Security Issues in Mobile WiMAX(IEEE 802.16e) Frank, A Ibikunle Covenant University, Electrical and Information Engineering Department, Ota. 2009 IEEE.

Slides:

Advertisements

Similar presentations

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Advertisements

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Cryptography and Network Security

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Security S Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents Security requirements Public key cryptography Key agreement/transport.

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

P Security Survey and Recommendations By: Ryon Coleman October 16, 2003.

Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.

Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Cryptography and Network Security Chapter 17

Wired Equivalent Privacy (WEP)

Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.

IEEE Wireless Local Area Networks (WLAN’s).

Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.

15 November Wireless Security Issues Cheyenne Hollow Horn SFS Presentation 2004.

Chapter 8 Web Security.

Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.

Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.

SYSTEM ADMINISTRATION Chapter 13 Security Protocols.

Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),

Network Security. Information secrecy-only specified parties know the information exchanged. Provided by criptography. Information integrity-the information.

Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)

WiMax Security Introduction About WiMax WiMax security

1 Chapter 8 Copyright 2003 Prentice-Hall Cryptographic Systems: SSL/TLS, VPNs, and Kerberos.

1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.

Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),

Shambhu Upadhyaya Security –Upper Layer Authentication Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 10)

Cryptography and Network Security (CS435) Part Fourteen (Web Security)

Web Security : Secure Socket Layer Secure Electronic Transaction.

Information management 1 Groep T Leuven – Information department 1/26 IPSec IP Security (IPSec)

IT:Network:Apps.  RRAS does nice job of routing ◦ NAT is nice ◦ BASIC firewall ok but somewhat weak  Communication on network (WS to SRV) is in clear.

Presented by Hampton Smith  An IEEE (Institute for Electrical and Electronics Engineers) protocol ratified in 1997 which defines a standard.

1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.

Wireless LAN Security. Security Basics Three basic tools – Hash function. SHA-1, SHA-2, MD5… – Block Cipher. AES, RC4,… – Public key / Private key. RSA.

Network Security David Lazăr.

IPsec IPsec (IP security) Security for transmission over IP networks –The Internet –Internal corporate IP networks –IP packets sent over public switched.

Doc.: IEEE /112r0 Submission February 2002 Dr Matthew Welborn, XtremeSpectrumSlide 1 Project: IEEE P Working Group for Wireless Personal.

Middleware for Secure Environments Presented by Kemal Altıntaş Hümeyra Topcu-Altıntaş Osman Şen.

無線網路安全 WEP. Requirements of Network Security Information Security Confidentiality Integrity Availability Non-repudiation Attack defense Passive Attack.

11 WiMAX 安全子層於嵌入式系統下之探討與實現 Speaker: Yen-Jen Chen ( 陳燕仁 ) Advisor: Dr. Kai-Wei Ke ( 柯開維博士 ) Date: 07/28/2008 The research and implementation of WiMAX.

Wireless. Wireless hosts: end system devices; may or may not be mobile Wireless links: A host connects to a base station or host through a communication.

1 CMPT 471 Networking II Authentication and Encryption © Janice Regan,

Potential vulnerabilities of IPsec-based VPN

Virtual Private Network. ATHENA Main Function of VPN  Privacy  Authenticating  Data Integrity  Antireplay.

Security Support for Multi-cast Traffic in M2M communication Document Number: IEEE C802.16p-10/0032 Date Submitted: Source: Inuk Jung, Kiseon.

Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.

University of Kansas Motivation Wireless networks based on the IEEE standard require lengthy layer two configuration parameters to be set SSID (Network.

Doc.: IEEE /657r0 Submission August 2003 N. Cam-WingetSlide 1 TGi Draft 5.0 Comments Nancy Cam-Winget, Cisco Systems Inc.

K. Salah1 Security Protocols in the Internet IPSec.

Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.

@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.

Cryptography CSS 329 Lecture 13:SSL.

Lecture 7 (Chapter 17) Wireless Network Security Prepared by Dr. Lamiaa M. Elshenawy 1.

CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.

PRESENTATION ON SECURE SOCKET LAYER (SSL) BY: ARZOO THAKUR M.E. C.S.E (REGULAR) BATCH

Network security Presentation AFZAAL AHMAD ABDUL RAZAQ AHMAD SHAKIR MUHAMMD ADNAN WEB SECURITY, THREADS & SSL.

