On Security in Wireless Mobile Networking

8/20/2019 On Security in Wireless Mobile Networking

http://slidepdf.com/reader/full/on-security-in-wireless-mobile-networking 1/6

IPASJ International Journal of Information Technology (IIJIT)Web Site: http://www.ipasj.org/IIJIT/IIJIT.htm

A Publisher for Research Motivation ........ Email:[email protected]

Volume 4, Issue 1, January 2016 ISSN 2321-5976

Volume 4, Issue 1, January 2016 Page 1

ABSTRACT

Mobile wireless networking is a key technology in realizing the vision of ubiquitous computing, where communication and

computing activities are not disturbed while the user roams from one subnet to another. Instead, all the needed reconnection

occurs flawlessly. This paper is mainly a literature review and explanation of some security issues related to mobile wireless

networks, including different security protocols.

Keywords:mobile, wireless, networks, security

I- INTRODUCTION

Advanced mobile devices, known as smartphones, can offer many advantages in increased productivity and ubiquitous

availability of personal, client and corporate data. However, security has become a primary concern to provide secured

communication in mobile wireless networks. Unlike the wired networks, the unique features of mobile networks create a

number of tough challenges to security strategy, such as open peer-to-peer network architecture, joint wireless channel,

rigorous resource restraints, highly dynamic network topology, and lack of a trusted infrastructure. Pervasive roaming

influences on a radio access system by demanding that it sustains handover between neighboring cells and other

networks. Moreover, mobile networks are more vulnerable to interferences than wired networks. The primary

components that contribute to this situation are neighboring channels, co-channels, multipath, Doppler shifts, and fading.

The mobile networking consists of support for roaming, which allows global access, and backup for redirection of

communication flow, which allows current session persistence. Both roaming and redirection launches new opportunities

for hackers to stage assorted attacks, particularly, the redirect attacks, where the traffic flow is redirected to destinations

selected by the attackers [1]. Mobile networking assigns two IP addresses to the mobile node, a home address and a ‘‘care

of’’ address. The home address is an IP address assigned to the mobile node within it’s on its home subnet, and the “care

of” address is an interim address gained by the mobile node while communicating with a foreign subnet. This addressing

method allows packets to be routed to the mobile node irrespective of its recent point of connection. The main focus in

this paper will be on Mobile IP version 6 (MIPv6), where the operation in MIPv6 and the types of redirect attacks are

discussed. A review of two techniques for binding update security is conducted: the cryptographically generated

addresses (CGA) protocol [3], [4], and the home agent proxy (HAP) protocol [5]. A comparison between the two

protocols in terms of performance, security, and scalability is presented [8].

II- MIPV6 OPERATION AND DIRECT ATTACKS

II-1 – Operation of MIPv6The IPv6 address contains 128 bits and is split into two parts: a subnet prefix and an interface identifier. The home

addresses of all the mobile nodes related to a home link share the same home link subnet prefix and are distinguished by

their unique interface identifiers. As discussed earlier, every mobile node in MIPv6 has a home address ( HoA), which is

an IP address assigned to a mobile node within its home subnet [2]. A mobile node is always accessed by its home

address, regardless of its current connection. While a mobile node moves away from its home and connected to another

remote subnet (see Fig.1), it is additionally accessed by one or more “care-of” addresses (CoAs).

Fig. 1 Basic operation of MIPv6

On Security in Wireless Mobile Networking

Amin H. Al-Ka’bi

Australian College of Kuwait







The CoA can be assigned to the mobile subnet via the Dynamic Host Configuration Protocol version 6, (DHCPv6) [9],

and sent to the home agent through a binding update message:

where HAA is the IP address of the home agent, which represents the destination address of the message. The home

binding update message forms a link between HoA and CoA for the mobile node with a certain life-time LT at the homeagent. Subsequently, all the IPv6 packets addressed to the mobile node’s HoA on the home subnet, are intercepted by a

proxy neighbor discovery, and tunneled to the mobile node’s CoA [2]. The packet tunneling is performed by using IPv6

encapsulation algorithm, with the outer IPv6 header forwarded to the CoA of the mobile node. On the other hand, a route

optimization operation can be initiated with the correspondent node by transmitting a correspondent binding update

message to the correspondent node:

whereCNA is the IP address of the correspondent node where it is used as a destination address of the message. The

purpose of this message is to allow the correspondent node to be continuously updated by the mobile node’s latest

CoA[1].

II.2 – Attacks Redirection in MIPv6 It is obvious that, the implementation of binding update operation explained in the previous section is susceptible to

severe security threats.

