Presentation is loading. Please wait.

Presentation is loading. Please wait.

KAIS T Wireless Network Security and Interworking Minho Shin, et al. Proceedings of the IEEE, Vol. 94, No. 2, Feb. 2006 Hyeongseop Shim NS Lab, Div. of.

Published byAnnis Fox Modified over 8 years ago

Similar presentations

Presentation on theme: "KAIS T Wireless Network Security and Interworking Minho Shin, et al. Proceedings of the IEEE, Vol. 94, No. 2, Feb. 2006 Hyeongseop Shim NS Lab, Div. of."— Presentation transcript:

1 KAIS T Wireless Network Security and Interworking Minho Shin, et al. Proceedings of the IEEE, Vol. 94, No. 2, Feb. 2006 Hyeongseop Shim NS Lab, Div. of CS September 11, 2007

2 2 / Chapter 14. Multicast Security and Copyright Protection I Contents Introduction Security in 3G Overview of 802.11 Wi-Fi Protected Access (WPA) 3G/WLAN Interworking Conclusion

3 3 / Chapter 14. Multicast Security and Copyright Protection I Introduction Why wireless internetworking? Various wireless technologies From WPANs to 3G cellular networks No single technology considered best Different coverage and bandwidth limitations For ubiquitous and high-performance wireless services Security and performance in wireless internetworking Composition of secure architectures May produce an insecure result High bandwidth with mobility Demands efficient authentication during handover

4 4 / Chapter 14. Multicast Security and Copyright Protection I Security in 3G (1/3) AKA Protocol in UMTS MS Home Network Serving Network Registration Request Auth Request AV = (RAND, XRES, CK, IK, AUTN) Challenge = (RAND, AUTN) Verify AUTN Compute RES Retrieve user-specific K from its subscriber DB Generate RAND Generate AV Response = RES Verify RES Channel Established

5 5 / Chapter 14. Multicast Security and Copyright Protection I Security in 3G (2/3) Access security in CDMA2000 Adopted the AKA protocol with an optional extension New cryptographic functions f11 generates a UAK (UIM Authentication Key) to include in the AV UMAC is the message authentication function on UAK UAK protects a rogue shell attack

6 6 / Chapter 14. Multicast Security and Copyright Protection I Security in 3G (3/3) Security issues in AKA Separation of the AV generation and authentication Facilitates faster roaming But requires a trust relationship roaming partners Not a full mutual authentication Network authenticates the user by challenge-response User only authenticates the network by verifying a MAC

7 7 / Chapter 14. Multicast Security and Copyright Protection I Overview of 802.11 (1/2) Authentication Open system authentication Shared key authentication Uses challenge-response with a shared key InitiatorResponder Challenge Tex t = WEP PRNG(K, IV) Auth Request Challenge Text Verify CRC ICV and Challenge Text e K (Challenge Text||new IV)

8 8 / Chapter 14. Multicast Security and Copyright Protection I Overview of 802.11 (2/2) Access Control Closed network access control Clients with knowledge of the network name or SSID can join Access control lists Each AP limits client to those using a listed MAC address Security problems

9 9 / Chapter 14. Multicast Security and Copyright Protection I Wi-Fi Protected Access (1/3) Wi-Fi Protected Access (WPA) New security architecture for 802.11 by Wi-Fi Alliance WPA I Interim solution Required only firmware and driver updates WPA 2 Complete redesign New algorithms and, unfortunately, new hardware as well

10 10 / Chapter 14. Multicast Security and Copyright Protection I Wi-Fi Protected Access (2/3) Authentication and access control Restricts network connectivity to authorized users via 802.1X IEEE 802.1X standard Provides a framework where various authentication methods can be used Employs the EAP (Extensible Authentication Protocol) Any auth mechanism can be encapsulated in the EAP req/res msgs EAP can route message to a centralized server

11 11 / Chapter 14. Multicast Security and Copyright Protection I Wi-Fi Protected Access (3/3) Known security problems Venerable to DoS attacks Management frame are not protected nor authenticated Possible hijack of sessions without encryption Trust relationships with the WPA Trust in the AP

12 12 / Chapter 14. Multicast Security and Copyright Protection I 3G/WLAN Interworking (1/9) Roaming scenario IL-3G, NY-3G, NY-WLAN Case 1 NY-WLAN operates independently Bill already has an account with NY-WLAN Case 2 IL-3G has a roaming agreement with WLAN Case 3 IL-3G and NY-WLAN do not have a roaming agreement But NY-3G and NY-WLAN do

13 13 / Chapter 14. Multicast Security and Copyright Protection I 3G/WLAN Interworking (2/9) Independent internetwork authentication Makes no effort at integration In Case 1 Bill already has a security association with NY-WLAN Solution to authenticate by the new network protocol Discussion Does not require a trust relationship between networks Roaming agreement, secure channel Accounting billing of each network should be independent

14 14 / Chapter 14. Multicast Security and Copyright Protection I 3G/WLAN Interworking (3/9) Centralized internetwork authentication In Case 2 Bill can use NY-WLAN’s service without registration NY-WLAN authenticates Bill’s account from IL-3G Centralized authentication methods Foreign network ensures that the client is legitimate user of the home network

