Mobile Security - Wireless Mesh Network Security · PDF fileOverview Introduction •Wireless Ad-hoc Networks •Wireless Mesh Networks Security in Wireless Networks Attacks on Wireless

Mobile Security Wireless Mesh Network Security

Sascha Alexander Jopen

09.02.2011

Overview

Introduction

• Wireless Ad-hoc Networks

• Wireless Mesh Networks

Security in Wireless Networks

Attacks on Wireless Mesh Networks

Countermeasures

• Key Management Schemes

• SMOCK

Conclusion

2 Sascha Jopen – Wireless Mesh Network Security 09.02.2011

Wireless Ad-hoc Networks

No infrastructure like access points

Communication with other nodes only within their transmission range

Nodes farther away only reachable through other nodes by multihop routing

Every node forwards traffic for other nodes

Self-healing due to automatic link-failover in case of sufficiently dense coverage


Wireless Mesh Networks

Specialized Type of Ad-hoc Network (WMN)

Mesh Routers

• Often connected to mains

• Moderate to high CPU power

• Provide router-, gateway- and other services

• Mostly static locations

Mesh Clients

• Often battery powered

• Low CPU power and other resource constraints

• Mobile devices like Notebooks, PDAs, etc.


Backbone Configuration


Consists of mesh routers only, which may provide gateway features or other services to client networks

Connect several conventional (infrastructure) networks

WMNs are transparent to their client networks

Conventional routing in client networks with one of the WMN routers as their next hop

Internet

Corporate Network

Cellphone Network

Wireless Mesh Network

Client Configuration


Mesh client devices only

No gateways to other networks

No dedicated routers

One, probably very large, ad-hoc network


Hybrid Configuration


Hybrid configurations also possible

Combines benefits from both backbone and client configurations

Mesh clients reachable from outside networks

Internet

Corporate Network

Cellphone Network


Wireless Mesh Network Clients

Security

No infrastructure

• Nodes added, moved or removed at any time

• Frequent topology changes may conceal break-ins

Shared medium

• Eavesdroping, injecting and modifying traffic easily possible

Limited physical protection

• Mobile and small devices

• Devices scattered over large areas

• Physical compromise is more likely


Security

No central management

• Routing and route discovery done by each node

• Cooperation and trust relationships often assumed

• Attackers may broadcast routing information

Resource constraints

• Ideal targets for DoS attacks

• Makes countermeasures like strong cryptography difficult


Selective Forwarding


Malicious node drops packets of specific other nodes

Droping too many nodes may lead to discovery or route changes

Attackers node has to be on the routing path of the nodes to be attacked

May be achieved by jamming neighbouring nodes which would normaly forward the desired traffic

Selective Forwarding

Sinkhole Attack


Attract neighbouring nodes to send their data through the attackers node

May be achieved by pretending, or actually serving fast and reliable links

Attacker has to participate in routing

Packet flow of a large area may be influenced

Attackers have the opportunity to monitor or alter a large amount of traffic, disrupt services etc. Sinkhole Attack

Wormhole Attack


Wormhole Attack

Tun

nel

Similar effects as sinkhole attack

Two nodes required with great distance in between

Out-of-band channel like fast, wired connection

Tunnel exploits routing race conditions to provide fast links

No routing needed, only packet capturing and replaying

Countermeasures

Prevention of many attacks by means of authentication, confidentiality and integrity, as well as non-repudiation

Usage of cryptographic systems to en/decrypt and sign messages required

WMN devices limited in processing power, affecting strength of deployed crypto methods

Constraints of WMN devices on storage, therefore limiting amount and size of keys


Crypto Systems

Symmetric Crypto Systems

• One shared key for en-/decryption

• Fast encryption and decryption

• Pairwise secure channels between 𝑛 nodes require 𝑛 (𝑛 − 1) 2 keys

• One compromised node renders all keys invalid

• Key distribution system needed to frequently change the keys

Public Key Crypto Systems

• Public key for encryption, private key for decryption

• Slower than using symmetric keys

• Pairwise secure channels between 𝑛 nodes require 𝑛 key pairs

• One compromised node does not affect the others

• If the keys are not preinstalled, certificate authorities are needed


SMOCK

Scalable Method Of Cryptographic Key management scheme

Reduce number 𝑂(𝑛) of keys of traditional public key system to 𝑂(log 𝑛)