Fig. 2 (a) Session hijacking; (b) Node flooding

Faking, replaying, and reformation of unsecured binding update messages, can be used by the hackers to redirect traffic

flow from correspondent nodes to some designated destinations identified by the hackers. The redirect attacks can be

categorized into two types, session hijacking and harmful mobile node flooding, as illustrated in Fig. 2.







displaced to a new location (the victim’s location), where the victim could be either a network or a node. As an example,

the intruder could redirect an intense traffic flow from video-streaming servers to the victim, and floods the victim’s

network or node with overwhelming “valid or legal” traffic. This huge flow of traffic could cause Denial of Service (DoS)

at the victim’s network/node. This attack is an “insider” attack as the malicious mobile node is a genuine mobile nodeand its actions are ‘‘legitimate’’ binding updates.

III. CRYPTOGRAPHIC DEFINITIONS

IV. AUTHENTICATION PROTOCOLS

In order to authenticate binding update messages, we assume that mobile nodes and home agents recognize each other,

and they have a pre-established security connotation between them. A security connotation is a record of data shared by

two nodes which contains the mutually agreed cryptographic parameters, algorithms and secret keys. In IPv6 protocol,the IPsec’s encapsulating security payload (ESP) can be used to set up a secure tunnel between a mobile node and its

home agent [1].

However, one of the measures to counter the redirect attacks is to assume that there is no pre-established security

connotation between the mobile node and the other correspondent node. In this paper, two representative protocols for

authenticating correspondent binding updates are explained[8].

IV.1 – Cryptographically Generated Addresses Protocol (CGA)

In this protocol an IPv6 home address for a mobile node is generated, where the interface identifier portion is created

from a one-way hash of the mobile node’s public key. The corresponding private key is used by the mobile node to sign

the correspondent binding update messages [3,4].Here, a binding update message from MN to a correspondent node CN

is given by

where,







produce pairs of public and private keys, and by hashing the public keys, he can look for a match to a target node’s .

Once a match is located, the target node can be imitated and fake-binding updates can be generated. The computational

complexity of this type of attacks is on the order of [4]. As a result, it can be concluded that the CGA

protocol is computationally exhaustive as every binding update message needs the mobile node to create a digital

signature and the correspondent node to conduct a verification of the received digital signature.

Here, it can be seen that an intruder can simply generate public/ private key pairs, hashes the public keys to form a home

addresses, sign a binding update messages that contain a victim’s address as CoA, and send the BU messages to a

correspondent node. When the correspondent node accepts the binding update, it starts transmitting flooding traffic to the

victim network/node.

As a conclusion, the CGA protocol does not provide any conclusive evidence of the identity of the mobile node, and its

authorization to use a particular HoA, thus it can’t provide a categorical protection against the malicious and harmful

mobile node flooding attacks.

IV.2 – Home Agent Proxy Protocol (HAP)

The HAP protocol [1],[5], has the following properties:

1. It is accessible and easy to control.

2. It implements an exchange of one-way authenticated key between CN and MN .

3. No cryptographic operations on the public key are accomplished at CN ’s.4. It is protected against any authoritative rival who can initiate attacks.

5. Public key cryptosystems are used in this protocol.

The public & private keys, and in the digital signature, are combined with the home subnet. The certification

authority CA, generates the public key certificate for the home subnet:-

where, HS is the prefix of the home subnet, VI is the certificate validity duration, and is CA’s signature on HS , ,

and VI . A mutual secret value between the two sides of the protocol can be generated, by using the Diffie–Hellman key

exchange algorithm. Fig. 3 depicts the protocol exchanged messages between the mobile node MN , the home agent HA,

and the correspondent node CN .

Fig. 3 Message exchange in Home Agent Proxy Protocol.

In Fig. 3, it can be seen that the mobile node MN sends message REQ to home agent HA, and receives REP from it.

Likewise, the correspondent node CN, receives COOKIE0, EXCH0, and CONFIRMS from home agent HA and sends

COOKIE1 and EXCH1 back to it.In this case the intruder is able to produce a sequence of request packets to the other

protocol side with a different cheated source IP address. Thus, the cookies could create security vulnerability in this

protocol. When the other side of the protocol receives the request, it certifies cookies before executing elaborate

cryptographic computations of the public key. The route optimization request REQ is sent by the mobile node MN to

home agent HA, taking into consideration the HAP message contains the IP addresses of the source and destination in the

first two fields.

where, CNA is the IP address of the correspondent node CN, and is a nonce value (present time) used to verify the

reply message REP. IPsec-protected secure tunnel is used to send the route optimization request REQ to MN ’s home

subnet. This may not always be possible, and manual keying might be preferred in certain circumstances. Here, Home

agent HA uses IPv6 ‘‘neighbor discovery’’ [2] to intercept REQ. The home agent HA does not pass REQ to CN directly;

but it generates a cookie and transmits







to the correspondent node CN , where CN responds by creating a cookie , and nonce , and sends as:-

to mobile node MN , taking into consideration that is MN ’s home address HoA, is used as a destination address in. Thus, this message is received by MN ’s home subnet and intercepted by the home agent H A using IPv6

neighbor discovery. To check the authenticity of in COOKIE1, the home agent HA creates a nonce and a Diffie–

