Security and Cooperation, Wrap up

1
Security and Cooperation, Wrap up
4/23/2009 Richard Yang
2
Admin.

• Projects due May 12
• We will continue to hold regular office hours
  until May 12 or you can send email to make
  appointments

3
Recap Adaptive Mobile Applications
request
client
service
result

• Client
• informs service capability/status
• makes best use of available resource/data
• Service adapts to client capability/status
• audio/image/video/web content adaption

4
Example Adapting Web Content

• One major goal of the World Wide Web Consortium
  (W3C) has been device-independent content by
  decoupling layout from rendering
• What are some arguments that we need to adapt web
  content for mobile devices?

5
Web Content Adaption Approaches

• HTML auto formatting
• Variant selection (e.g., according to HTTP accept
  or x-wap-profile of UAProf)
• Content negotiation
• RFC 2295 Transparent Content Negotiation in HTTP
• Transcoding
• E.g., pdf to html, html to XHTML-MP/WML

6
Example Adapting Web Content

• WAP defines wireless application environment
  (WAE) to produce content suitable for wireless
  devices
• XHTML-MP (mobile profile) in WAP 2.0
• Wireless Markup Language (WML) in earlier
  versions of WAP

7
Was WAP Forum, co-founded by Ericsson, Motorola,
Nokia, Unwired Planet now Open Mobile Alliance
(Open Mobile Architecture WAP Forum SyncML
)
WAP 2.0 Architecture
Service discovery
Security services
Application framework
Multimedia Messaging (Email)
Content formats
External services EFI
Crypto libraries
WAE/WTA User Agent (WML, XHTMLMP)
Push
Protocol framework
Provisioning
Authenti-cation
Session
Capability Negotiation
Push OTA
Cookies
Navigation Discovery
Identification
Synchronisation
Transfer
Hypermedia transfer (WTPWSP, HTTP)
Strea-ming
MMS
Service Lookup
PKI
Transport
Datagrams (WDP, UDP)
Connections (TCP with wireless profile)
Secure transport
Bearer
Secure bearer
IPv4
CSD
USSD
GPRS
...
IPv6
SMS
FLEX
MPAK
...
8
WAE
Session
Transport
Transport layer security
Datagram
9
Wireless Markup Language

• W3C XML-based language
• Tag-based browsing language
• screen management (text, images)
• data input (text, selection lists, etc.)
• hyperlinks navigation support

10
WML High-Level Structure

• WML pages are called DECKS
• Each deck consists of a set of CARDS, related to
  each other with links
• When a WML page is accessed from a mobile phone,
  all the cards in the page are downloaded from the
  WAP server

11
WML Elements

• Deck/Card Elements
• wml card template head access meta
• Tasks
• go prev refresh noop
• Event Elements
• do ontimer onpick onevent postfield
  onenterforward onenterbackward
• Variables
• setvar
• User input
• input select option optgroup fieldset
• Anchors, Images, and Timers
• a anchor img timer
• Text Formatting
• br p table tr td

12
WML Example
lt?xml version"1.0"?gt lt!DOCTYPE wml PUBLIC
"-//WAPFORUM//DTD WML 1.1//EN" "http//www.wapforu
m.org/DTD/wml_1.1.xml"gt ltWMLgt ltCARDgt ltDO
TYPEACCEPTgt ltGO URLeCard/gt
lt/DOgt Welcome! lt/CARDgt ltCARD
NAMEeCardgt ltDO TYPEACCEPTgt ltGO
URL/submit?N(N)S(S)/gt lt/DOgt Enter
name ltINPUT KEYN/gt Choose speed
ltSELECT KEYSgt ltOPTION VALUE0gtFastlt/OPT
IONgt ltOPTION VALUE1gtSlowlt/OPTIONgt
ltSELECTgt lt/CARDgt lt/WMLgt
13
Navigation Path An Example
ltWMLgt ltCARDgt ltDO TYPE"ACCEPT"
LABEL"Next"gt ltGO URL"card2"/gt
lt/DOgt DalhousieltBR/gtDirectory
lt/CARDgt ltCARD NAME"card2"gt ltDO
TYPE"ACCEPT"gt ltGO
URL"?sendtype"/gt lt/DOgt
Services ltSELECT KEY"type"gt
ltOPTION VALUE"em"gt1.Emaillt/OPTIONgt
ltOPTION VALUE"ph"gt2.Phonelt/OPTIONgt
ltOPTION VALUE"fx"gt3.Faxlt/OPTIONgt
lt/SELECTgt lt/CARDgt lt/WMLgt
14
Third Party Adaptation WAP Gateways