Improves storage usage at the cost of processing power and resilience

Each node uses set of 𝑏 private keys out of key pool 𝐾, but no node has complete subset of another nodes keys

Encryption has to be performed using all public keys corresponding to recipients key set

No certificate authority, thus preinstalling keys required


SMOCK Design

Memory Efficiency

• Minimize overall number of keys stored on each node

• min 𝐾 + max

𝑖∈𝑉𝐾𝑖

𝑝𝑟𝑖𝑣

s.t. 𝐾𝑖 ⊈ 𝐾𝑗 , 𝐾𝑖 ⊉ 𝐾𝑗 ∀𝑖 ≠ 𝑗

• With 𝐾 the number of (public) keys and 𝐾𝑖𝑝𝑟𝑖𝑣

the number of private keys at node 𝑖 from the set 𝑉 of deployed nodes

Computational Complexity

• Use as few private keys within each key set as possible

• min max

𝑖∈𝑉𝐾𝑖

𝑝𝑟𝑖𝑣

s.t. 𝐾𝑖 ⊈ 𝐾𝑗 , 𝐾𝑖 ⊉ 𝐾𝑗 ∀𝑖 ≠ 𝑗 and 𝐾 ≤ 𝑀

• With 𝑀 the number of memory slots available for key storage on each node

• Both memory efficiency and computational complexity perform best with isometric key sets


SMOCK Design

Resilience Requirement

• In case of system compromises, on average 𝐶 𝑘𝑐 𝑥 , 𝑏 = 𝑘𝑐(𝑥)𝑏

with

𝑘𝑐 𝑥 = 𝑎 − 𝑎 − 𝑏𝑎−𝑏

𝑎

𝑥−1 distinct key sets compromised

• 𝑉𝑥 𝑎, 𝑏 = 𝐶(𝑘𝑐 𝑥 ,𝑏)

𝐶(𝑎,𝑏)≤ 𝑃

• 𝑉𝑥 𝑎, 𝑏 is the vulnerability metric, which is the percentage of compromised connections for 𝑥 compromised nodes

• With 𝑃 the upper bound of compromised connections for 𝑥 compromised

nodes, 𝑎 = 𝐾 the number of public keys and 𝑏 = 𝐾𝑖𝑝𝑟𝑖𝑣

the number of private keys

Key Allocation

• Several algorithms available to optimize above equations, though always trade-offs between storage and resilience exist

• Finally calculation of 𝑎 and 𝑏 for desired parameters possible


Secure Communication

Each node calculates an ID from its distinct key set

• All keys are labeled with ascending numbers

• Let keyID𝑖𝑗 the 𝑖-th key held by node 𝑗

• Concatenate the keyIDs „ keyID1𝑗|…| keyID𝑏

𝑗 “

Sending this ID to another node allows it for encrypting a packet using the public keys indicated by the ID destined for the corresponding node

ID is sent in clear text

A node intercepting an ID could not decrypt any traffic due to lack of the required private keys

Changing ID leads to the original sender not being able to decrypt the message


Conclusion

WMNs are a promising technologie due to scalability, large coverage areas and deployment without installing costly infrastructure

Their ad-hoc network nature imposes high security risks

Many vulnerabilities can be prevented by means of en/decryption and authentication

SMOCK is a public key crypto system which allows for large networks while still providing reasonable secure channels


Questions

20

Are there any questions?

Thank you for your attention.

09.02.2011 Sascha Jopen – Wireless Mesh Network Security

References

I. F. Akyildiz, X.Wang, and W.Wang. Wireless mesh networks: a survey. Computer Networks, 47(4):445 - 487, 2005.

A. El-Mousa and A. Suyyagh. Ad hoc networks security challenges. In Systems Signals and Devices (SSD), 2010 7th International Multi-Conference on, pages 1-6, 2010.

C. Karlof and D. Wagner. Secure routing in wireless sensor networks: attacks and countermeasures. In Sensor Network Protocols and Applications, 2003. Proceedings of the First IEEE. 2003 IEEE International Workshop on, pages 113 -127, May 2003.

S. Misra, I.Woungang, and S. C. Misra, editors. Guide to Wireless Ad Hoc Networks (Computer Communications and Networks) - Security in Wireless Ad Hoc Networks, pages 391-425. Springer, 2009.


Mobile Security - Wireless Mesh Network Security · PDF fileOverview Introduction •Wireless Ad-hoc Networks •Wireless Mesh Networks Security in Wireless Networks Attacks on Wireless

Documents