Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mark A. Shaw CS 522 Project Presentation

Published bySigrid Kaufman Modified over 6 years ago

Similar presentations

Presentation on theme: "Mark A. Shaw CS 522 Project Presentation"— Presentation transcript:

1 Mark A. Shaw CS 522 Project Presentation
Wireless Application Protocol and the Wireless Transport Layer Security Mark A. Shaw CS 522 Project Presentation

2 Mark A. Shaw mashaw@mail.uccs.edu
Introduction WAP SonyEricsson develop Intelligent Terminal Transfer Protocol (ITTP) for Value Added Services (VAS) Unwired Planet (n.k.a Phone.com) develop Handheld Device Markup Language (HDML) and Handheld Device Transfer Protocol (HDTP) Nokia develop Smart Messaging, Timetabling Markup Language (TTML) – 1997 WAP Forum formed in June 1997 WTLS Security Layer for WAP Based on Transport Layer Security v.1.0 (SSL) Optimized Handshaking Long Lasting Secure Sessions 9/20/2018 Mark A. Shaw

3 Mark A. Shaw mashaw@mail.uccs.edu
WAP Architecture 9/20/2018 Mark A. Shaw

4 Mark A. Shaw mashaw@mail.uccs.edu
WAP Development WAP is designed to work on any of the existing wireless services, using standards such as: Short Message Service (SMS) High-Speed Circuit-Switched Data (CSD) General Packet Radio Service (GPRS) Unstructured Supplementary Services Data (USSD) 9/20/2018 Mark A. Shaw

5 Mark A. Shaw mashaw@mail.uccs.edu
WAP Limitations Limited CPU, Memory Limited Bandwidth I’m Popular! Limited Display Limited Keyboard 9/20/2018 Mark A. Shaw

6 Application Layer (WAE) Transaction Layer (WTP)
WAP Protocol Stack Application Layer (WAE) Other Services & Applications Session Layer (WSP) Transaction Layer (WTP) Security Layer (WTLS) Transport Layer (WDP) Bearers: GSM CDMA CDPD IS-136 iDEN 9/20/2018 Mark A. Shaw

7 WAP Protocol Stack (‘Cont’)
Makes applications independent of bearers and other hardware External applications and services may access the layers directly Modified to allow for Lower Bandwidth (9.6kbps – 14.4kbps) Network latency (6 – 10 seconds on SMS) Unreliable connections 9/20/2018 Mark A. Shaw

8 Wireless Transport Layer Security (WTLS)
WTLS is an optional layer Privacy thru encryption Authentication & nonrepudiation thru digital certificates Compression Elliptic Curve Cryptography (ECC) 9/20/2018 Mark A. Shaw

9 Mark A. Shaw mashaw@mail.uccs.edu
WTLS ‘Cont’ WTLS is a variant of TLS optimized for use in wireless applications Authentication: Asymmetric Key Crypto Class 1: No Authentication Class 2: Server Authentication Class 3: Mutual Authentication Privacy: Symmetric Key Crypto Data Integrity: MACs 9/20/2018 Mark A. Shaw

10 WTLS Class 1 Authentication
ClientHello > ServerHello < ServerHelloDone ClientKeyExchange ChangeCipherSpec Finished > < Finished Application Data < > Application Data 9/20/2018 Mark A. Shaw

11 WTLS Class 2 Authentication
Server Authentication Only ClientHello > ServerHello Certificate < ServerHelloDone ClientKeyExchange ChangeCipherSpec Finished > < Finished Application Data < > Application Data 9/20/2018 Mark A. Shaw

12 WTLS Class 3 Authentication
Mutual Authentication Client Hello > ServerHello Certificate CertificateRequest < ServerHelloDone ClientKeyExchange (only for RSA) CertificateVerify ChangeCipherSpec Finished > < Finished Application Data < > Application Data 9/20/2018 Mark A. Shaw

13 Mark A. Shaw mashaw@mail.uccs.edu
WTLS Security Issues WTLS allows for weak encryption algorithms Plain-text data recovery attack Datagram truncation attack Message forgery attack Exportable key-search shortcut 9/20/2018 Mark A. Shaw

14 Mark A. Shaw mashaw@mail.uccs.edu
WAP Future? Diminishing Popularity Replaced in favor of Outdated Specifications 9/20/2018 Mark A. Shaw

15 Mark A. Shaw mashaw@mail.uccs.edu
Resources Nokia WAP Developer Forum WAP-210, Wireless Application Protocol Architecture Specification WAP-191, Wireless Markup Language Specification WAP-193, WMLScript Language Specification WAP-261, Wireless Transport Layer Security Specification WAP-161, WMLScript Crypto API Library WAP-187, WAP Transport Layer E2E Security Specification WAP-217, WAP Public Key Infrastructure Definition Computer Networks, Andrew S. Tanenbaum, 4th Edition Network Security with OpenSSL, Viega, Messier & Chandra Secure Network Programming Cookbook for C and C++, Viega, Messier, & Spafford 9/20/2018 Mark A. Shaw

16 Mark A. Shaw mashaw@mail.uccs.edu
The End Questions? 9/20/2018 Mark A. Shaw

Download ppt "Mark A. Shaw CS 522 Project Presentation"

Similar presentations

Wireless Markup Language

Wireless Markup Language
SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.

SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.
Mobile Communication MMS.

Mobile Communication MMS.
Proposal for WAP-IETF co- operation on a wireless friendly TLS Tim Wright, Vodafone and chair WAP Security Group

Proposal for WAP-IETF co- operation on a wireless friendly TLS Tim Wright, Vodafone and chair WAP Security Group
1 Lecture 12 SSL/TLS (Secure Sockets Layer / Transport Layer Security) CIS 4362 - CIS 5357 Network Security.

1 Lecture 12 SSL/TLS (Secure Sockets Layer / Transport Layer Security) CIS CIS 5357 Network Security.
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
17.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Security at the Transport Layer: SSL and TLS.

17.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Security at the Transport Layer: SSL and TLS.
 WAP WAP  Foundation Of WAP Foundation Of WAP  Benefits… Benefits…  Architecture… Architecture…  Layers of WAP protocol stack Layers of WAP protocol.

 WAP WAP  Foundation Of WAP Foundation Of WAP  Benefits… Benefits…  Architecture… Architecture…  Layers of WAP protocol stack Layers of WAP protocol.
Introduction to M-Commerce. Overview What is M-Commerce? Security Issues Usability Issues Heterogeneity Issues Business Model Issues Case Studies / Examples.

Introduction to M-Commerce. Overview What is M-Commerce? Security Issues Usability Issues Heterogeneity Issues Business Model Issues Case Studies / Examples.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
A Survey of WAP Security Architecture Neil Daswani

A Survey of WAP Security Architecture Neil Daswani
CSC8530 Distributed Systems, Summer 2002 1 WAP Overview Amarnath Chitti.

"CSC8530 Distributed Systems", Summer WAP Overview Amarnath Chitti.
Cryptographic Execution Time for WTLS Handshakes on Palm OS Devices Neil Daswani September 21, 2000.

Cryptographic Execution Time for WTLS Handshakes on Palm OS Devices Neil Daswani September 21, 2000.
WML by Mary Lee, Doug Kondor, Thu Nguyen. C499 PresentationML 2 Agenda MARY LEE Introduction History Security Issue THU NGUYEN Design Syntax DOUG KONDOR.

WML by Mary Lee, Doug Kondor, Thu Nguyen. C499 PresentationML 2 Agenda MARY LEE Introduction History Security Issue THU NGUYEN Design Syntax DOUG KONDOR.
Wireless Application Protocol and i-Mode By Sridevi Madduri Swetha Kucherlapati Sharrmila Jeyachandran.

Wireless Application Protocol and i-Mode By Sridevi Madduri Swetha Kucherlapati Sharrmila Jeyachandran.
Intro to SSL/TLS Network Security Gene Itkis. 6/14/2015 Gene Itkis: CS558 Network Security 2 Origins Internet Engineering Task Force (IETF) –www.ietf.orgwww.ietf.org.

Intro to SSL/TLS Network Security Gene Itkis. 6/14/2015 Gene Itkis: CS558 Network Security 2 Origins Internet Engineering Task Force (IETF) –
Wireless Application Protocol John Bollen MBA 651.

Wireless Application Protocol John Bollen MBA 651.
Intro to SSL/TLS Network Security Gene Itkis. 6/23/2015 cs458-658 Network Security (Gene Itkis) 2 Origins Internet Engineering Task Force (IETF) –www.ietf.orgwww.ietf.org.

Intro to SSL/TLS Network Security Gene Itkis. 6/23/2015 cs Network Security (Gene Itkis) 2 Origins Internet Engineering Task Force (IETF) –
WAP: Wireless Application Protocol Mike Mc Ardle ACSG April, 2005.

WAP: Wireless Application Protocol Mike Mc Ardle ACSG April, 2005.
WAP Wireless Application Protocol CSI 668 Professor Meihua, Chen Presented by Min, Wu April 04,2001.

WAP Wireless Application Protocol CSI 668 Professor Meihua, Chen Presented by Min, Wu April 04,2001.

Similar presentations

Ads by Google