• Translate, e.g.,
• between text WML and binary WML (WMLC)
• from HTML web sites to WML, WMLC, or XHTML-MP
• Add additional information to each request
• this would be configured by the operator and
  could include telephone numbers, location,
  billing information, and handset information

15
WAP Gateway for Web

• Provides a link between a mobile network and
  Internet
• Converts the 'Web' response into a 'WAP'
  response, e.g.,
• HTML -gt WML pages, or WML bytecode (WMLC) to
  reduce the size and number of packets

16
Example Message Flow
HTTP
WAP
17
Example

• http//en.wikipedia.org/wiki/WikipediaWAP_access

18
Status

• WAP 2.0 is moving towards XHTML-MP
• XHTML-MP removes many WML features
• http//www.developershome.com/wap/xhtmlmp/xhtml_mp
  _tutorial.asp?pagewmlFeaturesLost
• Given emergence of newer phones such as iPhone
  and Android, it is not clear special content
  encoding is necessary

19
Summary

• Adaptation is a key design consideration of
  mobile application/systems
• It involves efforts of both clients and services

20
Big Picture
Applications (Adaptation, and support for
adaptations)
Application Development Framework
Foundational Primitives Communications,
Location, Service Discovery,UI/Media, Power
Management, Security
21
Security and Cooperation in Wireless and Mobile
Networks
22
Introduction

• This is a vast and active field, a course by
  itself
• Many references on wireless security
• A good book on wireless cooperation
• Thwarting Malicious and Selfish Behaviorin the
  Age of Ubiquitous Computing, by Levente Buttyan
  and Jean-Pierre Hubaux, Cambridge University
  Press, 2007.
• available at http//secowinet.epfl.ch/

23
Generic Network Security Attack Models
24
Why is Security Challenging in Wireless/Mobile
Networks?

• No inherent physical protection
• physical connections between devices are replaced
  by logical associations
• sending and receiving messages do not need
  physical access to the network infrastructure
  (cables, hubs, routers, etc.)
• Broadcast communications
• wireless usually means radio, which has a
  broadcast nature
• transmissions can be overheard by anyone in range
• anyone can generate transmissions,
• which will be received by other devices in range
• which will interfere with other nearby
  transmissions
• Thus it is easier to implement jamming,
  eavesdropping, injecting bogus messages, and
  replaying previously recorded messages

25
Why is Security Challenging in Mobile Networks?

• Since mobile devices typically have limited
  resources (e.g., CPU cycles, battery supply), the
  designer might want to select simple security
  mechanisms
• However, this may lead to serious security flaws
• bad example Wired Equivalent Protection (WEP),
  the original security protocol for 802.11

26
WEP A Bad Example
27
802.11 Message Flow
data messages protected by WEP
28
Wired Equivalent Privacy (WEP)

• WEP was intended to provide comparable
  confidentiality to a traditional wired network,
  thus the name
• WEP implements message confidentiality and
  integrity
• WEP encryption is used in 802.11 authentication

29
WEP Security

• WEP confidentiality
• through encryption using RC4, a stream-based
  encryption algorithm using a shared key
• WEP integrity
• through message check sum using encrypted cyclic
  redundancy check (CRC)
• WEP authentication
• through challenge/response

30
WEP Encryption

• For each message to be sent
• RC4 is initialized with the shared secret between
  station STA and access point (AP)
• WEP allows up to 4 shared keys
• RC4 produces a pseudo-random byte sequence (key
  stream) from the shared key
• This pseudo-random byte sequence is XORed to the
  message

31
WEP Encryption

• To avoid using the same key stream, WEP encrypts
  each message with a different key stream
• the RC4 generator is initialized with the shared
  secret plus a 24-bit IV (initial value)
• shared secret is the same for each message
• 24-bit IV for each message
• there is no specification on how to choose the
  IV sender picks the IV value

32
WEP Integrity

• WEP integrity protection is based on computing
  ICV (integrity check value) using CRC and
  appended to the message
• The message and the ICV are encrypted together

