security issues in wireless networks l.
Download
Skip this Video
Download Presentation
Security Issues in Wireless Networks

Loading in 2 Seconds...

play fullscreen
1 / 36

Security Issues in Wireless Networks - PowerPoint PPT Presentation


  • 103 Views
  • Uploaded on

Security Issues in Wireless Networks. Kumar Viswanath CMPE 293. What is Cryptography. Cryptography is the work of people suffering from delusional paranoia. Security Requirements. Confidentiality Protection from disclosure to unauthorized persons Integrity Maintaining Data Consistency

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Security Issues in Wireless Networks' - ulf


Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
what is cryptography
What is Cryptography
  • Cryptography is the work of people suffering from delusional paranoia
security requirements
Security Requirements
  • Confidentiality
    • Protection from disclosure to unauthorized persons
  • Integrity
    • Maintaining Data Consistency
  • Authentication
    • Assurance of identity of originator of Data
  • Non- Repudiation
    • Originator of communications cant deny it later
security threats
Security Threats
  • Information Disclosure /information leakage
  • Integrity violation
  • Masquerading
  • Denial of Service
  • Generic threats: backdoors, trojans, insider attacks
  • Most Internet Security problems are related to access control or authentication
attack types
Attack Types

Passive Attack

Active Attack

  • Passive attack can only observe data or communications
  • Active attack can actively modify data or communications
    • Mail forgery/ Modification
    • IP spoofing / session hijacking
security mechanisms
Security Mechanisms
  • Three basic building blocks are used:
    • Encryption is used to provide confidentiality, can provide authentication and integrity protection
    • Digital Signatures are used to provide authentication, integrity protection and non repudiation
    • Checksum and Hash algorithms are used to provide integrity protection
  • One more more of these security mechanisms is combined to provide a security service
services mechanisms algorithms
Services , Mechanisms, Algorithms
  • Services are built from mechanisms
  • Mechanisms are implemented using algorithms

SSL

Signatures

Encryption

Hashing

DSA

RSA

DES

MD5

conventional encryption
Conventional Encryption
  • Shared Key
  • Problem of communicating a large message in secret reduced to communicating a small key in secret
public key encryption
Public Key Encryption
  • Use Matched public/private key pairs
  • Any one can encrypt with public key but only one person can decrypt with private key
security in gsm networks
Security In GSM Networks
  • Overview
    • GSM subscribers MS are traced during their intra-domain and inter-domain movements
    • Each MS informs the network of its position and this information is used to update the VLR and HLR
    • Communication is established under control of Authentication center called Auc located within the Message Switching Center (MSC)
gsm cont d
GSM Cont’d
  • Every GSM subscriber has a smart card (SIM) containing a secret key Ki known only to the HLR.
  • When MS notifies local MSC of its presence, local VLR contacts the HLR
  • VLR transmits it own identity , MS indentity (IMSI) and position to HLR.
  • HLR queries its AUc for a set of triplets containing a challenge, a signed response SRES and corresponding session key Kc.
  • The triplets are forwarded to VLR which uses it for authenticating MS
slide12
Parameters SRES and Kc are computed with proprietary algorithms A3 and A8 that implement one way functions.
  • SRES = A3(Ki,RAND)
  • Kc = A8(Ki,RAND)
  • Authentication of Mobile Station is achieved using the challenge response mechanism
  • Data Confidentiality is achieved by enciphering all data with session key Kc.
  • A5 is used to encipher data, speech and signaling messages
security issues
Security Issues
  • The authentication scheme relies on the security of the inter- network between the VLR  HLR communication
  • Another point of contention is the manner in which the authentication information is distributed.The Home domain has to generate on the fly, a set of challenge -response pairs
  • GSM uses proprietary Algorithms for authentication and secrecy.
  • Security by Obscurity is not effective.
slide15
CDPD
  • CDPD is not only a value added service but a complete architecture. The architecture supports several network layer protocols including IP
  • Security Services composed of
    • Data confidentiality
    • Key Distribution
    • Mobile Unit Authentication
slide16
An authentication server AS is present in every CDPD domain
  • The AS is typically co-located with the Mobile Data Intermediate System (MD-IS)
  • Mobile unit (M-ES) authentication requires contacting the AS in the units Home domain
cdpd cont d
CDPD cont’d
  • The authentication begins with the Diffie-Hellman key exchange protocol.
  • M-ES and MD-IS both share a key Ks.
  • M-ES encrypts its credential with Ks and submits it for authentication
  • Credentials consist of a triple [NEI,ARN,ASN]
  • The serving MD-IS decrypts the credentials and forward them to the home MD-IS in cleartext.
slide18
Home MD-IS validates the credentials and issues a new ARN.
  • M-ES authentication is complete when the serving MD-IS receives a confirmation from the home MD-IS
security issues20
Security Issues
  • Authentication scheme is unidirectional
  • An intruder can masquerade as the serving MD-IS and discover M-ES credentials
  • The scheme assumes that the fixed network is secure
  • CDPD does not have a long term key unlike GSM. If an intruder intercepts the M-ES credentials he can impersonate for ever.
securing ad hoc networks
Securing Ad Hoc Networks
  • Goals
    • Availability: ensure survivability of the network despite denial of service attacks. The DOS can be targeted at any layer
    • Confidentiality: ensures that certain information is not disclosed to unauthorized entities. Eg Routing information information should not be leaked out because it can help to identify and locate the targets
    • Integrity: guarantee that a message being transferred is never corrupted.
slide22
Authentication: enables a node to ensure the identity of the nodes communicating.
  • Non- Repudiation: ensures that the origin of the message cannot deny having sent the message
challenges
Challenges
  • Wireless links renders the ad hoc network susceptible to attacks
  • In Ad hoc scenarios like tactical warfare etc. nodes have a high probability of being compromised.
  • Ad hoc network is dynamic because of frequent topology changes. Trust relationship among nodes also changes
secure routing
Secure Routing
  • Two sources of threats:
    • External: Intruder nodes can pose to be a part of the network injecting erroneous routes, replaying old information or introduce excessive traffic to partition the network
    • Internal: The nodes themselves could be compromised. Detection of such nodes is difficult since compromised nodes can generate valid signatures.
slide25
High Level Solution
    • Treat routing information from compromised nodes as outdated information
  • If routing protocol can provide multiple routes use Diversity Coding techniques
    • eg if there are n disjoint routes to a destination use (n-r) channels to transmit data and other r channels to transmit redundant information.
key management service
Key Management Service
  • Use Digital signatures to to protect both routing and data
  • Public Key infrastructure because of superiority in key distribution.
  • Problems:
    • Requires a trusted entity called Certification Authority CA for key management
    • Single point of failure
key management service27
Key Management Service
  • Key Management consists of n servers. The service as a whole has a public/private key pair K/k.
  • The public key K is known to all nodes and the private key is divided into n shares s1,s2,… sn.