15 15 / Chapter 14. Multicast Security and Copyright Protection I 3G/WLAN Interworking (4/9) Centralized internetwork authentication (Cont.) Proactive key distribution 1. oAS detects MS’s visit 2. oAS requests H-AAA for context distribution 3. H-AAA calculates potential nASs 4. H-AAA predistributes context to nASs

16 16 / Chapter 14. Multicast Security and Copyright Protection I 3G/WLAN Interworking (5/9) Centralized internetwork authentication (Cont.) Discussion Foreign and home networks should have roaming agreement With N networks, overhead of roaming agreement is O(N 2 ) Introduction of dedicated third party, an AAA-broker Centralized authentication methods High authentication latency Proactive key distribution schemes Require accurate handoff prediction system

17 17 / Chapter 14. Multicast Security and Copyright Protection I 3G/WLAN Interworking (6/9) Context Transfer In Case 3 Suppose NY-3G and NY-WLAN trust each other enough to share Bill’s info NY-3G can provide Bill’s security context to NY-WLAN to allow to access Reactive context transfer Context is delivered from the old network to the new network after handoff 1. MS visits new network 2. nAS obtains the address of oAS 3. nAS requests context transfer to oAS 4. oAS transfers context of MS to nAS 5. After verifying the context, nAS allows MS to access 6. H-AAA may optionally verify MS’s authenticity after handoff

18 18 / Chapter 14. Multicast Security and Copyright Protection I 3G/WLAN Interworking (7/9) Context Transfer (Cont.) Proactive context transfer Context transfer occurs before MS visits the new network Soft handoff and prediction 1. oAS detects MS’s visit 2. oAS calculates potential nASs 3. oAS predistributes context to nASs

19 19 / Chapter 14. Multicast Security and Copyright Protection I 3G/WLAN Interworking (8/9) Context Transfer (Cont.) Ticket forwarding oAS can issue a ticket containing context to the client 1. Client provide n AS with the ticket upon visit 2. oAS detects MS’s visit 3. oAS calculates potential nASs 4. oAS issues tickets for each potential nAS, and sends to MS 5. MS provides nAS with corresponding ticket after handoff 6. nAS verifies the ticket and accepts MS

20 20 / Chapter 14. Multicast Security and Copyright Protection I 3G/WLAN Interworking (9/9) Context Transfer (Cont.) Discussion Allows a network verify authenticity of MS not from scratch Accounting and billing is an open issue Security based on the strong assumption nAS believes that the association between MS and oAS is secure

21 21 / Chapter 14. Multicast Security and Copyright Protection I Conclusion Access security in 3G AKA Protocol in UMTS and CDMA200 Overview of 802.11 Wi-Fi Protected Access (WPA) 3G/WLAN Interworking Centralized internetwork authentication Context transfer

Download ppt "KAIS T Wireless Network Security and Interworking Minho Shin, et al. Proceedings of the IEEE, Vol. 94, No. 2, Feb. 2006 Hyeongseop Shim NS Lab, Div. of."

Similar presentations

Rocket Software, Inc. Confidential James Storey General Manager, OSS Unit Rocket Software APNOMS 2003: Managing Pervasive Computing and Ubiquitous Communications.

Rocket Software, Inc. Confidential James Storey General Manager, OSS Unit Rocket Software APNOMS 2003: Managing Pervasive Computing and Ubiquitous Communications.
Unlicensed Mobile Access (UMA) Dasun Weerasinghe School of Engineering and Mathematical Sciences City University London.

Unlicensed Mobile Access (UMA) Dasun Weerasinghe School of Engineering and Mathematical Sciences City University London.
URP Usage Scenarios for NAS Yoshihiro Ohba August 2001 Toshiba America Research, Inc.

URP Usage Scenarios for NAS Yoshihiro Ohba August 2001 Toshiba America Research, Inc.
UMA (Unlicensed Mobile Access) El Ayoubi Ahmed Hjiaj Karim.

UMA (Unlicensed Mobile Access) El Ayoubi Ahmed Hjiaj Karim.
Inter-Subnet Mobile IP Handoffs in 802.11b Wireless LANs Albert Hasson.

Inter-Subnet Mobile IP Handoffs in b Wireless LANs Albert Hasson.
Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.

Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.
How secure are 802.11b Wireless Networks? By Ilian Emmons University of San Diego.

How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
MITP | Master of Information Technology Program Securing Wireless LAN using Cisco-based technology Campus Crew Study Group Paul Matijevic Ed McCulloch.

MITP | Master of Information Technology Program Securing Wireless LAN using Cisco-based technology Campus Crew Study Group Paul Matijevic Ed McCulloch.
Ubiquitous Access Control Workshop 1 7/17/06 Access Control and Authentication for Converged Networks Z. Judy Fu John Strassner Motorola Labs {judy.fu,

Ubiquitous Access Control Workshop 1 7/17/06 Access Control and Authentication for Converged Networks Z. Judy Fu John Strassner Motorola Labs {judy.fu,
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
E-mail: kemal@cs.siu.edu Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE 802.11.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
IEEE 802.11 Wireless Local Area Networks (WLAN’s).

IEEE Wireless Local Area Networks (WLAN’s).
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
1 An overview Always Best Connected Networks Dênio Mariz Igor Chaves Thiago Souto Aug, 2004.

1 An overview Always Best Connected Networks Dênio Mariz Igor Chaves Thiago Souto Aug, 2004.

Similar presentations

Ads by Google