33
WEP
CRC
message ICV
KS
RC4
IV
secret key
encode
message ICV
IV
decode
KS
RC4
IV
secret key
message ICV
check CRC
34
Active Attack on WEP IV Replay Attacks

• A known plain-text message is sent to an
  observable wireless LAN client (how?)
• The network attacker will sniff the wireless LAN
  looking for the predicted cipher-text
• The network attacker will find the known frame,
  derive the key stream (corresponds to the give
  IVK), and reuse the key stream

35
Active Attack on WEP Bit-Flipping Attack

• The attacker sniffs a frame on the wireless LAN
• The attacker captures the frame and flips random
  bits in the data payload of the frame
• The attacker modifies the ICV (detailed later)
• The attacker transmits the modified frame
• The access point receives the frame and verifies
  the ICV based on the frame contents
• The AP accepts the modified frame
• The destination receiver de-encapsulates the
  frame and processes the Layer 3 packet
• Because bits are flipped in the higher layer
  packet, the Layer 3 checksum fails
• The receiver IP stack generates a predictable
  ICMP error
• The attacker sniffs the wireless LAN looking for
  the encrypted error message
• Upon receiving the error message, the attacker
  derives the key stream as with the IV replay
  attack

36
Bit-Flipping Attack
37
Generating Valid CRC

• The crucial step of the flipping attack is to
  allow the frame to pass the ICV check of the AP
• Unfortunately, the CRC algorithm allows
  generating valid encrypted ICV after bit flipping

38
Bypassing Encrypted ICV

• CRC is a linear function wrt to XOR
• CRC(X Å Y) CRC(X) Å CRC(Y)
• Attacker observes (M CRC(M)) Å K where K is the
  key stream output
• for any DM, the attacker can compute CRC(DM)
• hence, the attacker can compute
• (M CRC(M) Å K) Å DM CRC(DM)
• (M Å DM) (CRC(M) Å CRC(DM)) Å K
• M Å DM) CRC(M Å DM) Å K

39
WEP Authentication

• Two authentication modes
• open authentication --- means no authentication !
• an AP could use SSID authentication and MAC
  address filtering, e.g., at Yale
• shared key authentication based on WEP

40
WEP Shared Key Authentication

• Shared key authentication is based on a
  challenge-response protocol
• AP ? STA r
• STA ? AP IV (r Å K)
• where K is a 128 bit RC4 output on IV and the
  shared secret
• An attacker can compute r Å (r Å K) K
• Then it can use K to impersonate STA later
• AP ? attacker r
• attacker ? AP IV (r Å K)

41
WEP Lessons

• WEP has other problems, e.g., short IV space,
  weak RC4 keys
• Engineering security protocols is difficult
• one can combine otherwise OK building blocks in a
  wrong way and obtain an insecure system at the
  end
• example 1
• stream ciphers alone are OK
• challenge-response protocols for entity
  authentication are OK
• but they shouldnt be combined
• example 2
• encrypting a message digest to obtain an ICV is a
  good principle
• but it doesnt work if the message digest
  function is linear wrt to the encryption function

42
Fixing WEP

• After the collapse of WEP, Wi-Fi Protected Access
  (WPA) was proposed in 2003
• Then the full 802.11x standard (also called WPA2)
  was proposed in 2004
• But WEP is still in use

43
Cooperation in Wireless, Mobile Networks
44
Cooperation in Wireless Networks

• A special case of security attack is by
  rational nodes
• drop packets, mis-represent information
• Motivation
• wireless networks have limited capacity
• wireless nodes have limited resourcebattery
  power
• unlike the Internet, where commercial
  relationship is worked out, many mesh network
  nodes belong to different users and may not have
  incentive to forward others traffic
• similar free-riding problems in P2P applications

45
Reward-based Routing

• The network (authority) rewards the nodes so that
  they will forward traffic from a source to a
  destination
• Each node has a (private energy/transmission)
  cost of sending one packet to a neighbor
• The objective of the authority is to choose the
  lowest cost path
• assume cost reflects energy
• thus extending network life time/maximizing
  capacitythe community benefit

46
Node Utility

• Assume each node wants to maximize its utility
• The utility of being on the path P of a
  source-destination pair
• where - pi is the amount the network rewards
  node i - 1P(i) is 1 if node i is on the path P
  otherwise 0
• - ci is the cost of the link used in P, if a
  link from i is used

47
Discussion

• How about we reward nodes according to their
  claimed costs?