Key management K/k

K

S1

Sn

K1/k1

K2/k2

Kn/kn

S2

slide28
Each server ‘i’ has a public/private key pair Ki/ki and knows the public keys of all other nodes.
  • Nodes as clients can query requests to get other client’s public keys or update requests to change their own public keys
  • The key management scheme uses (n,t+1) threshold cryptography.
threshold crytography
Threshold Crytography
  • An (n,t+1) scheme allows n parties to share the ability perform cryptographic operations ( eg. digital signatures ) so that any t+1 parties can jointly perform the operations
  • For the service to sign a certificate each server generates the partial signature using its private key share Si
  • All the Si are combined in the combiner.The combiner can use any valid t+1 partial signatures to generate the Key K.
  • Note: Compromised Servers can generate incorrect partial signatures.
  • Proactive schemes use share refreshing.
    • Compute new shares from old shares without disclosing the service private key to any server.
wired equivalent privacy wep
Wired Equivalent Privacy (WEP)
  • “ Wired Equivalent Privacy”
  • Part of 802.11 Link layer protocol
  • Security Goals:
    • prevent link layer eavesdropping
    • Secondary Goal: prevent network access
    • Essentially equivalent to wired access point security
slide31
WEP
  • WEP relies on a secret key that is shared between a mobile station (eg. a laptop with a wireless ethernet card) and an access point (ie. a base station)
  • The secret key is used to encrypt packets before they are transmitted, and an integrity check is used to ensure that packets are not modified in transit.
  • The standard does not discuss how the shared key is established. In practice, most installations use a single key that is shared between all mobile stations and access points.
protocol setup
Protocol Setup

LAN

Access

Point

Shared key

Mobile Station

Mobile Station

Mobile Station

slide33
WEP uses RC4 which is a stream cipher
  • A stream cipher operates by expanding a short key into an infinite pseudo-random key stream.
  • The sender XORs the key stream with the plaintext to produce ciphertext.
  • The receiver has a copy of the same key, and uses it to generate identical key stream.
  • XORing the key stream with the ciphertext yields the original plaintext.
problems
Problems
  • An attacker can flip a bit in the ciphertext, then upon decryption, the corresponding bit in the plaintext will be flipped.
  • Also, if an eavesdropper intercepts two ciphertexts encrypted with the same key stream, it is possible to obtain the XOR of the two plaintexts.
  • Knowledge of this XOR can enable statistical attacks to recover the plaintexts.
  • The statistical attacks become increasingly practical as more ciphertexts that use the same key stream are known.
security measures
Security Measures
  • To ensure that a packet has not been modified in transit, WEP uses an Integrity Check (IC) field in the packet.
  • To avoid encrypting two ciphertexts with the same key stream, an Initialization Vector (IV) is used to augment the shared secret key and produce a different RC4 key for each packet. The IV is also included in the packet.
conclusions
Conclusions
  • Designing secure protocols is harder than it looks
  • Public review is a good idea
  • Use previous work ( and their failures ) to design more robust schemes