mngn2005 wireless security
TRANSCRIPT
Arpan Pal, MNGN2005
Wireless Security – Wireless Security –
State-of-the-Art and FutureState-of-the-Art and Future
Arpan Pal Arpan Pal
Practice Head, DSP and Communications
Center of Excellence for Embedded Systems
Tata Consultancy Services Ltd.
Arpan Pal, MNGN2005
AgendaAgenda
Security Framework
State-of-the-art
Next Generation Wireless – Security Needs
Next Generation Wireless – Work Done @ TCS
Arpan Pal, MNGN2005
Things Required to protect a secure systemThings Required to protect a secure system Integrity
Message transmitted never corrupted Confidentiality
Certain information never disclosed to unauthorized entities Authentication
Verify identity of peer node Authorization
Perform pre-defined actions after authentication Availability
Survivability of the network in Denial-of-Service attack Nonrepudiation
Neither sender nor receiver of a message be able to deny transmission
Arpan Pal, MNGN2005
Security FrameworkSecurity Framework
Security Protocol
•Secured Session Initiation •Capability Negotiation•Authentication•Secured Data Transmission and Reception•Secure Session Termination
Security AlgorithmsKey Generation
AlgorithmCipher Algorithm
Digestion Algorithm
Digital Certificates
Big Integer Math Library
Arpan Pal, MNGN2005
Wireless Local Area Network (WLAN) Wireless Local Area Network (WLAN) IEEE 802.11IEEE 802.11
Arpan Pal, MNGN2005
Wireless Local Area Network (802.11)Wireless Local Area Network (802.11)
InfrastructureAd hoc Networks/Sensor Networks
AccessPoint
AccessPoint
Distribution
System
Arpan Pal, MNGN2005
Wireless Local Area Network (802.11)Wireless Local Area Network (802.11)
Application
No security in upper layers
Presentation
Session
Transport
Network
Data-link (MAC) Authentication, Encryption (WEP) and Integrity check (CRC)
PhysicalModulation (FHSS, DSSS, OFDM) protects eavesdropping
802.
11
Arpan Pal, MNGN2005
Security Framework – 802.11Security Framework – 802.11
Security Protocol•Session Initiation
•Start•Scan•Join
•Capability Negotiation•Open/Shared Negotiation•WEP enabled or disabled
•Authentication•Open Authentication•Challenge Text Password Protocol
•Secured Data Transmission and Reception•Secure Session Termination
Digestion Algo Digital Certificates
Big Integer Math Library
Key Gen Algo
NULL
Cipher Algo
RC4
CRC-32 NULL
Arpan Pal, MNGN2005
Wireless Local Area Network (802.11)Wireless Local Area Network (802.11)
WEP – Drawbacks IV is 24 bits – Keyspace gets exhausted, quicker if packets are
smaller Shared Key is distributed manually
802.1X Adopts EAP (Extensible Authentication Protocol) 2 – level Authentication MD5
Wireless Station
Access Point
Authentication Server
Arpan Pal, MNGN2005
Wireless Local Area Network (802.11)Wireless Local Area Network (802.11)
802.11i Adopts some part of 802.1X 128 bits encryption key, 128 bits IV – more security Introduces TKIP (Temporal Key Integrity Protocol)
• per-packet keying (PPK) – different key for each packet
• a message integrity check (MIC) – better than CRC-32 checksum
• a re-keying mechanism Introduces AES (Advanced Encryption Standard)
• Better encryption technology
• Resource Consuming, so requires new hardware Introduces WRAP (Wireless Robust Authentication Protocol) Introduces CCMP (Counter Mode CBC MAC Protocol)
Arpan Pal, MNGN2005
BluetoothBluetooth
Arpan Pal, MNGN2005
Wireless Personal Area Network Wireless Personal Area Network Bluetooth [IEEE 802.15.1]Bluetooth [IEEE 802.15.1]
Arpan Pal, MNGN2005
Wireless Personal Area Network Wireless Personal Area Network Bluetooth [IEEE 802.15.1]Bluetooth [IEEE 802.15.1]
Security
Arpan Pal, MNGN2005
Bluetooth SecurityBluetooth Security
3 security Modes – device can only support one at a time Non-secure Service-level enforced security Link level enforced security – prior to channel setup