48
Payment Using VCG Mechanism

• VCG stands for Vickrey, Clarke and Groves
• The VCG mechanism
• each node sends the costs of its links to the
  authority
• the authority computes the lowest cost path from
  the source S to the destination D
• the payment to node iwhere - LCP(S,D) is
  the lowest cost path from S to D S-gtR1,
  R1-gtR2, , Rk-gtD - LCP(S,D)\i is the
  previous path but does not include the link from
  i to its next hop, if i is on the path if i is
  not on the path, it is just the previous path -
  LCP(S,D-i) is the lowest cost path from S to D
  without using i, i.e. remove node i from the
  graph and then find path

49
Example N1
Assume the true cost of N1 to D is 2
- assume N1 declares the cost as 2, how much will
N1 berewared according to the VCG mechanism?
(13)-1 3
- what is the utility of N1?
3 - 2 1
- assume N1 declares the cost as 1, how much will
N1 berewarded according to the VCG mechanism?
(13)-1 3
3 - 2 1
- what is the utility of N1?
- assume N1 declares the cost as 4, how much will
N1 berewared according to the VCG mechanism?
(13)-(13) 0
- what is the utility of N1?
0 - 0 0
50
Formal Results

• Each node reports its link costs truthfully
• Thus the network chooses the lowest cost path for
  each source-destination pair

51
Analysis on Truthfulness

• By contradiction
• Assume node is true costs for its links are Ci
  but reports Wi
• think of Wi and Ci as vectors of link costs
• The node decides to declare Wi instead of Ci only
  if the utility is higher
• The best scenario a node can be in is that it is
  given the declared costs of all other nodes
  links and then decides its declarations of the
  costs of its links in order to maximize its
  utility
• action chosen in this way is called dominant
  strategy

52
VCG Proof

• Assume the lowest cost path computed is
• LCP when the node reports Ci, and
• LCP when reports Wi
• it must be the case that (1P(i) meant i on path
  P)

Right hand side is LCP we computed left hand
side is one path. Contradiction.
53
Revisit some slides of first class
54
Enabling Technologies

• Development and deployment of wireless/mobile
  technology and infrastructure
• in-room, in-building, on-campus, in-the-field,
  MAN, WAN, GPS
• Miniaturization of computing machinery
• . . . -gt PCs -gt laptop -gt PDAs/smart phones -gt
  embedded computers/sensors
• Improving device capabilities/software
  development environments, e.g.,
• andriod http//code.google.com/android/
• iphone http//developer.apple.com/iphone/
• windows mobile

55
At Home
56
At Home
Source http//teacher.scholastic.com/activities/s
cience/wireless_interactives.htm
57
Mobile and Wireless Services Always Best
Connected
LAN 100 Mbit/s, WLAN 54 Mbit/s
UMTS Rel. 5 400 kbit/s
GSM 53 kbit/s Bluetooth 500 kbit/s
LAN, WLAN 780 kbit/s
UMTS, DECT 2 Mbit/s
GSM/EDGE 135 kbit/s, WLAN 780 kbit/s
UMTS Rel. 6 400 kbit/s
GSM 115 kbit/s, WLAN 11 Mbit/s
58
Habitat Monitoring Example on Great Duck Island
A 15-minute human visit leads to 20 offspring
mortality
59
Why is the Field Challenging?
60
Challenge 1 Unreliable and Unpredictable
Wireless Coverage

• Wireless links are not reliable they may vary
  over time and space

What Robert Poor (Ember) calls The good, the
bad and the ugly
61
Challenge 2 Open Wireless Medium

• Wireless interference
• Hidden terminals
• Exposed terminal

S1
R1
S2
R1
S1
R1
S2
R1
S1
S2
R2
62
Challenge 2 Open Wireless Medium

• Wireless interference
• Hidden terminals
• Exposed terminal
• Wireless security
• eavesdropping, denial of service,

R1
S1
S2
R1
S1
R1
R2
R1
S1
S2
R2
63
Challenge 3 Mobility

• Mobility causes poor-quality wireless links
• Mobility causes intermittent connection
• under intermittent connected networks,
  traditional routing, TCP, applications all break
• Mobility changes context, e.g., location

