Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security in WAP and WTSL By Yun Zhou. Overview of WAP (Wireless Application Protocol)  Proposed by the WAP Forum (Phone.com, Ericsson, Nokia, Motorola)

Published byMyrtle Stanley Modified over 9 years ago

Similar presentations

Presentation on theme: "Security in WAP and WTSL By Yun Zhou. Overview of WAP (Wireless Application Protocol)  Proposed by the WAP Forum (Phone.com, Ericsson, Nokia, Motorola)"— Presentation transcript:

1 Security in WAP and WTSL By Yun Zhou

2 Overview of WAP (Wireless Application Protocol)  Proposed by the WAP Forum (Phone.com, Ericsson, Nokia, Motorola) in 1997.  A wireless communication model, similar to the ISO OSI model  An application environment for deploying wireless services regardless of different types of services, wireless bearers, and devices.  WAP provides a series of security measures  However, there are still various security loopholes in WAP.

3 WAP Architecture Components: WAP device (cell phone), WAP client/browser, User agent, Network operator (companies that provides bearer services), Bearer services (SMS, CDMA…), Application server

4 WAP Protocols Recall the ISO OSI model: WAE (Wireless Application Environment): WML, WMLScript WSP (Wireless Session Protocol) and WTP (Wireless Transaction Protocol): together provide session layer services connection oriented sessions or connectionless sessions. Reliable sessions can be resumed. WTLS (Wireless Transport Layer Security) (Optional)

5 Overview of WTLS  Based on TLS  Provides client-server mutual authentication, privacy, data integrity, non-repudiation  But not the same as TLS  Modifications due to  Narrow-bandwidth communication channel  Much less processing power  Much less memory  High loss ratio  Unexpected disconnections  Restrictions on exported encryption algorithms  Built on top of WDP and UDP (unreliable data transfer)  More security problems

6 WTLS Sub-Protocols  WTLS contains four sub-protocols:  Handshake protocol: Client and server negotiate over the security parameters to be used for later message exchanges  Alert protocol: Specifies the types of alerts and how to handle them. warning, critical, fatal Alerts can be sent by either the client or the server.  Application protocol: interface for the upper layer  Change Cipher Spec Protocol: Usually used towards the end of the handshake when the negotiation succeeds

7 What does the handshake specify?

8 Handshake Procedure Complete handshake Resume connection

9 How Security Functions Are Achieved  Authentication: Supports X.509v3 and X9.68 certificates, optimized sizes.  Key exchange: RSA, DH, ECC-DH (Preferable algorithm for WAP)  Bulk encryption algorithms: RC5 with 40, 56 or 128 bit keys, DES with 40 or 56 bit keys, 3DES, IDEA with 40, 56 or 128 bit keys, and ECC. (No stream ciphers) master_secret = PRF(pre_master_secret, "master secret", ClientHello.random + ServerHello.random) key_block = PRF(master_secret + expansion_label + seq_num + server_random + client_random); Keys and IVs are all generated from key_blocks. Keys are refreshed according to the negotiated frequency.  MAC algorithms: SHA-1, MD5, and SHA_XOR_40

10 Security Loopholes, Threats, Solutions - WAP Gateway  Decrypts and re-encrypts data – “White spot”  End-to-end security, but the ends are actually the web client and the gateway.  Solution by the network operators: Decrypts and re-encrypts only in the memory  Cannot solve the problem entirely: still uses swapfiles, hackers can do core dumps  Some companies try to completely get rid of the WAP gateway.

