1. KAIS T Security architecture in a multi-hop mesh network Conference in France, 2006 2006. 9. 26. Presented by JooBeom Yun

2. 2 / 18 Security architecture in a multi-hop mesh network Contents Introduction Problematic State of the art and related works Ad-hoc network security Users’ access to wireless networks Proposed security architecture PANA framework Technical description Security analysis of the solution Future works Conclusions

3. 3 / 18 Security architecture in a multi-hop mesh network Introduction Multi-hop mesh network Extension of a wireless mesh network by an ad hoc network Authentication mechanism is essential In wireless network and in an ad hoc network The biggest problem Authentication of the mobile node

4. 4 / 18 Security architecture in a multi-hop mesh network Problematic Multi-hop mesh network inherits from the security problems Ad-hoc networks Passive eavesdropping, message replaying, message distorsion, active impersonation DoS Mesh network (Fake APs) Eavesdropping, tampering, DoS Access control enforced by operators Authentication, authorization Protect data exchanges

5. 5 / 18 Security architecture in a multi-hop mesh network State of the art and related works Ad-hoc network security Covers secure routing, key establishment, authentication, certification/revocation services Secure routing designed security protocols - ARAN[1], Ariadne[2], SAODV[3] Certification and revocation services Threshold cryptography[5,6], ID-based cryptography[7], both cryptography[8] Users’ access to wireless networks IEEE 802.1X standard EAP(Extensible Authentication Protocol) messages between the user and the AP PANA(Protocol for Carrying Authentication and Network Access) protocol Medium independent solution EAP messages to be carried over IP

6. 6 / 18 Security architecture in a multi-hop mesh network Proposed security architecture IEEE 802.1X Mobiles may be authenticated by the mesh AR Authentication is done at layer 2 (MAC address) The mobile is assumed to be directly attached to the mesh routers PANA Authenticate using the IP protocol EAP lower-layer Any EAP method is suitable for authentication PANA framework Technical description Security analysis of the solution

7. 7 / 18 Security architecture in a multi-hop mesh network PANA framework PANA Client (PaC) Request authentication, provide the credentials PANA Authentication Agent (PAA) Interacts with the AS to determine the access control state and communicates EP Enforcement Point (EP) Controls access of a new node to the network Authentication Server (AS) Verify the credentials of a node requiring access to the network Asked by the PAA

8. 8 / 18 Security architecture in a multi-hop mesh network Technical description (1/3) Configuration (e.g. DHCPv4) PANA Discovery phase and begin of Authentication and authorization phase Authorization [IKE-PSK, PaC-DI, Session-id] PANA-Bind-Request / PANA-Bind-Answer IKE SASA

9. 9 / 18 Security architecture in a multi-hop mesh network Technical description (2/3) Encapsulation of EAP packets during PANA authentication

10. 10 / 18 Security architecture in a multi-hop mesh network Technical description (3/3) EAP-MD5 Login/password Known vulnerabilities (dictionary and brute-force attacks) Does not support mutual authentication EAP-TLS Secure and robust against attacks Mutual authentication Protect network access by providing an IKE-PSK

11. 11 / 18 Security architecture in a multi-hop mesh network PANA/EAP-TLS authentication procedure (1/2) PANA-Auth-Request (EAP-Request/Identity) PANA-Auth-Answer (EAP-Response/ Identity (MyID))Access-Request (EAP-Response/ Identity (MyID)) Access-Challenge(EAP-Request/EAP-Type=EAP-TLS(TLS Start))PANA-Auth-Request(EAP-Request/EAP-Type=EAP-TLS(TLS Start)) PANA-Auth-Answer(EAP-Response/EAP-Type=EAP-TLS(TLS Client-hello)) Access-Request(EAP-Response/EAP-Type=EAP-TLS(TLS Client-hello)) Access-Challenge(EAP-Request/EAP-Type=EAP-TLS(TLS Server_hello, TLS certificate, [TLS server_key_exchange,][TLS Certificate_request,] TLS server_hello_done)) PANA-Auth-Request(EAP-Request/EAP-Type=EAP-TLS(TLS Server_hello, TLS certificate, [TLS server_key_exchange,][TLS Certificate_request,] TLS server_hello_done)) ① ② ③ ④ ⑤