3 categories of device with 2 levels of trust Trusted- previously authenticated and marked as trusted Untrusted devices - known devices that have been previously
authenticated, but are not marked as trusted Unknown untrusted – no security information known
Arpan Pal, MNGN2005
Security Framework - BluetoothSecurity Framework - Bluetooth
Security Protocol
•Session Initiation•Capability Negotiation
•Security Modes (Nonsecure, Service level enforced security, Link-level enforced Security)
•Authentication•Exchange of Random Number•Challenge-Response Protocol
•Secured Data Transmission and Reception•Secure Session Termination
Digestion Algo Digital Certificates
Big Integer Math Library
Key Gen Algo
E2, E3
Cipher Algo
E0
E1, CRC NULL
Arpan Pal, MNGN2005
Wireless Personal Area Network (WPAN) Wireless Personal Area Network (WPAN) IEEE 802.15IEEE 802.15
Arpan Pal, MNGN2005
Wireless Personal Area Network Wireless Personal Area Network [IEEE 802.15.3][IEEE 802.15.3]
Piconet Controller (PNC) Sole source of local message control and facilitates admission of ordinary
devices to the piconet
Arpan Pal, MNGN2005
Wireless Personal Area Network (WPAN)Wireless Personal Area Network (WPAN) [IEEE 802.15.3] [IEEE 802.15.3]
Security
Arpan Pal, MNGN2005
Security Framework - [IEEE 802.15.3]Security Framework - [IEEE 802.15.3]
Security Protocol
•Session Initiation•Capability Negotiation
•Mode 0 (Unsecured) or Mode 1 (Secured)
•Authentication: Challenge-Response Protocol between
•DEV-DEV•PNC-DEV•New PNC- Old PNC
•Secured Data Transmission and Reception•Secure Session Termination
Digestion Algo Digital Certificates
Big Integer Math Library
Key Gen Algo
NULL
Cipher Algo
AES
CRC NULL
Arpan Pal, MNGN2005
Wireless Metropolitan Area Network Wireless Metropolitan Area Network (WMAN) IEEE 802.16(WMAN) IEEE 802.16
Arpan Pal, MNGN2005
Wireless Metropolitan Area Network Wireless Metropolitan Area Network – IEEE 802.16– IEEE 802.16
Archite
cture
Archite
cture
802.16
Base StationSubscriber Station
Arpan Pal, MNGN2005
Wireless Metropolitan Area Network Wireless Metropolitan Area Network – IEEE 802.16– IEEE 802.16
Arpan Pal, MNGN2005
Security Framework Security Framework – IEEE 802.16– IEEE 802.16
Security Protocol
•Session Initiation•Capability Negotiation•Authentication•Periodic Reauthorization and Key Refresh•Secured Data Transmission and Reception•Secure Session Termination
Digestion Algo Digital Certificates
Big Integer Math Library
Key Gen Algo
RSA
Cipher Algo
DES, AES, TEK (3-DES, AES, RSA)
X.509SHA-1
Arpan Pal, MNGN2005
Global System for Mobile Communication Global System for Mobile Communication (GSM)(GSM)
Arpan Pal, MNGN2005
Global System for Mobile CommunicationGlobal System for Mobile Communication
SIM
AuC
HLR
VLR
MSC
BS
MS
A3,A8, IMSI, Ki, Kc
A5
A5, IMSI, Kc A3,A8, IMSI, Ki
RAND, SRES, Kc
RAND, SRES, Kc
MS: Mobile Station BS: Base Station VLR: Visiting Location Register HLR: Home Location Register MSC: Mobile Switch Center AuC: Authentication Center RAND: Random SRES: Signed Response
A3: Authentication Algorithm A5: Ciphering Algorithm A8: Ciphering Key Generation Algorithm IMSI: International Mobile Subscriber Identity Ki: Individual Subscriber Authentication Key Kc: Ciphering Key SIM: Subscriber Identity Module Smart Card
Arpan Pal, MNGN2005
Security Framework - GSMSecurity Framework - GSM
Security Protocol
•Session Initiation•Capability Negotiation
•Exchange of Random Number•Exchange of Cryptographic Service primitives
•Authentication•Challenge-Response Protocol
•Secured Data Transmission and Reception•Secure Session Termination
Digestion Algo Digital Certificates
Big Integer Math Library
Key Gen Algo
A8
Cipher Algo
A5
A8, COMP-128 NULL
Arpan Pal, MNGN2005
Next Generation Wireless NetworksNext Generation Wireless Networks
Arpan Pal, MNGN2005
A Mobile LifestyleA Mobile Lifestyle
HOME
