Presentation is loading. Please wait.

Presentation is loading. Please wait.

Technische Universität München WISTP 2007 Mobile Phones as Secure Gateways for Message-Based Ubiquitous Communication 10 th May 2007 W. Bamberger, O. Welter.

Published byTobias Manning Modified over 8 years ago

Similar presentations

Presentation on theme: "Technische Universität München WISTP 2007 Mobile Phones as Secure Gateways for Message-Based Ubiquitous Communication 10 th May 2007 W. Bamberger, O. Welter."— Presentation transcript:

1 Technische Universität München WISTP 2007 Mobile Phones as Secure Gateways for Message-Based Ubiquitous Communication 10 th May 2007 W. Bamberger, O. Welter and S. Spitz

2 Technische Universität München 2 Overview Communication scenario Transport security Platform security Key management Selected attacks

3 Technische Universität München 3 Communication scenario How does the communication work? Communication scenario Transport security Platform security Key management Selected attacks

4 Technische Universität München 4 Communication scenario Short range ad-hoc link (e.g. Bluetooth) Web service Logical transport channel Message-based tunnel Randomly passing mobile phone

5 Technische Universität München 5 Communication scenario External MachineGatewayProxy

6 Technische Universität München 6 Transport security What security mechanisms are needed for the data transmission? Communication scenario Transport security Platform security Key management Selected attacks

7 Technische Universität München 7 Requirements ● Integrity ● Authentication / access control ● Non-repudiation ● Confidentiality (optional) ● Anonymity ● Availability ● For machines with very low computation power

8 Technische Universität München 8 Message constitution ● Message content encrypted for confidentiality ● MAC for access control (Verifiable by each hop/relay) ● MAC for non-repudiation (Only verifiable by proxy in the mobile network) Content MAC-ACHeader MAC-NRMAC-AC

9 Technische Universität München 9 Non-repudiation keys... Each key has associated a version number and an expiration date.

10 Technische Universität München 10 Access control keys Each key has associated a version number and an expiration date.

11 Technische Universität München 11 Key derivation (external machine) Derivation function of the Transport Layer Security (TLS) 1.2 draft Access control keys Non- repudiation key Message key Access control MAC Non-repudiation MAC Encryptio n

12 Technische Universität München 12 Platform security How can we store and process the keys in a secure manner? Communication scenario Transport security Platform security Key management Selected attacks

13 Technische Universität München 13 Security architecture in the gateway SIM as an accepted secure processing module

14 Technische Universität München 14 Key management How are keys renewed? How are keys revoked? Communication scenario Transport security Platform security Key management Selected attacks

15 Technische Universität München 15 Key update Key renewal request (Key ID, version number) Key renewal response (Encrypted new key, MAC) Gatewa y Prox y = XOR External machine Gatewa y → Overlapping interval of validity

16 Technische Universität München 16 Key revocation message ● Indicates that a certain key has been compromised ● MAC with the revoked key for validation ● Passed to all gateways and external machines VersionMAC K Key ID

17 Technische Universität München 17 What does this offer? ● A dynamic symmetric key infrastructure → Improved security ● All access control keys on all devices can be updated automatically → No service intervention necessary ● Non-repudiation keys must be renewed manually (on-site)

18 Technische Universität München 18 Selected attacks Summarising the system by discussing selected attacks Communication scenario Transport security Platform security Key management Selected attacks

19 Technische Universität München 19 Attacks on the external machine ● Capturing all packets with a faked gateway →Heuristic for distribution re-transmitted packets among several gateways →Gateway authentication possible

20 Technische Universität München 20 Attacks on the data packet ● Attacking the MAC →We use message keys →Secure hash functions necessary (see HMAC specification)

21 Technische Universität München 21 Attacks on the gateway ● Attacking the keys on the SIM →2 key sets →Access control keys are not sufficient (One non-repudiation keys necessary) ● Faked messages (e.g. replay attack) →Access control MAC, nonce

