Wireless Network Security - PowerPoint PPT Presentation

1 / 46
About This Presentation
Title:

Wireless Network Security

Description:

Wireless Network Security Prof. Nasir Memon Department of Computer Science – PowerPoint PPT presentation

Number of Views:236
Avg rating:3.0/5.0
Slides: 47
Provided by: Nasi153
Category:

less

Transcript and Presenter's Notes

Title: Wireless Network Security


1
Wireless Network Security
  • Prof. Nasir Memon
  • Department of Computer Science

2
Overview
  • Introduction
  • Data Encryption
  • Private Key Cryptography
  • Public Key Cryptography
  • Digital Signatures
  • Cryptographic Hash Functions
  • Wireless Security Issues
  • WEP

3
Network Security Issues.
  • Confidentiality Can you keep a secret?
  • Integrity Did you get the message I sent?
  • Availability Are you there when needed?
  • Identification Who are you?
  • Authentication Can you prove who you are?
  • Access Control What are you allowed to do?
  • Non-repudiability Yes you did!
  • Audit Trails What have you been up to?
  • Privacy Can you treat my like a human?

4
Network Security - Why is it difficult?
  • Complexity.
  • Resource sharing.
  • Unknown Perimeter.
  • Many points of attack.
  • Anonymity.
  • Unknown Paths.

5
Type of Attacks in Computer Systems
6
Security Mechanisms
  • Three basic building blocks are used
  • Encryption is used to provide confidentiality,
    can provide authentication and integrity
    protection
  • Digital signatures are used to provide
    authentication, integrity protection, and
    non-repudiation
  • Checksums/hash algorithms are used to provide
    integrity protection, can provide authentication
  • One or more security mechanisms are combined to
    provide a security service

7
Services, Mechanisms, Algorithms
  • A typical security protocol provides one or more
    services
  • Services are built from mechanisms
  • Mechanisms are implemented using algorithms

8
Protocol Stack
Application
Socket
Session mobility WTLS
Session Layer
Transport Layer
TCP/UDP
IP/IPSec
Network Layer
Mobile IP
Data link
Physical
9
Network Layer IPSec
  • Advantages of IPSec
  • Can protect a mix of application protocols
    running over a complex combination of media
  • Provides security services in the background
  • Secure all data communication
  • Multiple secure sessions can share the exchanged
    secret
  • Limitations of IPSec
  • Does not provide end-to-end security
  • Does not cover all security features
  • Does not prevent denial of service attacks
  • Does not stop traffic analysis

10
WTLS
  • Advantages of WTLS
  • Manages end-to-end as well as end-to-gateway
  • secure wireless connections
  • Supports key refresh and transaction recovery
  • Limitations of WTLS
  • Does not cover all security features
  • Limited prevention against denial of service
    attacks
  • Does not stop traffic analysis
  • Secures data specific to the session only
  • Secure sessions cannot share exchanged secrets

11
Data Encryption
  • Encryption is the process of encoding a message
    such that its meaning is not obvious.
  • Decryption is the reverse process.
  • We denote plaintext by P and ciphertext by C.
  • C E(P), P D(C) and P D(E(P)), where E() is
    the encryption function (algorithm) and D() the
    decryption function.

12
Symmetric and Asymmetric Cryptosystems
  • If the encryption key and the decryption key are
    the same then we have a symmetric encryption
    scheme (also private key, one-key).
  • If the encryption key and the decryption key are
    different then we have an asymmetric encryption
    scheme (also public key, two-key).

13
Example Caesar Cipher
  • Let messages be all lower case from a through z
    (no spaces or punctuation).
  • itsnotthathardtoread
  • Represent letters by numbers from 0 to 25.
  • Encryption function
  • Ci E(Pi ) Pi K.
  • where K is secret key and addition done
    modulo 26.
  • Decryption is
  • Pi D(Ci ) Ci - K.
  • UNIX ROT13 uses K as 13.

14
Cryptanalysis
  • A cryptosystem should be secure against the
    following kinds of attacks
  • Ciphertext only attack.
  • Known plaintext attack.
  • Chosen plaintext attack.
  • Adaptive chosen plaintext attack.
  • Chosen ciphertext attack.
  • Chosen key attack.

15
Brute Force Attacks.
  • If key space is finite, given a ciphertext a
    cryptanalyst can try and check all possible keys.
  • For above to be not feasible, key space should be
    large!!
  • How large? How about 256?
  • Large enough to make it impractical for an
    adversary. But what is impractical today, may not
    be so tomorrow.
  • In practice, for a good cryptosystem, the only
    possible attack should be the brute force attack,
    which should be impractical into the foreseeable
    future, as long as message may have value.

