1 / 22

Authentication & Intrusion Prevention for Multi-Link Wireless Networks

Authentication & Intrusion Prevention for Multi-Link Wireless Networks. Raphael Frank 20 October 2007. Overview. 1. 2. 3. 4. 5. 6.  Introduction.  Authentication in WMN using exisitng protocols.  Emerging Security Issues.  Authentication protocol based on WMN properties.

kirti
Download Presentation

Authentication & Intrusion Prevention for Multi-Link Wireless Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Authentication & Intrusion Prevention for Multi-Link Wireless Networks Raphael Frank 20 October 2007

  2. Overview 1 2 3 4 5 6  Introduction  Authentication in WMN using exisitng protocols  Emerging Security Issues  Authentication protocol based on WMN properties  Security Analysis  Conclusion

  3. Introduction • What is Wireless Mesh Network (WMN)? • Mesh Nodes: Devices with at least two radio interfaces • Mesh nodes form together a wireless network (Ad-Hoc) • Second interface (AP) is used by mobile clients to connect to the network • Hot Spots (HS): Mesh Nodes equipped with a wired internet connection • Transient Access Points (TAP): Mesh Nodes without wired internet connection  Provide Internet Access to Mobile Clients by using the WMN as a backhaul

  4. Authentication in WMN using existing protocols (1) • Authentication protocols for the State of the Art of Wireless Networks • IEEE 802.11: • First WiFi standard released in 1997 • Provides Data encryption and authentication • IEEE 802.11i: • Most recent security standard released in 2004 • Provides a robust data encryption and includes an external authentication framework

  5. Authentication in WMN using existing protocols (2) • IEEE 802.11 • Encryption Protocol Wired Equivalent Privacy (WEP), based on shared-key (Key length 64 or 128 bit) • Authentication based on the knowledge of the shared-key • Security Goals: • Prevent Eavesdropping  PRIVACY • Prevent Message Modification  INTEGRITY • Network Access Control  AUTHENTICATION • Weaknesses – None of the security goals are met: • Key stream reuse  PRICACY • CRC attacks  INTEGRITY • Authentication Spoofing  AUTHENTICATION

  6. Authentication in WMN using existing protocols (3) • IEEE 802.11i • Encryption Protocol WiFi Protected Access 1 & 2 (WPA1 & WPA2) • Provides robust security properties • Authentication performed using the Extensible Authentication Protocol (EAP) • Needs a centralize authentication server • Different authentication possibilities (EAP methods)

  7. Authentication in WMN using existing protocols (4) • Extensible Authentication Protocol (EAP) • Used in wireless and fixed networks • Port Based Network Access • Authentication framework • Currently about 40 different EAP methods • Commonly used methods : EAP-TLS, EAP-TTLS

  8. Emerging Security issues(1) Problems with the standard protocols • Originally developed for the State of the Art of Wireless Networks • Security only for the first wireless link  no End-To-End features • Privacy: No data encryption after the first hop • Authentication: No Layer 2 authentication after the first hop • Single point of failure: Centralized Authentication Server • Mesh nodes cannot be considered as trustworthy • No topology authentication

  9. Emerging Security issues(2) • What are the problems related to the architecture of a WMN? • Mesh nodes cannot be considered as trustworthy • They are often deployed in a hostile environment • An attacker can spoof and/or take over a mesh node • No topology authentication • An attacker can easily inject a malicious node into the WMN • Gain access to the network • Perform Denial of Service (DoS) • Perform Man in the Middle Attacks (MitM)

  10. Definition of a new authentication protocol (1) • Why a new protocol? • No standardized security protocols for WMN • The existing protocols do not meet the requirements • What should the protocol provide? • “Real-time/Continuous” Authentication  Acceptable performance • Authentication of every participating node of WMN  Topology authentication • Authentication of the network traffic • Trustworthy mesh nodes  Mesh Node Access Control • Attack Detection/Reaction mechanism

