Information Security of Embedded Systems 27.1.2010: remote access, wireless networks Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.

Slides:



Advertisements
Similar presentations
Information Security of Embedded Systems : Design of Secure Systems Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
Advertisements

Information Security of Embedded Systems : Embedded Systems Design Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
SECURING WIRELESS LANS PRESENTED BY VICTOR C. NWALA CS555 Department of Computer Science Old Dominion University.
IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
Raphael Frank 20 October 2007 Authentication & Intrusion Prevention for Multi-Link Wireless Networks.
無線區域網路安全 Wireless LAN Security. 2 Outline  Wireless LAN – b  Security Mechanisms in b  Security Problems in b  Solutions for b.
Information Security of Embedded Systems : Foundations of Security II Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
Information Security of Embedded Systems : Public Key Cryptosystems, Communication Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.
Wired Equivalent Privacy (WEP)
Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
Wireless Encryption By: Kara Dolansky Network Management Spring 2009.
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
Information Security of Embedded Systems : Communication, wireless remote access Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.
Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
15 November Wireless Security Issues Cheyenne Hollow Horn SFS Presentation 2004.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.
1 Wireless LAN Security Kim W. Tracy NEIU, University Computing
Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.
WLAN What is WLAN? Physical vs. Wireless LAN
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.
1 Chapter Overview Wireless Technologies Wireless Security.
Mobile and Wireless Communication Security By Jason Gratto.
Wireless Network Security By Patrick Yount and CIS 4360 Fall 2009 CIS 4360 Fall 2009.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
Secure Systems Research Group - FAU Wireless Web Services Security Christopher Lo.
Wireless Networking.
Wireless Networks Tamus, Zoltán Ádám
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
BY MOHAMMED ALQAHTANI (802.11) Security. What is ? IEEE is a set of standards carrying out WLAN computer communication in frequency bands.
1 Figure 2-11: Wireless LAN (WLAN) Security Wireless LAN Family of Standards Basic Operation (Figure 2-12 on next slide)  Main wired network.
Module 8: Designing Network Access Solutions. Module Overview Securing and Controlling Network Access Designing Remote Access Services Designing RADIUS.
Wireless Network Security Presented by: Prabhakaran Theertharaman.
WEP, WPA, and EAP Drew Kalina. Overview  Wired Equivalent Privacy (WEP)  Wi-Fi Protected Access (WPA)  Extensible Authentication Protocol (EAP)
11 SECURING NETWORK COMMUNICATION Chapter 9. Chapter 9: SECURING NETWORK COMMUNICATION2 OVERVIEW  List the major threats to network communications. 
Link-Layer Protection in i WLANs With Dummy Authentication Will Mooney, Robin Jha.
WLANs & Security Standards (802.11) b - up to 11 Mbps, several hundred feet g - up to 54 Mbps, backward compatible, same frequency a.
발표자 : 현근수 Bluetooth. Overview wireless protocol short-range communications technology single digital wireless protocol connecting multiple devices mobile.
The University of Bolton School of Business & Creative Technologies Wireless Networks - Security 1.
Lecture 24 Wireless Network Security
An Analysis of Bluetooth Security Team A: Padmaja Sriraman Padmapriya Gudipati Sreenivasulu Lekkala.
National Institute of Science & Technology WIRELESS LAN SECURITY Swagat Sourav [1] Wireless LAN Security Presented By SWAGAT SOURAV Roll # EE
Security Standards. IEEE IEEE 802 committee for LAN standards IEEE formed in 1990’s – charter to develop a protocol & transmission specifications.
Wireless Security: The need for WPA and i By Abuzar Amini CS 265 Section 1.
Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 24 “Wireless Network Security”.
Wireless Networks Standards and Protocols & x Standards and x refers to a family of specifications developed by the IEEE for.
Wireless Security Presented by Colby Carlisle. Wireless Networking Defined A type of local-area network that uses high-frequency radio waves rather than.
Authentication has three means of authentication Verifies user has permission to access network 1.Open authentication : Each WLAN client can be.
802.11b Security CSEP 590 TU Osama Mazahir. Introduction Packets are sent out into the air for anyone to receive Eavesdropping is a much larger concern.
1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security.
Erik Nicholson COSC 352 March 2, WPA Wi-Fi Protected Access New security standard adopted by Wi-Fi Alliance consortium Ensures compliance with different.
Lecture 7 (Chapter 17) Wireless Network Security Prepared by Dr. Lamiaa M. Elshenawy 1.
Copyright © 2006 Heathkit Company, Inc. All Rights Reserved Introduction to Networking Technologies Wireless Security.
By: Brett Belin. Used to be only tackled by highly trained professionals As the internet grew, more and more people became familiar with securing a network.
© 2003, Cisco Systems, Inc. All rights reserved. FWL 1.0— © 2003, Cisco Systems, Inc. All rights reserved.
Wireless Security - Encryption Joel Jaeggli For AIT Wireless and Security Workshop.
History and Implementation of the IEEE 802 Security Architecture
Understand Wireless Security LESSON Security Fundamentals.
History and Implementation of the IEEE 802 Security Architecture
Wireless Protocols WEP, WPA & WPA2.
CSE 4905 Network Security Overview
Wireless Networking Chapter 23.
LM 5. Wireless Network Security
Presentation transcript:

Information Security of Embedded Systems : remote access, wireless networks Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST

Embedded Security © Prof. Dr. H. Schlingloff Structure 1. Introductory example 2. Embedded systems engineering 1.definitions and terms 2.design principles 3. Foundations of security 1.threats, attacks, measures 2.construction of safe systems 4. Design of secure systems 1.design challenges 2.safety modelling and assessment 3.cryptographic algorithms 5. Communication of embedded systems 1.remote access 2.sensor networks 6. Algorithms and measures 1.digital signatures 2.key management 3.authentication 4.authorization 7. Formal methods for security 1.protocol verification 2.logics and proof methods

Embedded Security © Prof. Dr. H. Schlingloff Communication of Embedded Systems Various wired and wireless bus systems are being used  CAN, LIN, MOST, I2C, …  GSM, UMTS, …  WiFi, Bluetooth, … Security considerations  general rule: newer standards are more secure  known problems with nearly all standards

Embedded Security © Prof. Dr. H. Schlingloff Wireless Data Communication History: replacement of cables  First: “make it work”  Then: specialization (application-specific)  Now: security vs. resource limitations Trend: All IP  coalescence of telephone and data communication (“B3G”, “NGN”, “4G”)  data- vs. knowledge-communication, semantic net

Embedded Security © Prof. Dr. H. Schlingloff WLAN (802.11x) a,b (1999); g,h(2003) Widely used (2003 Intel Centrino) Point-to-point and Access-point networking Local data transfer, internet-connectivity, integration in company or private networks Air frequencies openly accessible (cf. mobile phones) Threats: illegitimate foreign hard disk access, unauthorized use of connectivity, unauthorized data access, masking and fake identities

Embedded Security © Prof. Dr. H. Schlingloff WLAN Security Measures Frequency hopping (  pseudo-random) SSID cloaked mode (  eavesdropping) MAC address control (  spoofing) VPN and CHAP (Server must know user passwords, Client calculates hash key  possible attacks) WEP (  next slide) WPA with EAP and TKIP

Embedded Security © Prof. Dr. H. Schlingloff WEP “Wired Equivalent Privacy”, Authentication & secured communication via symmetric encryption and checksums Authentication by challenge-response; client proves knowledge of the common key  up to 4 keys are possible; choice by client; 40 bit weak  all user (and all access points) need to know the key(s); key exchange difficult  access point does not authentify itself to the client! - sending of challenges, analysing responses - denial-of-service, logoff of clients Checksums (CRC) instead of secure hashing  modification and generation of messages even without key!  redirection of communication (IP-address-faking)

Embedded Security © Prof. Dr. H. Schlingloff WEP-Attack 1 CRC-property: CRC(M  M’)=CRC(M)  CRC(M’) RC-4-property: M  Key  Key = M (M|CRC(M))  Key (M|CRC(M))  Key  (D|CRC(D)) (M|CRC(M))  Key  (D|CRC(D))  Key = (M+D)|CRC(M+D)

Embedded Security © Prof. Dr. H. Schlingloff WEP-Attack 2 2. (M|CRC(M))  Key 3. (M|CRC(M))  Key  (M|CRC(M))  (M’|CRC(M’)) 1. M M’|CRC(M’)

Embedded Security © Prof. Dr. H. Schlingloff WPA WiFi Protected Access 128 bit, AES/TKIP (temporal key integrity protocol)  message integrity code (MIC)  sequence numbering against replay-attacks  key management, key mixing, quasi asymmetric encryption  master key, session keys, key renewal EAP (extensible authentication protocol)  password-based, certificate-based, SIM-based  forwarding of requests to a designated server  still no authentication of server! (  PEAP)

Embedded Security © Prof. Dr. H. Schlingloff Sensor Networks Network of small, cheap, low-power nodes  e.g. earthquake early warning system  e.g. ambient assisted living  e.g. wireless controller network  e.g. logistics routing Construction of threat scenarios? Self-organization  new nodes must integrate into the network  the network must be able to build “trust” Several emerging radio technologies

Embedded Security © Prof. Dr. H. Schlingloff Bluetooth Security Replacement of IrDA Bluetooth profiles (> 30)  headset, AV remote control, telephony, obj exchange, ftp, serial, lan, pan, health devices… Security mechanisms  visibility restrictions (“non-discoverable”)  pairing via passkey or PIN  unit keys  encrypted communication  frequency hopping

Embedded Security © Prof. Dr. H. Schlingloff Bluetooth Security

Embedded Security © Prof. Dr. H. Schlingloff Vulnerabilities and Attacks Passkey for headsets: 1234 or 0000 Default discoverability Pairing in public areas  mobile phone always accepts a basic L2CAP connection request without acceptance of the user Scanning for bluetooth addresses  MAC address ranges of devices are known Eavesdropping air frequencies  Pseudo-random frequency hopping scheme Reading passkeys from compromised devices Unauthorized access to information on devices

Embedded Security © Prof. Dr. H. Schlingloff Public “Blue Kiosk”  vulnerability: display of device by name only Stack overflow attacks  vCard  file names in File Transfer or Object Push Activating the microphone Tracking and positioning attacks  triangulation  antenna extensions

Embedded Security © Prof. Dr. H. Schlingloff ZigBee

Embedded Security © Prof. Dr. H. Schlingloff

Embedded Security © Prof. Dr. H. Schlingloff Infrastructure security  network access; keys installed in a trusted environment  integrity of packet routing Application data security  message integrity  authentication  data encryption Configurability of security  memory and computational constraints

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.