64
Challenge 4 Portability

• Limited battery power
• Limited processing, display and storage

• Laptop
• fully functional
• standard applications
• battery 802.11

• Mobile phones
• voice, data
• simple graphical displays
• GSM/3G

Performance/Weight/Power Consumption
65
Challenge 5 Changing Regulation and Multiple
Communication Standards
wireless LAN
cordlessphones
cellular phones
satellites
1980CT0
1981 NMT 450
1982 Inmarsat-A
1983 AMPS
1984CT1
1986 NMT 900
1987CT1
1988 Inmarsat-C
1989 CT 2
1991 DECT
1991 D-AMPS
1991 CDMA
199x proprietary
1992 GSM
1992 Inmarsat-B Inmarsat-M
1993 PDC
1997 IEEE 802.11
1994DCS 1800
1998 Iridium
1999 802.11b, Bluetooth
2000GPRS
2000 IEEE 802.11a
analogue
2001 IMT-2000
digital
Fourth Generation (Internet based)
66
Topics not Covered

• There are several topics that are quite
  interesting but we do not have time to cover in
  more detail, e.g.,
• Cognitive radio
• Virtualization of wireless networks
• Sync (e.g., SyncML) /replicate management
• Context-aware applications design
• Mobile device management
• Controlled mobility

67
Summary

• Driven by technology and vision
• infrastructure (communication/location)
• device miniaturization
• mobile computing platforms
• The field is moving fast and has many
  opportunities

68
Backup Slides on Cooperation
69
Backup Slides on Sync/Replicate Management
70
Discussion

• What challenges does the file system face in
  wireless/mobile environment?

71
The Problems Caused by Mobility

• Read miss
• stalls progress (the user has to stop working)
• Synchronization/consistency issues
• may need to synchronize multiple copies of the
  same file
• if multiple users, may need to solve consistency
  problems
• Heterogeneous device types
• each device has its own file systems and naming
  convention, e.g., digital camera, ipod

72
Approaches

• Read miss
• explicit user file selection, e.g., MS briefcase
• automatic hoarding, e.g., CODA, SEER
• Synchronization/consistency issues
• keep modification logs and develop merge tools,
  e.g., Bayou
• efficient file comparisons and merging, e.g.,
  rsync, LBFS
• Heterogeneous device types
• masks the differences , e.g., EnsemBlue

73
SEER automatic prediction of related files to
avoid user manual configuration of hoarding
74
SEER A Predictive Hoarding System

• Views user activities as composed of projects
  than individual files
• Predicates files in a project and fetch them
  together
• Discussion how do you predicate all of the files
  a project may use?

75
Basic Idea of SEER Semantic Distance

• Quantifies users intuition about relationship
  between files
• smaller ? closer in relation
• Infers relationship
• static (done by an external investigator), e.g.,
• observes directory structure/membership
• observes naming convention
• include in a program
• dynamic
• watches users behavior

76
Lifetime Semantic Distance

• Looks at file open/close (not file content !!)
• Lifetime semantic distance
• The lifetime semantic distance between an open of
  file A and an open of file B is defined as 0 if A
  has not been closed before B is opened and the
  number of intervening file opens (including the
  open of B) otherwise
• End up with multiple lifetime semantic distances
  between two events of two files
• needs distance between two files, not events
• uses geometric mean to convert to a single
  distance

Semantic distance- A?B , A?C is 0- A?D is 3
77
Basic Idea of SEER Clustering Algorithm

• Based on algorithm by Jarvis and Patrick
• Allows overlapping clusters
• Steps
• calculates n nearest neighbors for each file
• Phase 1 if two points (files here) have at least
  kn overlapping neighbors, combine their clusters
  into one
• Phase 2 if two points have more than kf but less
  than kn overlapping neighbors, overlap the
  clusters i.e. add each to the other cluster

Summary of clustering algorithm
78
Example

• Seven files , A-G
• A B C D E F G
• Phase 1
• A, B ? A, B, C
• D, E F, G ? D,E,F, G
• Phase 2
• two pairs A, C C, D
• A, C same cluster already
• C, D ? overlap clusters
• Final result
• A, B, C, D C,D, E, F,G

Number of shared neighbors
79
Using Both Lifetime Semantic Distance and the
Input of External Investigator