22 Technische Universität München 22 Attacks on the proxy ● Faked messages (e.g. replay attacks) →Detection: ● 2 MACs ● certain key combinations ● Nonce and other header values →Reaction (depending on the attack): ● Revoking keys ● Refusing the PDP context

23 Technische Universität München 23 Overall summary ● Introduction of a complex communication system ● SIM as a key storage and processing unit → Slow but rather secure → Available in every mobile phone ● Based on a symmetric key infrastructure for message authentication → Highly dynamic to easily detect and react on attacks

24 Technische Universität München 24 The End

25 Technische Universität München 25 Questions? Web service

26 Technische Universität München 26 Backup

27 Technische Universität München 27 Key roll-out to the mobile phone A new SIM card contains – an initial set of access control keys – a unique asymmetric key pair (for key management only) – the software With the asymmetric key pair compromised keys can be renewed (see key revocation)

28 Technische Universität München 28 Key roll-out to the external machine ● Each company has one non-repudiation key and six access control keys ● Deployment is a company internal process ● Balance between security and simplicity ● Example – All keys are handled only in a specific department / room / by a specific person. – They leave this room only encrypted. – There is a master key in every machine with which the keys can be decrypted. – The keys are deployed / renewed on a cheap flash memory in an encrypted form.

29 Technische Universität München 29 Key storage review ● With the SIM card there is a secure and appropriate key storage and processing area in each mobile phone. → No extra effort necessary ● The security level on the machine's side is company specific. → Each company knows only 6 access control keys and has 1 individual non-repudiation key

30 Technische Universität München 30 Key update Gateway – Requests a new key with its asymmetric key pair External Machine – Uses only the remaining 5 access control keys – Needs on-site service some time later for key update

31 Technische Universität München 31 Key roll-out Gateway: A new SIM card contains – an initial set of access control keys – the software – a unique asymmetric key pair (for key management only) External Machine: – Deployment is a company internal process – Each company only has six access control keys and one non-repudiation key – Keys should be encrypted

32 Technische Universität München 32 Keys of the external machine ● Machines are mainly closed environments ● Hardware break-in thinkable ● Key distribution is a company internal process →Encrypted form for distribution and storage should be forced. →Only 6 access control keys per machine

33 Technische Universität München 33 Communication scenario Short range ad-hoc link (e.g. Bluetooth) Cellular mobile communication link Web service Backbone network / Internet Randomly passing mobile phone Logical transport channel Message-based tunnel

Download ppt "Technische Universität München WISTP 2007 Mobile Phones as Secure Gateways for Message-Based Ubiquitous Communication 10 th May 2007 W. Bamberger, O. Welter."

Similar presentations

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Key Provisioning Use Cases and Requirements 67 th IETF KeyProv BOF – San Diego Mingliang Pei 11/09/2006.

Key Provisioning Use Cases and Requirements 67 th IETF KeyProv BOF – San Diego Mingliang Pei 11/09/2006.
Authentication In Mobile Internet Protocol version 6 Liu Ping Supervisor: professor Jorma Jormakka.

Authentication In Mobile Internet Protocol version 6 Liu Ping Supervisor: professor Jorma Jormakka.
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.

E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.
Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.

Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.
Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)

Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)
Key Management Lifecycle. Cryptographic key management encompasses the entire lifecycle of cryptographic keys and other keying material. Basic key management.

Key Management Lifecycle. Cryptographic key management encompasses the entire lifecycle of cryptographic keys and other keying material. Basic key management.
Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)

Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.

Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Information Systems Security

Information Systems Security
Chapter 4 Application Level Security in Cellular Networks.

Chapter 4 Application Level Security in Cellular Networks.
1 CMPT 471 Networking II Authentication and Encryption © Janice Regan, 2006-2013.

1 CMPT 471 Networking II Authentication and Encryption © Janice Regan,
Security Patterns for Web Services 02/03/05 Nelly A. Delessy.

Security Patterns for Web Services 02/03/05 Nelly A. Delessy.
Security fundamentals Topic 5 Using a Public Key Infrastructure.

Security fundamentals Topic 5 Using a Public Key Infrastructure.

Similar presentations

Ads by Google