Security Enhancement for Wireless Communication Bassam Almogahed.

Slides:

Advertisements

Similar presentations

MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.

Advertisements

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

Secure Socket Layer.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.

Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Block Ciphers 1 Block Ciphers Block Ciphers 2 Block Ciphers  Modern version of a codebook cipher  In effect, a block cipher algorithm yields a huge.

Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID

Network Security – Part 2 Public Key Cryptography Spring 2007 V.T. Raja, Ph.D., Oregon State University.

Wired Equivalent Privacy (WEP)

Chap 3: Key exchange protocols In most systems, we distinguish the short term keys from the long term ones: –A short term key (session key) is used to.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

IEEE Wireless Local Area Networks (WLAN’s).

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

1 Chap 1: Introduction Some background –The message is usually represented as M or P (plaintext), the encryption result is usually represented as C (ciphertext).

Dr Alejandra Flores-Mosri Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

Key Management and Distribution. YSLInformation Security – Mutual Trust2 Major Issues Involved in Symmetric Key Distribution For symmetric encryption.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques.

Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.

Practical Techniques for Searches on Encrypted Data Yongdae Kim Written by Song, Wagner, Perrig.

Security Considerations for Wireless Sensor Networks Prabal Dutta (614) Security Considerations for Wireless Sensor Networks.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Security. Cryptography Why Cryptography Symmetric Encryption – Key exchange Public-Key Cryptography – Key exchange – Certification.

Comparative studies on authentication and key exchange methods for wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:

Masud Hasan Secue VS Hushmail Project 2.

Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.

Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.

Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.

1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.

Wireless Security Presented by: Amit Kumar Singh Instructor : Dr. T. Andrew Yang.

4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.

Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!

WEP Protocol Weaknesses and Vulnerabilities

Information Security By:-H.M.Patel. Information security There are three aspects of information security Security service Security mechanism Security.

IPsec IPsec (IP security) Security for transmission over IP networks –The Internet –Internal corporate IP networks –IP packets sent over public switched.

IM NTU Distributed Information Systems 2004 Security -- 1 Security Yih-Kuen Tsay Dept. of Information Management National Taiwan University.

Digital Signatures, Message Digest and Authentication Week-9.

Lecture 2: Introduction to Cryptography

Chapter 1 – Introduction Part 4 1. Message Authentication Codes Allows for Alice and Bob to have data integrity, if they share a secret key. Given a message.

National Institute of Science & Technology WIRELESS LAN SECURITY Swagat Sourav [1] Wireless LAN Security Presented By SWAGAT SOURAV Roll # EE

Chapter 2 Symmetric Encryption.

Ch 13 Trustworthiness Myungchul Kim

Dan Boneh Introduction Course Overview Online Cryptography Course Dan Boneh.

802.11b Security CSEP 590 TU Osama Mazahir. Introduction Packets are sent out into the air for anyone to receive Eavesdropping is a much larger concern.

1 Authenticated Key Exchange Rocky K. C. Chang 20 March 2007.

Wired Equivalent Privacy (WEP) Chris Overcash. Contents What is WEP? What is WEP? How is it implemented? How is it implemented? Why is it insecure? Why.

Part 1  Cryptography 1 Integrity Part 1  Cryptography 2 Data Integrity  Integrity  detect unauthorized writing (i.e., modification of data)  Example:

Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.

Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Database architecture and security Workshop 4.

- Richard Bhuleskar “At the end of the day, the goals are simple: safety and security” – Jodi Rell.

CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.

@Yuan Xue 285: Network Security CS 285 Network Security Message Authentication Code Data integrity + Source authentication.

A Wireless LAN Security Protocol

MAC: Message Authentication Code

ANALYSIS OF WIRED EQUIVALENT PRIVACY

ATTACKS ON WINZIP ENCRYPTION

Security in Network Communications

Presentation transcript:

Security Enhancement for Wireless Communication Bassam Almogahed

Almogahed B 2 Agenda Introduction Introduction Materials and Methods Materials and Methods Results Results Conclusions Conclusions Recommendation Recommendation

Almogahed B 3 Introduction Legitimate users communicating via wireless networks Third party interrupting the communication between the two communicators Alice Bob Trudy

Almogahed B 4 Station in a network Wireless Routers Location A Location C Location B Physical Wireless Settings Materials and Methods

Almogahed B 5 Materials and Methods cont’d. Send through wireless network Location A Protocol (location A) Protocols and Methods Location C How Strong is the protocol? Location B Apply Protocol or Method Interrupt communication Test: How efficient is the protocol? Test Experiment Process

Almogahed B 6 Attacks: Attacks: Man-in-the-Middle AttackMan-in-the-Middle Attack Replay AttackReplay Attack Known Plaintext AttackKnown Plaintext Attack Exhaustive Search AttackExhaustive Search Attack Chosen Plaintext AttackChosen Plaintext Attack Materials and Methods cont’d.