• Essentially gives application specific info
• Example
• large directory distance gt looser relationship
• subtract directory distance from shared neighbor
  count

80
Real World Anomalies Special Cases

• Many special cases
• authors use a heuristic to solve each
• Shared libraries
• e.g. library X
• might cause unwanted clustering
• Heuristic files which represent more than a
  certain percentage of all references marked as
  frequently-referenced (1)
• eliminate from calculation

81
More Special Cases

• Critical files (e.g. startup files)
• rarely accessed but important
• use heuristic and hoard
• special control file that specifies such files
• detect by names e.g. .login etc
• Temporary files (e.g. in /tmp)
• transient and dont depict correct relationship
• might displace other important files from n
  closest
• heuristic ignore files in /tmp etc. completely
• Simultaneous access
• e.g. read mail compile code
• independent streams are intermixed !
• maintain reference-history on a per-process basis

82
Scheduling of Multimedia Applications

• Earliest deadline first (EDF) scheduling
• - allocate cycle budget per job
• - execute job with earliest deadline and positive
  budget
• - charge budget by number of cycles consumed
• - preempt if budget is exhausted

83
Bayou automatic conflict update
84
Bayou Managing Update Conflicts

• Basic idea application specific conflict
  detection and update
• Two mechanisms for automatic conflict detection
  and resolution
• dependency check
• merge procedure

85
Bayou Write Operation An Example
86
Mobile file systems dealing with low bandwidth
LBFS efficient file comparison and merging
87
Motivation

• The CODA system assumes that modifications are
  kept as logs (CML)
• a user sends the logs to the servers to update
• If the storage of a client is limited, it may not
  be able to save logs
• then upon reconnection, the cache manager needs
  to find the difference between the stored file
  and its local cached copy
• same problem exists for the rsync tool !
• Question how to efficiently compare the
  differences of two remote files (when the network
  connection is slow)?

88
LBFS Low-Bandwidth File System

• Break Files into chunks and transfer only
  modified chunks
• Fixed chunk size does not work well
• why?

89
Flexible Chunk Size

• Compute hash value of every 48 byte block
• if the hash value equals to a magic value, it is
  a chunk boundary

90
What is data synchronization?

• Data synchronization is the process of making
  two sets of data look identical (source
  syncml.org white paper)

91
Data Synchronization
Datastore2
92
What is a data synchronization protocol?

• Method of communication for a data
  synchronization session
• Protocol features
• naming and identification of records
• common protocol commands
• identification and resolution of synchronization
  conflicts

93
SyncML defined

• SyncML is a new industry initiative to develop
  and promote a single, common data synchronization
  protocol that can be used industry-wide.
  (syncml.org)
• SyncML is a specification for a common data
  synchronization framework and XML-based format
  for synchronizing data on networked devices.
  (syncml.org)
• SyncML is a protocol for conveying data
  synchronization operations. (syncml.org)

94
SyncML sponsors
95
SyncML features

• Synchronize any type of data
• Multiple protocol bindings
• HTTP, WSP, OBEX
• Security
• Interoperability

96
SyncML clients servers
SyncML server
97
SyncML synchronization types

• Two-way sync
• Slow sync
• One-way sync from client only
• Refresh sync from client only

98
SyncML synchronization types (cont.)

• One-way sync from server only
• Refresh sync from server only
• Server alerted sync

99
SyncML terminology

• Message
• Package
• Command
• Status code

• Datastore
• Device info
• Meta info
• Capabilities exchange

100
SyncML and XML

• Abbreviated naming convention
• Ex protocol version is ltVerProtogt
• XML prolog is not required
• WBXML
• WAP Binary XML

101
SyncML documents

• ltSyncMLgt DTD
• Meta info DTD
• Device info DTD

102
ltSyncMLgt document

• lt?xml version"1.0"?gt
• lt!DOCTYPE gt
• ltSyncMLgt
• ltSyncHdrgt
• lt/SyncHdrgt
• ltSyncBodygt
• lt/SyncBodygt
• lt/SyncMLgt

• A SyncML Message is a well-formed, but not
  necessarily valid, XML document. (syncml.org)
• Contains data synchronization commands
  (operations)