Hellman secret value x such that x<p, then it calculates its Diffie–Hellman public value and the corresponding

signature using home link’s private key :-

whereTS is a timestamp. This timestamp is used to trail the offender in the case malicious mobile node flooding attack

takes place, and there is no need for the recipient to check TS during the message exchange. Eventually, home agent HA

responds to correspondent node CN with the exchange message

In Home Agent Proxy Protocol, we can consider HA as a counterpart to web server, and CN and a counterpart to web

browser. CAs issue public key certificates directly to HAs. This protocol provides a resilient one-way authentication of

MN|HoA to CN and provides a secure sharing of a secret session key between CN and MN . As a result HAP counteracts

the session hijacking attack as illustrated in Fig. 2(a). Public key cryptographic operations in HAP protocol are usually

performed in correspondent nodes, while the mobile nodes are not required to perform such operations. However, if the

correspondent node is a server computer, there is nothing to worry about as the energy source and computational power is

available all the time.

Fig. 4 Correspondent node as a mobile node. On the other hand, if the correspondent node is a mobile node with limited battery life and limited computational power

and battery life, this will constitute a problem, that can be resolved by offloading the cryptographic operations to its home







agent, but at the expense of increasing the security threats. Fig. 4 illustrates this case, where and are the

home agents of CN and MN , respectively.

V.CONCLUSIONS

Security has become a primary concern to provide secured communication in mobile wireless networks. The unique

features of mobile networks create a number of tough challenges to security strategy, such as open peer-to-peer network

architecture, joint wireless channel, rigorous resource restraints, highly dynamic network topology, and lack of a trusted

infrastructure. Pervasive roaming influences on a radio access system by demanding that it sustains handover between

neighboring cells and other networks.

Mobile IP allows mobile nodes to have unbroken communications when they change their points of connection in the

Internet. However, the mobility of the communicating nodes has created new threats to data security, including redirect

attacks, which perhaps deserve significant consideration.

In this paper, two very different protocols that are designed to secure correspondent binding updates in order to prevent

redirect attacks are reviewed and presented. The major advantage of the Cryptographically Generated Addresses

Protocol (CGA) is that it does not presume the availability of an Internet wide public key infrastructure (PKI). Yet, it

provides only restricted protection against redirect attacks. The Home Agent Proxy Protocol (HAP) uses the Diffie–

Hellman key exchange algorithm, and the digital signature structure, where public key certificates are issued for homesubnets according to home subnet prefixes, and they are not issued for every mobile node. This approach makes the

issuing, tracking, and revocation of certificates more controllable and practical.

REFERENCES

[1]

R. Shorey, Mobile, wireless, and sensor networks technology, applications and future directions, by John

Wiley & Sons, Inc., 2006.

[2]

D. Johnson, C. Perkins, and J. Arkko, Mobility Support in IPv6, IETF RFC 3775, June 2004.

[3]

G. O’Shea and M. Roe, Child-proof authentication for MIPv6 (CAM), Computer & Communications. Rev.

April, 2001.

[4]

T. Aura, Cryptographically generated addresses (CGA), Proc. 6th Information Security Conf., LNCS 2851,

Bristol, UK, 2003.

[5]

R. Deng, J. Zhou, and F. Bao, Defending against redirect attacks in mobile IP, Proc. 9th ACM Conf.Computer and Communications Security, pp. 59–67, Nov., 2002.

[6]

S. Thomas and T. Narten, IPv6 Stateless Address Auto-configuration, IETF RFC 2462, Dec. 1998.

[7] S. Kent and R. Atkinson, IP Encapsulating Security Payload (ESP), IETF RFC 2406, Nov. 1998.

[8] Amin Al-Ka’bi, “Security in Mobile Wireless Networks” Proceedings of IEEE International Conference on

Signal Processing and Communication (ICSC-2013), Noida, Uttar Pradesh, India, on 12-14 December, 2013.

[9] J. Bound et al., Dynamic Host Configuration Protocol for IPv6 (DHCPv6), IETF RFC 3315, July 2003.

AUTHORAmin Al Ka’bi was born in Jordan. He received his B.Sc. and M.Sc. degrees from the University of

Jordan in 1989 and 1992 respectively, majoring in Electrical Engineering. He got his Ph.D. from

the University of Queensland, Australia in 2006 in the field of Electrical

Engineering/Communications. He has long industrial and academic experience in reputable

financial and academic institutions before joining the Australian College of Kuwait as an Assistant

Professor. His current research interests focus on wireless communication systems and signal

processing.

On Security in Wireless Mobile Networking

Documents