16
DES Data Encryption Standard
  • Private key. Encrypts by series of substitution
    and transpositions.
  • Worldwide standard for more than 20 years.
  • Has a history of controversy.
  • Designed by IBM (Lucipher) with later help
    (interference?) from NSA.
  • No longer considered secure for highly sensitive
    applications.
  • Replacement standard (AES - Rijndael) has been
    selected.

17
DES - Overview
18
DES Each iteration.
19
Triple DES
  • Triple DES (2 keys) requires 2112 search. Is
    reasonably secure.
  • 3 keys requires 2168 .

20
Other Private Key Cryptosystems
  • IDEA
  • Twofish
  • Blowfish
  • RC4, RC5, RC6
  • Rijndael (AES Winner)
  • Serpent
  • MARS
  • Feal

21
Private key cryptography revisited.
  • Key distribution and management is a serious
    problem! N users O(N2) keys!

22
Public key cryptography
  • Key management problem not really that simple as
    we will see later!!! (trust).

23
One-way functions and trapdoors.
  • A function f() is said to be one-way if given x
    it is easy to compute y f (x), but given y it
    is hard to compute x f -1(y).
  • A trap-door one-way function fK() is such that to
    compute
  • y fK(x) is easy if K and x are known.
  • x f -1K(y) is easy if K and y are known.
  • x f -1K(y) is hard if y is known but K is
    unknown.
  • Given a trap-door one-way function one can design
    a public key cryptosystem.

24
Encryption and 1-way trap doors
  • Two keys
  • public encryption key e
  • private decryption key d
  • encryption easy when e is known
  • decryption hard when d is not known
  • d provides trap door decryption easy when d is
    known
  • Well study the RSA public key encryption scheme.

25
RSA overview - setup
  • Alice wants people to be able to send her
    encrypted messages.
  • She chooses two (large) prime numbers, p and q
    and computes npq and . large 100
    digits
  • She chooses a number e such that e is relatively
    prime to and
    computes d, the inverse of e in
  • She publicizes the pair (e,n) as her public key.
    She keeps d secret and destroys p, q, and
  • Plaintext and ciphertext messages are elements of
    Zn and e is the encryption key.

26
RSA overview - encryption
  • Bob wants to send a message x (an element of Zn)
    to Alice.
  • He looks up her encryption key, (e,n), in a
    directory.
  • The encrypted message is
  • Bob sends y to Alice.

27
RSA overview - decryption
  • To decrypt the message
  • shes received from Bob, Alice computes
  • Claim D(y) x

28
Tiny RSA example.
  • Let p 7, q 11. Then n 77 and
  • Choose e 13. Then d 13-1 mod 60 37.
  • Let message 2.
  • E(2) 213 mod 77 30.
  • D(30) 3037 mod 772

29
Authentication and Authorization
  • Authentication is a service that
  • allows receivers of a messages to identify its
    origin.
  • makes is difficult for third parties to
    masquerade as someone else.
  • e.g., your drivers license and photo
    authenticates your image to a name, address, and
    birth date.
  • Authorization is a service that
  • Allows only entities that have been authenticated
    and who appear on an access list to utilize a
    service.
  • E.g., your date of birth on your drivers license
    authorizes you to drink as someone who is over
    21.

30
Authentication
  • Authentication codes provide assurance that
    message has not been tampered with and has indeed
    originated from a specific source.
  • Independent of encryption.
  • In fact, encryption may even be undesirable.

31
Substitution and Impersonation
  • Two types of attacks on authentication schemes
  • Substitution attack
  • Impersonation attack

Hello Bob, I love you - Alice
Hello Bob, I hate you - Alice
Hello Bob, I love you - Olivia
32
Digital Signatures
  • Desirable properties of handwritten signatures
  • Signed document is authentic.
  • Signature is unforgeable.
  • Signature is not reusable.
  • Signed document is unalterable.
  • Signature cannot be repudiated.
  • (Above not strictly true but mostly so)
  • Same properties and more can be achieved by
    digital signatures.
  • Digital Signatures use public key cryptography.

33
RSA based signature
  • Alice signs message by encrypting with private
    key.
  • Bob decrypts message with Alices public key.
  • If meaningful message then it must have been
    encrypted with Alices private key!

34
Signing With Message Digests
  • A fixed length fingerprint of a message.
  • Instead of signing message, sign the message
    digest.