103
ltSyncHdrgt element

• ltSyncHdrgt
• ltVerDTDgt1.0lt/VerDTDgt
• ltVerProtogtSyncML/1.0lt/VerProtogt
• ltSessionIDgtsession41lt/SessionIDgt
• ltMsgIDgtmsg80386lt/MsgIDgt
• lt/SyncHdrgt

104
ltSyncBodygt element

• ltSyncBodygt
• ltAddgt
• ltCmdIDgtcmd80486lt/CmdIDgt
• ltItemgtlt/Itemgt
• lt/Addgt
• lt/SyncBodygt

105
SyncML commands

• ltAddgt
• ltAlertgt
• ltAtomicgt
• ltCopygt
• ltDeletegt
• ltExecgt
• ltGetgt
• ltMapgt

• ltPutgt
• ltReplacegt
• ltResultsgt
• ltSearchgt
• ltSequencegt
• ltStatusgt
• ltSyncgt

106
Meta Info document

• ltMetInfgt
• ltFormatgtlt/Formatgt
• ltTypegtlt/Typegt
• ltMaxMsgSizegt586
• lt/MaxMsgSizegt
• lt/MetInfgt

• Contains sync session parameters

107
Device Info document

• Describes device capabilities
• For both client and server

• ltDevInfgt
• ltSwVgt0.99lt/SwVgt
• ltHwVgt3.14lt/HwVgt
• ltDevTypgtpdalt/DevTypgt
• lt/DevInfgt

108
Sync4j project

• Java implementation of SyncML protocol
• Sync4j client
• Sync4j server
• open source

109
Sync4j audience

• developers who
• know Java but dont know SyncML
• know SyncML but may not know Java
• commercial application developers
• open source application developers

110
API design ideas

• SAX API
• standard set of interfaces
• multiple implementations
• usage model callbacks
• JDOM API
• concrete classes single implementation
• root Document object contains Element objects

111
API design ideas (cont.)

• Servlet API
• usage model developer builds a new servlet by
  subclassing HTTPServlet
• Auto-generate API classes from DTD using an XML
  data-binding tool - ?

112
Sync4j design goals

• Hide complexity of the SyncML specification from
  Java programmers
• XML documents, XML parsing
• multiple transport protocols
• A complete SyncML implementation
• Interoperability
• with existing SyncML clients servers

113
Sync4j design goals (cont.)

• API should be natural and familiar to Java
  programmers
• direct object instantiation
• exceptions
• use Collection API / arrays, where appropriate
• event notification via event listeners
• familiar naming conventions

114
Sync4j design goals (cont.)

• API must be familiar to developers who already
  know the SyncML DTDs
• API must enforce any restrictions that are
  defined in the SyncML specification

115
Sync4js modular design

• core protocol message library
• transport protocol libraries
• extensible client framework
• extensible server framework
• client application
• server application

116
Sync4j implementation

• Immutable objects
• Exception class for each SyncML status code
• Declaration of constants
• public final static variables
• Command object hierarchy

117
Sync4j command hierarchy
AbstractCommand
ResponseCommand
RequestCommand
AddCommand, DeleteCommand, ReplaceCommand,
ResultsCommand, StatusCommand
118
Sync4j toolset

• Jakarta Ant
• JDOM
• Apache Xerces-J
• CVS
• log4j

• Sun JDK 1.4.0
• Sun J2EE SDK
• JUnit
• Apache Tomcat
• Netbeans

119
Sync4j packages

• sync4j.core
• sync4j.transport
• sync4j.framework

• sync4j.client
• sync4j.server
• sync4j.tests

120
Sync4j core classes

• Message
• DeviceInfo
• MetaInfo
• Command classes
• AddCommand
• DeleteCommand
• ReplaceCommand

121
sync4j.core.Message

• Two ways to construct a Message object
• from a String of XML
• from more basic sync4j objects

122
Sync4j Message example 1

• String strXML ltSyncMLgt lt/SyncMLgt
• Message msg
• try
• msg new Message(strXML)
• catch (InvalidMarkupException ex)
• catch (XMLSyntaxException ex)

123
Sync4j Message example 2

• SyncHeader header new SyncHeader(...)
• SyncBody body new SyncBody(...)
• Message msg
• msg new Message(header, body)
• String strXML msg.toXML()

124
Summary

• Use SyncML to synchronize data between mobile
  applications and server applications
• SyncML is a complex and powerful data
  synchronization protocol
• Sync4j hides the complexity of SyncML from Java
  programmers