PUBLICTRANSPORT AUTO
WORK
OUTDOORS
RURAL
WWAN
WLAN
WPAN
WMAN
HOT SPOTS
Vision of Seamless MobilityVision of Seamless Mobility
ChallengesChallenges• QoSQoS• SecuritySecurity
ChallengesChallenges• QoSQoS• SecuritySecurity
Single-network fixed function devices evolving to multi-network multi-function
“Always-on” Communication – anytime, anywhere, any network
Seamless transition across networks
Courtesy: Dan Dahle, Senior Strategic Architect, Intel Corporation, IWS 2005Courtesy: Dan Dahle, Senior Strategic Architect, Intel Corporation, IWS 2005
Arpan Pal, MNGN2005
WANWAN MANMAN LANLAN PANPAN
3G3GWCDMA/HSDPAWCDMA/HSDPA
GPRS/EDGEGPRS/EDGEEVDOEVDO
WiMAXWiMAX802.16802.16
BroadbandBroadband
Wi-Fi*Wi-Fi*802.11802.11
UWBUWBandand
Bluetooth*Bluetooth*
Continuum of Wireless TechnologiesContinuum of Wireless Technologies
NFCNFCRFID/RFID/TAGTAG
**
Subscriber StationsSubscriber Stations
Next Generation Networks Span Usage RangeNext Generation Networks Span Usage RangeNext Generation Networks Span Usage RangeNext Generation Networks Span Usage Range
Courtesy: Dan Dahle, Senior Strategic Architect, Intel Corporation, IWS 2005Courtesy: Dan Dahle, Senior Strategic Architect, Intel Corporation, IWS 2005
Arpan Pal, MNGN2005
User Needs for Wireless 2010+User Needs for Wireless 2010+
Services Services Audio-Voice-Video-Data Audio-Voice-Video-Data
ScalabilityScalabilityNetwork & DevicesNetwork & Devices
User NeedsUser Needs
Next Gen WiMAXNext Gen WiMAX3GPP-LTE3GPP-LTE
ETSI TISPANETSI TISPAN……..
Mobility, Mobility, Interference, Interference,
CapacityCapacity
Bandwidth, Bandwidth, Throughput, Power Throughput, Power
Consumption, Consumption, ComplexityComplexity
Throughput, Latency, Throughput, Latency, Tolerance For Loss, Tolerance For Loss,
Symmetric and Symmetric and Asymmetric ServicesAsymmetric Services
Wireless RequirementsWireless Requirements
Common User Needs Yield Common Wireless RequirementsCommon User Needs Yield Common Wireless RequirementsCommon User Needs Yield Common Wireless RequirementsCommon User Needs Yield Common Wireless RequirementsCourtesy: Dan Dahle, Senior Strategic Architect, Intel Corporation, IWS 2005Courtesy: Dan Dahle, Senior Strategic Architect, Intel Corporation, IWS 2005
Cross-layer Cross-layer SecuritySecurity
Cross-layer Cross-layer SecuritySecurity
CoverageCoverageAnywhereAnywhere
Arpan Pal, MNGN2005
Three Directions of Mobile EvolutionsThree Directions of Mobile Evolutions
3. Progress of Media Convergence 3. Progress of Media Convergence
2. From the Growth in Quantity to the Growth in Quality
2. From the Growth in Quantity to the Growth in Quality
1. From Person to Person Communications to Non-Person Communications
1. From Person to Person Communications to Non-Person Communications
Courtesy: Dr. Yasuo Hirata, Chairman, KDDI R&D Labs, IWS 2005Courtesy: Dr. Yasuo Hirata, Chairman, KDDI R&D Labs, IWS 2005
Arpan Pal, MNGN2005
Towards Ubiquitous Network Society
Towards Ubiquitous Network Society
Person
Person
Things
Voice Mail Photo
Home Appliance, RFID, Camera
Data Video
Data
Whoever
Wherever
WhateverITS 、 Sensor 、 Disk
Person
Things
Things
Courtesy: Dr. Yasuo Hirata, Chairman, KDDI R&D Labs, IWS 2005Courtesy: Dr. Yasuo Hirata, Chairman, KDDI R&D Labs, IWS 2005
Privacy Policy
Core Items in
Ubiquitous
Environment
Core Items in
Ubiquitous
Environment
Security Policy
Future Trends
Arpan Pal, MNGN2005
Courtesy: Dr. Henry Tirri, Nokia Research Center, IWS 2005Courtesy: Dr. Henry Tirri, Nokia Research Center, IWS 2005
Arpan Pal, MNGN2005
My personal Adaptive Global NETwork My personal Adaptive Global NETwork (MAGNET)(MAGNET)
User-centric approach to improve the quality of life for the end-user More smarter smarter, more responsive, and more accommodating
Environments to the needs of the individual Everything without jeopardizing privacy and security.