35
Cryptographic Hash Functions
  • Requirements of cryptographic hash functions
  • Can be applied to data of any length.
  • Output is fixed length.
  • Relatively easy to compute h(x), given x.
  • Infeasible to get x, given h(x).
  • Given x, infeasible to find y such that h(x)
    h(y). Weak collision property.
  • Infeasible to find any pair x and y such that
    h(x) h(y). Strong collision property.

36
Wireless Security
  • How is wireless different?
  • 802.11 Security

37
Wireless Dimension
Access to Medium Unlike wired medium (cables)
wireless medium (air) is ubiquitous hence access
restrictions to the medium must be handled
explicitly, where as in wired environments it is
implicit.
War DialingAttacker gains access to wired
medium by exhaustive dialing of phone
numbers War Driving Attacker gains access to
wireless medium by just driving by the network
coverage area.
38
How is wireless different?
  • The Medium
  • Wireless medium has no explicit packet boundary
  • This property weaken privacy and authentication
    mechanisms adopted from wired environment
  • Portability
  • Wireless devices are smaller in size and portable
  • Data in those devices require more protection
    than data on non-portable devices
  • Mechanisms to recover stolen or lost devices are
    important
  • Mechanisms for self-destruction of data is also
    important

39
How is wireless different?
  • Mobility
  • Mobility brings even bigger challenges
  • Trust in infrastructure
  • Wired networks assume certain level of trust in
    local infrastructure (we trust our routers)
  • In wireless networks this is a weak assumption
  • Would you put same level of trust on an Access
    Point in JFK as you put on your home AP?
  • Security mechanisms should anticipate these
    variances in trust
  • Or, security mechanisms should be independent of
    location or infrastructure
  • Trust in location
  • Wired networks implicitly assume network address
    is equivalent to physical location (128.238.x.x
    is Polys resources)
  • In wireless networks physical location is not
    tied to network address. Physical location may
    change transparent to end nodes.

40
How is wireless different?
  • Mobility
  • Privacy of location
  • On wired network privacy of location is not a
    concern
  • In wireless networks location privacy of the user
    is a serious issue because users can be tracked,
    their travel behaviors can be used for marketing
    purposes etc.
  • Similar scenario exists on the Web A users web
    surfing pattern can be tracked and this raised
    several privacy issues in 1999 (Double Clicks
    Cookie Tracking)

41
How is wireless different?
  • Processing power, memory energy requirements
  • Handheld devices have stringent processing power,
    memory, and energy requirements
  • Current security solutions require expensive
    processing power memory
  • Handheld devices mandate inexpensive substitutes
    for
  • Crypto algorithms (AES instead of 3-DES)
  • Authentication schemes
  • Better one-time password schemes with feasible
    remote key updates

42
Power consumption crypto algorithms
Piyush Mishra et al.
43
How is wireless different?
  • Network Topologies
  • Wired networks usually rely on network topology
    to deploy security solutions
  • E.g firewall is installed on a machine where all
    traffic is visible
  • Wireless networks (esp. ad-hoc) have dynamic
    topologies
  • Wireless networks may not have single point of
    convergence (hidden host problem!)
  • Wireless networks put emphasis on host based
    solutions e.g distributed firewalls

44
Wired Equivalent Privacy (WEP)
  • Wired equivalence privacy?
  • Wireless medium has no packet boundaries
  • WEP control access to LAN via authentication
  • Wireless is an open medium
  • Provides link-level security equivalent to a
    closed medium
  • No end-to-end privacy
  • Security Goals of WEP
  • Access Control
  • Provide access control to the underlying medium
    through authentication
  • Confidentiality
  • Provide confidentiality to data on the underlying
    medium through encryption
  • Data Integrity
  • Provide means to determine integrity of data
    between links

45
Wired Equivalent Privacy (WEP)
  • An attack on WEP should compromise at least one
    of these properties
  • Three levels of security
  • Open system WEP is disabled in this mode. No
    security.
  • Shared Key Authentication provides access
    control to medium
  • Encryption provides confidentiality to data on
    network
  • You can have confidentiality on an open system!
  • That is, you can encrypt all the traffic and not
    have access control to the medium!
  • Which also means, a wily hacker can have all his
    traffic encrypted on our network so that no one
    see what s/he is doing!

46
Properties of WEP
  • It is reasonably strong
  • Withstand brute force attacks and cryptanalysis
  • It is self-synchronizing
  • Uses self-synchronizing stream cipher
  • It is efficient
  • Hardware/software implementation
  • It may be exportable
  • Rest of the world needs security too!
  • It is optional
  • WEP layer should be independent of other layers
Write a Comment
User Comments (0)
About PowerShow.com