End
125
For more information
Please visit http//sync4j.sourceforge.net/
End
126
Backup Slides on TELA
127
TELSA A Positive Example
128
Digital Signatures Do Not Work

• Problem statement authentication of packets
• The typical approach in the Internet is to attach
  a digital signature on each packet
• However, signatures are expensive, e.g., RSA 1024
  on a 2.1 GHz desktop
• high signature cost (5 ms)
• high communication cost (128 bytes/packet)
• More expensive on low-end processors

http//www.cryptopp.com/benchmarks.html
129
TESLA

• Timed Efficient Stream Loss-tolerant
  Authentication
• Uses only symmetric cryptography

130
Basic Authentication Mechanism

• F public one-way function MAC message digest
  function

P
F(K) Authentic Commitment
K disclosed
MAC(K,P)
t
131
TELSA Security Condition

• Sender distributes initial commitment and key
  disclosure schedule using, say, digital signature
• Security condition (for packet P) on arrival of
  P, receiver is certain that sender did not yet
  disclose K
• If security condition not satisfied, drop packet

132
TESLA Example
Keys disclosed 2 time intervals after use
K4
K5
K6
K7
K3
t
Time 4
Time 5
Time 6
Time 7
133
TESLA Summary

• Advantages
• low overhead
• communication ( 20 bytes)
• computation ( 1 MAC computation per packet)
• tolerate packet loss
• Problems
• time synchronization
• delayed authentication

134
Secure Efficient Ad hoc Distance Vector (SEAD)

• Uses one-way hash chains to authenticate metric
  and sequence number for DSDV
• Assumes a limit k-1 on metric (as in other
  distance vector protocols such as RIP, where
  k16)
• metric value infinity can be represented as k

135
SEAD Metric Authenticators

• Each node generates a hash chain and distributes
  the last element (CN1) to allow verification
• chain values CN-k1, , CN authenticate metrics
  0 through k-1 for sequence number 1
• CN-2k1,CN-k authenticate metrics 0 through k-1
  for sequence number 2
• CN-ik1,CN-(i-1)k authenticate metrics 0 through
  k-1 for sequence number i

C0
C1
C3
C2
C5
C4
C6
C7
C9
C8
C10
C12
C11
136
SEAD Metric Authenticators

• Each node generates a hash chain anddistributes
  the last element (CN1) to allow verification
• Chain values CN-k1, , CN authenticate metrics
  0 through k-1 for sequence number 1
• CN-2k1,CN-k authenticate metrics 0 through k-1
  for sequence number 2
• CN-ik1,CN-(i-1)k authenticate metrics 0 through
  k-1 for sequence number i

C0
C1
C3
C2
C5
C4
C6
C7
C9
C8
C10
C12
C11
137
SEAD Metric Authenticators

• Each node generates a hash chain and distributes
  the last element (CN1) to allow verification
• Chain values CN-k1, , CN authenticate metrics
  0 through k-1 for sequence number 1
• CN-2k1,CN-k authenticate metrics 0 through k-1
  for sequence number 2
• CN-ik1,CN-(i-1)k authenticate metrics 0 through
  k-1 for sequence number i

C0
C1
C3
C2
C5
C4
C6
C7
C9
C8
C10
C12
C11
138
SEAD Metric Authenticators

• Each node generates a hash chain and distributes
  the last element (CN1) to allow verification
• Chain values CN-k1, , CN authenticate metrics
  0 through k-1 for sequence number 1
• CN-2k1,CN-k authenticate metrics 0 through k-1
  for sequence number 2
• CN-ik1,CN-(i-1)k authenticate metrics 0 through
  k-1 for sequence number i

C0
C1
C3
C2
C5
C4
C6
C7
C9
C8
C10
C12
C11
139
SEAD Metric Authenticators

• Within a sequence number i
• CN-ik1 represents metric 0
• CN-ik2 represents metric 1
• CN-ikm1 represents metric m
• CN-ikk represents metric k-1

• When a node receives a routing update
• It first checks the metric authenticator
• If the update is to be accepted
• It increments the metric by one
• and hashes the authenticator
• then adds the metric and authenticator to routing
  table

Metric 0
Metric 1
Metric 2
C9
C10
C11