Almogahed B 7 Materials and Methods cont’d

Almogahed B 8 Materials and Methods cont’d.

Almogahed B 9 Materials and Methods cont’d.

Almogahed B 10 Materials and Methods cont’d. Recorded Data Recorded Data What is the name of the protocol being tested?What is the name of the protocol being tested? What is the level of complexity?What is the level of complexity? Are the legitimate communicators able to communicate with each other?Are the legitimate communicators able to communicate with each other? How fast is the transition?How fast is the transition? Is the communication interrupted?Is the communication interrupted? Can the protocol be broken using any of the attack techniques? If so, which one(s)?Can the protocol be broken using any of the attack techniques? If so, which one(s)? What is the level of security?What is the level of security? What is the level reliability?What is the level reliability?

Almogahed B 11 Materials and Methods cont’d Ratings Standards HighMedium High Medium Low Secure key space key space key space key space Efficient1Mbps200kbps54kbps11kbps ComplexO(n) 2 O(nlogn)O(n)O(log n) Reliable%0.3<%0.9 <%2 <%10 > Test components and classifications

Almogahed B 12Results Medium Low Low High Medium High Authentication Protocols Experiment Results Standards Protocols SecurityEfficiencyComplexityReliability Public/Private Key Symmetric Key Hash Function Session Key

Almogahed B 13 Medium Low Low High Medium High Standards Methods SecurityEfficiencyComplexity Reliability CRC Check Symmetric Key Hash Algorithm Message Authentication Code (MAC) Integrity Experiment Results Results cont’d.

Almogahed B 14 Medium Low Low High Medium High Confidentiality Experiment Results Standards Methods SecurityEfficiencyComplexityReliability Symmetric Key Public/Private Key Hash Algorithm Stream Ciphers Results cont’d.

Almogahed B 15 Authentication Authentication The public key authentication protocol that Genentech currently uses is the only one to rank highly secure, but this security comes at the price of complexity and inefficiency.The public key authentication protocol that Genentech currently uses is the only one to rank highly secure, but this security comes at the price of complexity and inefficiency. The symmetric key protocol shows high efficiency, but is also very unreliable.The symmetric key protocol shows high efficiency, but is also very unreliable. The session key protocol offers very high efficiency and reliability, but lacks security.The session key protocol offers very high efficiency and reliability, but lacks security. The hash function protocol has by far the worst overall rating across the board with just mediocre levels of security, reliability and efficiency.The hash function protocol has by far the worst overall rating across the board with just mediocre levels of security, reliability and efficiency. Conclusions

Almogahed B 16 Conclusions Integrity Integrity The current Genentech integrity method, CRC, has very low security features although it is very efficient.The current Genentech integrity method, CRC, has very low security features although it is very efficient. MAC shows highest security with highest reliability rate among all methods tested.MAC shows highest security with highest reliability rate among all methods tested. Confidentiality Confidentiality All confidentiality methods tested are mostly secure.All confidentiality methods tested are mostly secure. The current method, symmetric key, is very efficient, but the least reliable compared to the other three methods.The current method, symmetric key, is very efficient, but the least reliable compared to the other three methods. Public key shows the highest security methods.Public key shows the highest security methods. stream ciphers shows the best overall combined results.stream ciphers shows the best overall combined results.

Almogahed B 17 Recommendation Combine public key and session key protocols for the authentication process. Use the public key protocol to deliver the session key used for the rest of the authentication process Combine public key and session key protocols for the authentication process. Use the public key protocol to deliver the session key used for the rest of the authentication process Use the public key system to encrypt and compute the message authentication code (MAC), which will in turn yield increased confidentiality and integrity together in one method. Use the public key system to encrypt and compute the message authentication code (MAC), which will in turn yield increased confidentiality and integrity together in one method.