP-Unaware LL
    • Don’t have knowledge of TCP
    • Aware of reliable TCP & unreliable UDP
    • More possibility of LL & TCP retransmission
    • LL retransmission timeout < TCP timeout
    • Designed for half-duplex wireless channel
split connection
Split connection
  • Indirect TCP
    • Improved throughput
    • Split TCP connection into 2 (wired & wireless) at BS
    • BS acknowledges segment to sender, before the segment reach the receiver
    • Violate TCP semantics
    • Split TCP connection several times
tcp modifications
TCP modifications

The main cause is TCP assumptions

    • Modify TCP to differentiate congestion loss, random loss and handoff
  • Only peer TCP upgraded
  • Not all to improve TCP over wireless
  • Many variations proposed to improve performance in different scenarios
  • Different perspectives
    • Slow start is too aggressive, causing fast congestion
    • Initial congestion window is too low
tcp modifications1
TCP modifications

TCP SACK (Selective ACK)

    • Instead of cumulative ACK, selective ACK for out of order packet. Less retransmission of successful received.
  • TCP FACK (Forward Acknowledgement)
    • Make intelligent decisions about data that should be retransmitted
  • TCP Santa Cruz
    • Keep records of sending & receiving time
    • Estimate whether congestion is built up
tcp modifications2
TCP modifications
  • Delayed ACK
    • No loss, cumulative ack. Loss, immediate ack.
  • DAASS (Delayed ACK after Slow Start)
    • After slow start is congestion avoidance, need less traffic
  • ACK Pacing
    • Rate based, instead of window based
  • ECN (Explicit Congestion Notification)
    • Router informs congestion
  • ELN (Explicit Loss Notification)
    • Loss is informed
new transport protocols
New Transport Protocols
  • WTCP (wireless TCP)
    • Designed for CDPD or wireless WAN: low BW, high latency
    • WTCP attempts to predict when a segment loss is due to transmission errors or due to congestion
    • Rate based, an algorithm to inform sender of increasing or reducing sending rate
    • Keep track of statistics for non-congestion segment losses
    • Use of ACK and SACK
    • Not been proven
slide25
WAP
    • WAP stack provides WTP which is message oriented, i.e., the basic unit of interchange is entire message not a byte stream as in TCP.
    • WTP offers various security mechanisms as well as data compression and encryption, provided by WTLS protocol.
conclusion
Conclusion
  • TCP performance is poor under wireless environment
  • TCP over wireless
    • Link layer
    • Split connection
    • TCP modifications
  • Most developments are specific cases, not for general solution
  • New protocol designed for wireless just born, still need developments.
references
References
  • Facing the challenges of wireless security - http://nas.cl.uh.edu/yang/teaching/csci5939wirelessSecurity/MillerWirelessSecurityJuly01.pdf
  • TCP in wired-cum-wireless environment - http://nas.cl.uh.edu/yang/teaching/csci5939wirelessSecurity/pentikousis.pdf
  • Wireless Security http://www.peterindia.com/WirelessSecurity.html
  • Neomar Server http://www.neomar.com/news/releases/02.01.10developer.html
  • WEP http://www.webopedia.com/TERM/W/WEP.html