12. 12 / 18 Security architecture in a multi-hop mesh network PANA/EAP-TLS authentication procedure (2/2) PANA-Auth-Answer (EAP-Response/ EAP-Type=EAP-TLS (TLS Certificate, TLS client_key_exchange, [TLS certificate_verify,] TLS Change_cipher_spec, TLS finished)) Access-Request (EAP-Response/ EAP-Type=EAP-TLS (TLS Certificate, TLS client_key_exchange, [TLS certificate_verify,] TLS Change_cipher_spec, TLS finished)) PANA-Auth-Answer (EAP-Response/ EAP-Type=EAP-TLS)EAP-Response/ EAP-Type=EAP-TLS Access-Challenge(EAP-Request/EAP-Type=EAP-TLS(TLS Change_cipher_spec, TLS finished)) Access-Accept(EAP-Success)PANA-Bind-Request (EAP-Success,Device-Id,[protection-Cap],MAC) PANA-Auth-Request(EAP-Request/EAP-Type=EAP-TLS(TLS Change_cipher_spec, TLS finished)) PANA-Bind-Answer (Device-Id,[protection-Cap],MAC) ⑥ ⑦

13. 13 / 18 Security architecture in a multi-hop mesh network IPsec/IKE protection Multi-hop environment Access control need to operate at the network layer or upper layers IPsec protocol suite Support strong access control to authenticate packets’ origin Provide data encryption (using ESP) In order to setup an IPsec security initiate IKE exchanges authenticate to each other.

14. 14 / 18 Security architecture in a multi-hop mesh network Security analysis of the solution (1/2) Protection against replay attacks Spoofing messages Sequence numbers are randomly initialized at the beginning of the session Protection against PaC DoS attacks Spoofed message MAC protection Providing message integrity Service theft attack provides message integrity and protects the PaC’s identifier. Spoofing PAA message An attacker can spoof PAA messages Less secure authentication method negotiate parameters after the establishment of PANA security association

15. 15 / 18 Security architecture in a multi-hop mesh network Security analysis of the solution (2/2) PAA DoS attack Overload the PAA with PANA-PAA-Discover messages Add a cookie (Device ID) to the PANA-Start-Request message DHCP DoS attack DoS attacks are possible by depleting the IP address space Other possible attacks Ad-hoc and mesh networks vulnerable to passive eavesdropping, message replaying, message distorsion, easy man-in-the-middle, active impersonation, DoS, IP spoofing Cryptographic technics(IPsec) – prevent eavesdropping, message distorsion, active impersonation Mesh networks Worst DoS is not possible (using access control) Access control, cryptographic technics

16. 16 / 18 Security architecture in a multi-hop mesh network Future works The proposed architecture combines PANA with EAP-TLS in a multi-hop mesh network. EAP-TLS Mutual authentication and strong robustness against attacks Heavy treatment (the use of asymmetric cryptography) Need PKI EAP-MD5 Simpler Vulnerable to eavesdropping attacks Working combine the simplicity of EAP-MD5 and the robustness of EAP-TLS PANA exposes to IP address starvation in IPv4. Adapting IEEE 802.1X to multi-hop mesh networks (new research direction)

17. 17 / 18 Security architecture in a multi-hop mesh network Conclusions Access network security in a multi-hop mesh network access control data protection IEEE 802.1X standard can be extended to support authentication in multi-hop mesh networks It’s not easy (modify the standard) A combination of EAP-TLS over PANA and IPsec has been proposed. PANA is relying on the availability of IP addresses. IPv6 Temporary private addresses

18. 18 / 18 Security architecture in a multi-hop mesh network Q & A