Security in Wireless Networks Mike Swift CSE b Summer 2003
Standard Preamble What is different about wireless? –No authentication of access port –Battery-operated devices –Frequent use of broadcast –Easy sniffing / packet injection –Jamming
What are the problems? Denial of service –Battery usage –Physical layer: jamming (not our problem) –MAC layer and up: injected messages Confidentiality / integrity - More or less solved Secure association Routing -Preventing rogues from obtaining routes
Power DOS attacks Turn off antenna to save power –Spoof “no messages” message when awakes –Spoof “message poll” so discarded before awakes –Spoof timer so desynchronizes Receiving / sending packets require power consumption –Attacker can forcer receiver to use use power Send many packets Force it to resend packets Solution: –Power consumption management –Prioritize tasks when limited by power –Authenticate timer messages
MAC Layer DOS Attacks Problem –MAC layer message direct nodes when not to send messages RTS/CTS and NAV in reserve channel –MAC layer state machine directs nodes to ignore future messages Unauthenticated / unassociated state causes packets to be dropped silently States entered as result of unauthenticated messages –Power requirements for DOS very low –Commercial MAC implementations allow sending of arbitrary packets via. aux debug port
Solution to MAC layer DOS attacks Authenticate every messages –Prevents outsider from disassociating / unauthenticating Verify messages –Verify channel in use after RTS/CTS –Verify no more messages after disassociation
General approaches Sign every packet –Prevent attackers from spoofing management packets Authenticate then associate –Allows authentication of association management packets –Prevents any communication before authentication
Secure association How does my TV trust my remote? How does my laptop trust the printer in the airport? How do I get onto a wireless network?
Solutions for ad-hoc networks Location limited channels for key exchange –Physical contact –Direction-specific limited range (IR) –Demonstrative identification – easily visible –Pre-authentication: exchange keys before going wireless Resurrected duckling –First association is binding –Removing binding reincarnates device (loses all state)
Solutions for Access Points Two-layer protocols –Application layer: key negotiation and authentication –Link layer: message integrity and confidentiality Access points allow only limited connectivity before association –Communication only for authentication / address acquisition (DHCP)
Routing Routing works over unknown physical layout –Must infer topology / neighbors from messages sent Attacks: –Corrupting routing updates –Forwarding messages inappropriately (wormhole) Result of attacks –Can force all traffic through a node –Can break reachability
Routing security solutions Solutions: –Cryptography to prevent forging route messages (ask Ratul for details) Ensure that route metrics can only be increased, not decreased Ensure that metrics received along two paths are consistent –Ensure that packets received are physically sent (or possibly physically sent) by in-range sender
Wormhole Attack
Geographic Leashes E computes distance = 408 Distance too far! Requires GPS A(400,150),t1 A B C D(50,10),t2 B C D (400,150) (10,30),t3 (50,10) A(400,150),t1 E
Temporal Leashes E computes t3-t1 > c * max distance : denied E computes t3-t2 < c* max distance: accepted Requires clocks synchronized to 183 ns Requires RT OS/MAC to give deterministic packet delivery/receipt times A,t1 A B C D,t2 B C D E:t3 A,t1 E
General Principals Sign everything Authenticate first Use limited channels for initial authentication Trust, but verify –sender confirms intent to disconnect e.g. no more packets associates to another AP –sender in range