Message Authentication Code

History and Implementation of the IEEE 802 Security Architecture

Cryptography and Network Security

The Secure Sockets Layer (SSL) Protocol

WiMAX安全子層於嵌入式系統下之探討與實現

Counter With Cipher Block Chaining-MAC

Security in Wireless Metropolitan Area Networks (802.16)

Security in Wireless Metropolitan Area Networks (802.16)

Presentation transcript:

Security Issues in Mobile WiMAX(IEEE e) Frank, A Ibikunle Covenant University, Electrical and Information Engineering Department, Ota IEEE Mobile WiMAX Symposium

Wimax ☺ x ☺ d (fixed) ☺ e (mobile) ☺ e ----3G : 韓國 (WiBro), 美國, 中國大陸 ( 專利 ) ☺ m G : 起步

台灣與全球頻譜與執照北區南區全區全球 Map:

和 WiFi 的不同 qhRKVjQ

基本名詞 Ớ Main roles involved in : Ớ Base Station (BS) Ớ Mobile Station (MS) / Subscriber Station (SS) Ớ Two security protocols of interest: Ớ Authentication/Authorization protocol, establishes a shared Authorization Key (AK) Ớ 3-way Traffic Encryption Key (TEK) Handshake

Ớ AK used to derive various other keys Ớ Traffic Encryption Keys are used to encrypt message data between the BS and MS Ớ KEK: key encryption key Ớ MBS: Multicast and Broadcast Service

3-way TEK Handshake After authentication, BS initiates a 3-way handshake to transfer TEKs to MS TEKs generated by BS Have a specified lifetime, after which new TEK is requested by MS Structure of the 3-way handshake: Challenge: BS → MS Request:MS → BS Response:BS → MS

Define Security: protection of data being transmitted over a wireless networks.

CIA Confidentiality: Allowing only that the intended legitimate recipients to read encrypted messages(information). Integrity: is referred to as ensuring that another party has not altered messages after it has been sent. Authentication: This is making sure that parties sending messages or receiving messages are who they say they are, and have the right to undertake such actions.

On wired networks: VPNs IPSec IDS Firewalls…

Major Problem Securing wireless signal is in its mode of transmission communicated through the air.

802.16e provides 2 authentication RSA 加密演算法 : 因數分解難度和 bits 有關 EAP(Extensible Authentication Protocol)

EAP 常用在無線網路 Data link layer Packet An authentication framework: only define message format and has many methods. Using EAP can define a way to encapsulate EAP messages. Provides some common functions and negotiation of authentication methods called EAP methods.

MAC Message Authentication Code Like Digital Signature, but using symmetry key.

Initial network 1. EAP-based authentication. 2. The BS and BS set up a common AK. 3. KEK is derived from the AK. (and AK is used to securely transfer further keys) 4. MAC digest and the transferred TEK is encrypted by the KEK. 5. After above, the 3-way TEK-exchange for each data connection is executed. AK – KEK - TEK

Security Flaws 1. Unauthenticated messages 2. Unencrypted management communication 3. Shared keys in Multicast and Broadcast Service

Unauthenticated messages Most of the management messages defined in IEEE e are integrity protected. Done by: HMAC: Hash based message authentication code CMAC: Cipher based message authentication code But some messages are not covered by any authentication mechanism.

Unauthenticated messages 1. MOB_TRF-IND: Traffic Indication message 2. MOB_NBR-ADV: Neighbor Advertisement message 3. FPC: Fast Power Control message 4. MSC-REQ: Multicast Assignment Request message 5. DBPC-REQ: Downlink Burst Profile Change Request message 6. PMC-REQ: 7. MOB_ASC-REP: Association Result Report 8. RNG-REQ: Ranging Request message

Unencrypted management communication In Mobile WiMAX management messages are still sent in the clear. Nearly all management information exchanged between MS and BS can be accessed by a listening adversary. Collecting management info can create detailed profiles about MSs. Including capabilities of devices, security settings, associations with base stations… Also can determine the movement and approximate position of the MS.

Shared keys in Multicast and Broadcast Service Encrypted symmetrically with a shared key. Also message authentication is based on the same shared key. This alg. Contains the vulnerability that every group member can also encrypt and authenticate broadcast messages as if they originate from the real BS(be forged).

Shared keys in Multicast and Broadcast Service GTEK: Group TEK MBRA: Multicast and Broadcast Rekeying Algorithm

The Solutions 1. For Unauthenticated messages: 1. Easily using a HMAC or CMAC digit as well. 2. But most messages are very short, a tradeoff between the security and the effectiveness of the protocol has to be found. 3. Suggestion: use CMAC and Short HMAC to 64bits, and with all other needed parameters (i.e., packet number, key sequence number and reserved fields), both will be 104 bits in total.

HMAC 詳細請看 : Use SHA-1 (128bits ?)SHA-1 SHA: Secure Hash Algorithm

CMAC 詳細請看 : too.( 有點複雜......) Use AES-128 ( 感覺也很偉大 ……)AES-128 AES: Advanced Encryption Standard A symmetric-key encryption standard adopted by the U.S. government.

2. For Unencrypted management communication: 1. Encrypt directly after both sides have established a common key. 2. Doesn’t introduce any overhead to the connection. 3. Possible to use a symmetric key, decryption can be processed very fast.

3. For broadcasted/multicasted messages(shared keys): 1. From outside the group. 2. Use asymmtric cryptography(but may not effective). 3. And for the MBS, see Figures as followings.

Figure 1. Possible solutions to transmit GTEK in a secure way

Figure 2. Avoiding key forgery by a GTEK hash chain

Contributions 1. Describe different security vulnerabilities found in IEEE e. 2. Proffer possible solutions to eliminate them.

Thanks Q & A