Arpan Pal, MNGN2005
My personal Adaptive Global NETwork My personal Adaptive Global NETwork (MAGNET)(MAGNET)
Bluetooth
InternetIntranet
WLANAccess Point
ApplicationServer
IrDA
WLAN
Node B RNC
3G GGSN3G SGSN
UMTS
RNC Radio Network ControllerSGSN Serving GPRS Support NodeGGSN Gateway GPRS Support Node
BluetoothAccess Point
Arpan Pal, MNGN2005
Next Generation Service DeploymentNext Generation Service Deployment
Courtesy: Ingo Elsen, Ericsson EurolabCourtesy: Ingo Elsen, Ericsson Eurolab
Arpan Pal, MNGN2005
Security Requirements of Future Security Requirements of Future – Its all about Convergence– Its all about Convergence
Convergence of heterogeneous networks (clusters) Generic definition of identities and credentials Generic AAA (Authentication, Authorization, Accounting) Secure Roaming and Routing strategy
Convergence of Devices (Any Service Anywhere on Any capable device) Security at every layer Secure device discovery
Convergence of Applications and Services (Context-Awareness) Secure Service discovery Privacy Policy
Convergence of Content (Audio, Video, Data, Sensors) Security at every layer Content level security
Arpan Pal, MNGN2005
Next Generation Wireless Networks – Next Generation Wireless Networks – Work Done @ TCSWork Done @ TCS
Arpan Pal, MNGN2005
Physical Layer EncryptionPhysical Layer EncryptionConventional Stream Ciphering SystemsConventional Stream Ciphering Systems
MAC
PHY
PHY
Channel
EncryptionFunction
MAC Data Path
EncryptionAlgorithm
Key K
MAC
DecryptionFunction
MAC Data Path
DecryptionAlgorithm
Key K
Recording Point &
Decryption Point Coincide
Hardware
Encryption done at MAC layer At the receiver
The decrypted data is available at Hardware-Software interface – hence recordable Commutative Property of the Encryption operator (normally XOR) makes it prone to attacks – Vernam Cipher property
Arpan Pal, MNGN2005
MACChannelEncoder
Modulator
Channel
DemodulatorChannel DecoderMAC
PHY
PHY
EncryptionFunction
EncryptionAlgorithm
Key K
DecryptionFunction
EncryptionAlgorithm
Key K
Encryption done at PHY layer Encryption Function - XOR or some other PHY layer transforms like
Scrambling Phase Shift between I and Q channels etc.
Advantages Decrypted data directly not available to the Hacker for Recording as normally PHY is located within a embedded chipset. Presence of Difficult-to-Invert blocks like Channel Decoder between the recording point at MAC-PHY interface and Decryption point makes known plain-text attack very difficult
Recording Point
Decryption Point
Hardware
Decryption can be moved here also
Encryption can be moved here also
Physical Layer EncryptionPhysical Layer EncryptionProposed SystemProposed System
Arpan Pal, MNGN2005
Watermark is the practice of imperceptibly altering a cover to embed a message about that
cover
Challenges in Video• Embedding Watermark in the Compressed Domain, e.g. H.264• Real-time performance• Encrypted Watermarking
Content SecurityContent Security
Arpan Pal, MNGN2005
Thank YouThank You