Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.

Wireless Security

In wireless networks

Security and Assurance - Goals Integrity

• Modified only in acceptable ways• Modified only by authorized people• Modified only by authorized processes

Availability

• Service request is completed in an acceptable period of time

• Timely response to requests

Confidentiality• Only authorized people or systems can access protected

data.

Threats, Vulnerabilities and Controls

Threats

circumstances that have the potential to cause harm

InterceptionInterruptionModificationfabrication

Vulnerabilities

weaknesses in a security system

Controls

protective measures

Security Needs for Mobile Networks

Basic security services provided by a wireless communication system• Encryption

• Confidentiality of user message transferred over the wireless channel

• Session key establishment • Between Home Network and a Mobile Station

• Between two different Mobile Stations

• Authentication

• For the validation of the identity of the mobile user

Cryptosystems

Cryptosystems are employed to cover up the content of the message exchanged between two parties

Two major types of Cryptosystems:• Public-Key (Asymmetric-Key)

• Ex. RSA (Rivest, Shamir, and Adleman)

• Symmetric-Key• Ex. DES (Data Encryption Standard)

Public-Key Cryptosystems Public-key P.txt = D(kPRIV , E(kPUB, P.txt)). (Asymmetric-Key) systems are easy to manage:

• Download the recipients public key. • Encrypt the message. • Send it. • The recipient uses the private key to decrypt.• Public-Key requires more computation (RSA is 1000 times slower than

DES). Modular Square Root (MSR) is a variant of RSA that requires only one modular multiplication, which is acceptable for a MS

Authentication Problem You have to know who you are talking to Sender E(kpubR , E(kprivS, P.txt)) Receiver

Symmetric-Key Cryptosystems

Strengths of Symmetric-Keys is based on:

Secrecy of the key

Difficulty of guessing the key

Difficulty of inverting the encryption (i.e., breaking the algorithm)

Computations needed are negligible compared to Public-Key

Mobile Network Environment

Network VN

MS

Network HN

Communication between a HN and VN

Analysis of Protocol 1 Symmetric-Key Encryption

1. MS HN: r

2. MS HN: IDMS, f(k, r)

An identity of each party is denoted by ID f() is a symmetric key encryption function such as DES The Home Network (HN) broadcasts systems information

including a random number r MS sends IDMS & f(k,r) to the HN k is the secret key shared between MS and HN HN find’s MS’s secret key – database – completes

authentication to the MS by verifying f(k,r)

Analysis of Protocol 1 Symmetric-Key Encryption (contd.)

The advantage of this protocol is that computation of f() can be easily performed by the MS having the low computational power.

The disadvantage, well…., do you think it will be easy to protect and maintain the database containing the secret keys of MS?

PROBABALY NOT!!!

Analysis of Protocol 2 Public Key Certificate

Assume a universally trusted certificate authority (CA) – run by a single, large SP

Each MS is provided with a certificate which contains:• MS’s identity• The current expiration date• Certificate authority’s signature• Certificate authority’s private key (sCA)

The MS and HN have the following certificatescertHN = {IDHN,pHN,dateHN,[h(IDHN,pHN,dateHN)]sCA}

certMS = {IDMS,dateMS,[h(IDMS,dateMS)]sCA} date denotes the expiration of the certificate pHN means the public key of the HN […] sCA means signing […] using a private key of the CA

Analysis of Protocol 2 Public Key Certificate (contd.)

1. MS HN: certHN

2. MS HN: [ks]pHN, f(ks,certMS)

3. MS HN: f(ks,[IDMS, IDHN])

The home network HN broadcasts its certificate certHN The MS can authenticate the HN by verifying the signature with the pCA

corresponding to sCA Session key ks randomly chosen by MS – encrypted with pHN and the

encrypted session key [ks]pHN is sent to the HN with the certMS encrypted with ks

HN decrypts [ks]pHN with its secret key sHN MS can also be authenticated based on its secret certificate Since anyone who obtains certMS, can impersonate MS, it should be

protected – ks encrypts the message

ServerServerServerServerServerServerServerServer

ServerServerServerServerHNHNHNHN

WorkstationWorkstationWorkstationWorkstation

MS

KerberosKerberosDatabaseDatabase

CertificateCertificate GrantingGranting ServerServer

CertificateCertificate GrantingGranting ServerServer

AuthenticationAuthentication ServerServer

AuthenticationAuthentication ServerServer

Kerberos Key Distribution ServiceKerberos Key Distribution Service

Protocol 1 -vs- Protocol 2certHN = {IDHN,pHN,dateHN,[h(IDHN,pHN,dateHN)]sCA} certMS = {IDMS,dateMS,[h(IDMS,dateMS)]sCA}

Protocol 1

1. MS HN: r

2. MS HN: IDMS, f(k, r)

Protocol 2

1. MS HN: certHN

2. MS HN: [ks]pHN, f(ks,certMS)

3. MS HN: f(ks,[IDMS, IDHN])

Strengths & Weaknesses of Protocols 1-3 Protocol 1: Symmetric-Key

• Negligible computation compared to Public-key

• Difficult to maintain and protect database of secret keys

Protocol 2: Public Key

• Computationally higher, although this is reduced by MSR

• Does not protect against impersonation of the MS

WEP key encryption

WEP key is used as a standard mode of encryption for the wireless lans. It is a symmetric key encryption used to prevent eavesdropping. It also prevents unauthorized users from accessing the lan. 40- bit and 128- bit WEP keys are available.

Working of WEP key

User and the Access point have a shared WEP key. RC4 algorithm expands a short key into infinite pseudo- random key streams. Checks to see if the key is from an authorized user.

RC4(streamcypher) encryption and decryption

State40-bytekey

Initialization Vector

XOR

Key-stream

Plaintext Cipher-text

Encryption box

One-time pad & XORD with

plain text

Problems in WEP key Encryption

• Decrypt using statistical analysis.

• Active attack to inject traffic.

• Active attack to decrypt packets

• Modify destination IP

• Send a packet to a remote known computer.

Problems in WEP keyencryption

Dictionary attack• Initialization vector

Man in the middle attacks• Intercepts authentication messages to gain

access to the network

Message Integrity Check (Interceptor)

Conclusion

It is not easy to achieve complete security

but reasonable security of wireless network can be achieve if we integrate all the security techniques available.