  11. Definition of a new authentication protocol (2) • How does it work? • Based on digital signatures to verify integrity and authenticity • Hybrid authentication protocol using symmetric and asymmetric cryptography • Offers the best properties in terms of security and performance • The administrator plays the role of the CA • Provides the needed keys to the Nodes

  12. Definition of a new authentication protocol (3) • What are the required keys? • Every node is in possession • Personal Public Key • Personal Private Key • Personal Secret Key  symmetric • Public Key of the Administrator • Nodelist  Containing the allowed communication neighbors • After initialization  different public/secret keys of neighbor nodes • The procedure can be subdivided in two operations: • I)  Initialization of a new node • II)  Information transmission }  asymmetric

  13. Definition of a new authentication protocol (4) • Initialization of a new node (asymmetric) • Node A wants register to the WMN broadcast A : Nodelist Cert(A) Signature WMN Initialization message • The receiving node B • Checks if it is included in the node list (NL) • Checks the signature  Using the Public Key of the Admin • B encrypts its secret key and sends it to A • After a successful decryption, A encrypts its secret key and sends it to B

  14. Definition of a new authentication protocol (5) Node B Node A • Initialization of a new node (asymmetric) • Node A wants register to the WMN (1) Broadcast: NL, Cert(A), SIG{[NL,Cert(A)], PrivK(Admin)} (2) ENC{[Cert(B),K(B),T1], PubK(A)} (3) ENC{[K(A),T2], PubK(A)}

  15. Definition of a new authentication protocol (6) • Information transmission (symmetric) • Every node needs to have the secret key of its neighbor nodes  Initialization • Symmetric Signature  Message Authentication Code (MAC) = Fingerprint encrypted using a secret key  Faster • Node A wants to send a message to node C via node B Send via node B A : Data Timestamp Signature C Message to be transferred

  16. Definition of a new authentication protocol (7) Node A Node B Node C • Information transmission (symmetric) • Signature verification and newly generated at every hop of the transmission path • A different Timestamp guarantees a different signature (1) MSG, T1, SIG{(MSG,T1), K(A)} (2) MSG, T2, SIG{(MSG,T2), K(B)} (4) MSG, T4, SIG{(MSG,T4), K(B)} (3) MSG, T3, SIG{(MSG,T3), K(C)}

  17. Definition of a new authentication protocol (8) How to create trustworthy nodes? • We need to guarantee that a attacker cannot retrieve the sensitive data (Keys, Nodelist, …) form a mesh node Mesh Node Access Control • Before an attacker gains access to a node, the keys are erased a replaced by dummy values • Consequence Neighbor nodes will fail to verify the messages form the attacked node and drop them • Passive attack detection • The node is automatically excluded form the WMN

  18. Definition of a new authentication protocol (9)

  19. Security Analysis (1) Security & Performance Requirements • Acceptable performance : YES Using symmetric signatures • Topology authentication : YES Every node participating in a communication is authenticated • Authentication of the traffic : YES The source of every message is known • Trustworthy mesh nodes : YES Mesh Node Access Control • Attack Detection and Reaction : YES Corrupt Nodes are detected and excluded form the WMN

  20. Security Analysis (2) Other Security features • No replay attacks using timestamps • No single point of failure No centralized entity • Node Spoofing/Injection not possible  Topology authentication The attacker does not know the needed keys Man in the Middle Attack can be used to perform DoS • If an attacker modifies a transient message, it will be discarded

  21. Conclusion What’s next? • Extend the authentication protocol • Implementation of a prototype • Client/User authentication • Add an administration procedure • Remotely reintroduce attacked node into the WMN • Attack reporting • Privacy and Performance on WMN need to be considered as well • Release of a security standard for WMN • IEEE 802.11s?

  22. The end … Thank you for your attention Questions? Raphael.Frank@uni.lu Wiki.uni.lu/Secan-Lab

More Related