11 Deploy the Gateway in the Server’s network Decryption and re-encryption are done on the server side.

12 Security Loopholes, Threats, Solutions - WTLS  Has to use keys of small sizes: 40-bit DES -> 35 bits are actually used  Allows weak algorithms to be chosen  exchanges unauthorized messages or unencrypted packet fields, such as alert messages and recode_type field.  Vulnerable to viruses, Trojan horses, and worms.  Saarinen discussed a chosen plaintext data recovery attack, a datagram truncation attack, a message forgery attack, and a key-search shortcut for some exportable keys

13 Attack against SHA_XOR_40  SHA_XOR_40: Padded messages are divided into 5-byte blocks. All blocks are XOR’ed to get the digest.  Attack: Flip a bit in one block, flip the bit in the corresponding position in the digest  Tada! Message modification succeeds!

14 User Authentication vs. Device Authentication - WIM  Mobile devices are easy to lose  One British article reported that “for the first time of this century the umbrella has been overtaken as the most popular item to leave on a train — by mobile phones”.  Cannot authenticate user if the passwords and certificates are stored locally  Use WIM (Wireless Identity Module), which can be a smart card or a SIM card.  Dedicated memory  Provides user authentication  Need to keep it separately from the device. Hard to achieve.

15 References Arehart, C., Professional WAP, Wrox Press Ltd, 2000. Jormalainen, S., Laine, J. “Security in WTLS”, 10/1/2000. Referred on 3/24/2004], Nicolas, R., Lekkas, P. Wireless security : models, threats, and solutions. McGraw-Hill. 2002. Saarinen, Markku-Juhani, “Attacks against the WAP WTLS Protocol”, 9/221999 [Referred on 3/24/2004], Schneier, B., Applied Cryptography, Second Edition, John Wiley & Sons, Inc, p. 758, 1996. WAP Forum, “WAP Security Group (WSG) Charter”, 6/12/2002 [Referred on 3/24/2004].

Download ppt "Security in WAP and WTSL By Yun Zhou. Overview of WAP (Wireless Application Protocol)  Proposed by the WAP Forum (Phone.com, Ericsson, Nokia, Motorola)"

Similar presentations

Mobile Communication MMS.

Mobile Communication MMS.
Cryptography and Network Security Chapter 16

Cryptography and Network Security Chapter 16
Web security: SSL and TLS

Web security: SSL and TLS
Proposal for WAP-IETF co- operation on a wireless friendly TLS Tim Wright, Vodafone and chair WAP Security Group

Proposal for WAP-IETF co- operation on a wireless friendly TLS Tim Wright, Vodafone and chair WAP Security Group
1 Lecture 12 SSL/TLS (Secure Sockets Layer / Transport Layer Security) CIS 4362 - CIS 5357 Network Security.

1 Lecture 12 SSL/TLS (Secure Sockets Layer / Transport Layer Security) CIS CIS 5357 Network Security.
SMUCSE 5349/49 SSL/TLS. SMUCSE 5349/7349 Layers of Security.

SMUCSE 5349/49 SSL/TLS. SMUCSE 5349/7349 Layers of Security.
Cryptography and Network Security

Cryptography and Network Security
Secure Socket Layer.

Secure Socket Layer.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
17.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Security at the Transport Layer: SSL and TLS.

17.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Security at the Transport Layer: SSL and TLS.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Web Security (SSL / TLS)

Web Security (SSL / TLS)
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, I've Got You under My Skin“ by Cole Porter.

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Cryptography and Network Security Chapter 17 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 17 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Securing Network Communication. 2 Security Issues in Communication Privacy  Anyone can see content Integrity  Someone might alter content Authentication.

Securing Network Communication. 2 Security Issues in Communication Privacy  Anyone can see content Integrity  Someone might alter content Authentication.
 WAP WAP  Foundation Of WAP Foundation Of WAP  Benefits… Benefits…  Architecture… Architecture…  Layers of WAP protocol stack Layers of WAP protocol.

 WAP WAP  Foundation Of WAP Foundation Of WAP  Benefits… Benefits…  Architecture… Architecture…  Layers of WAP protocol stack Layers of WAP protocol.
A Survey of WAP Security Architecture Neil Daswani

A Survey of WAP Security Architecture Neil Daswani

Similar presentations

Ads by Google