Presentation is loading. Please wait.

Presentation is loading. Please wait.

Syed Rafiul Hussain*, Mitziu Echeverria†, Ankush Singla*,

Published byMildred Flynn Modified over 4 years ago

Similar presentations

Presentation on theme: "Syed Rafiul Hussain*, Mitziu Echeverria†, Ankush Singla*,"— Presentation transcript:

1  Insecure Connection Bootstrapping in Cellular Networks: The Root of All Evil
Syed Rafiul Hussain*, Mitziu Echeverria†, Ankush Singla*, Omar Chowdhury†, Elisa Bertino* Purdue University, University of Iowa

2 Initial Connection Setup with a Base Station in 4G and 5G Networks
Time & Frame Synchronization System Info. Block Master info. Block Frame Synch.

3 Fake Base Station in 4G and 5G Networks
How can we prevent cellular devices from connecting to Fake Base Stations? IMSI Response Authentication Reject Registration Reject IMSI Request IMSI: International Mobile Subscriber Identity

4 Potential Defense Techniques Against Fake Base Station
Attack Specific Defense Prevent Spoofing of Individual Messages Generic Defense Prevent Spoofing of Broadcast Messages IMSI Request Registration Reject Authentication Reject IMSI Request Registration Reject Authentication Reject

5 Preventing Broadcast Spoofing
Symmetric Key Based Broadcast Authentication TESLA-based Broadcast Authentication msg 2, MAC2, Key 1 Secure Channel msg 3, MAC3, Key 2 Secure channel establishment Delayed key disclosure

6 1. Certificate chain length 2. Certificate Revocation
PKI-based Mechanism MME UE Base Station Core Network 1. Certificate chain length 2. Certificate Revocation 3. Signature Generation Overhead 4. MitM Relay Self-signed MME-signed CN-signed MIB, 𝐒𝐈 𝐆 𝐁𝐒 , 𝐜𝐞𝐫 𝐭 𝐌𝐌𝐄 , 𝐜𝐞𝐫 𝐭 𝐂𝐍 SIB1, 𝐒𝐈 𝐆 𝐁𝐒 , 𝐜𝐞𝐫 𝐭 𝐌𝐌𝐄 , 𝐜𝐞𝐫 𝐭 𝐂𝐍 6

7 Optimized PKI Scheme (1/3)
A Lightweight Design of Certificate for Cellular Network Propose a specialized certificate format Base Station’s Public Key Cell ID location expiration time signature of MME

8 Protocol-Level Optimizations
Which messages require authentication? Which SIBs require authentication? Frame Synch. Sys. Info. Block Type 1 Master info. Block Sys. Info. Block Type 2 System Info. Block Minimize certificate chain’s transmission SIB 1, SIGN_SIB1 CERT CHAIN SIB2, SIGN_SIB2 Aggregating Authentication

9 Cryptographic Scheme-level Optimization
Reduce the size of the signatures Aggregate SIGN SIB1, SIGN_BS, SIGN_MME, SIGN_CN Compute the expensive crypto operations at offline

10 Countermeasure for Relay Attacks
Distance Bounding Protocol Allow a bootstrapping message to be valid for a short time SIB1, Aggregate SIGN, Timestamp, ∆t, location t rcvd − t gen < ∆ t

11 Evaluation Results End-to-end delay induced by different digital signature schemes against baseline

12 Conclusion Prevents devices to connect to malicious base stations.
Moderate Overhead (Max: 220 bytes, 28 ms). Backward compatibility.

13 Thank You

14 Syed Rafiul Hussain Purdue University hussain1@purdue.edu
Insecure Connection Bootstrapping in Cellular Networks: The Root of All Evil Syed Rafiul Hussain Purdue University

Download ppt "Syed Rafiul Hussain*, Mitziu Echeverria†, Ankush Singla*,"

Similar presentations

Giuseppe Bianchi Lecture 6.1: Extras: Merkle Trees.

Giuseppe Bianchi Lecture 6.1: Extras: Merkle Trees.
CS470, A.SelcukSSL/TLS & SET1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukSSL/TLS & SET1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
A Survey of Secure Wireless Ad Hoc Routing

A Survey of Secure Wireless Ad Hoc Routing
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
LOGO Multi-user Broadcast Authentication in Wireless Sensor Networks ICU 20082065 Myunghan Yoo.

LOGO Multi-user Broadcast Authentication in Wireless Sensor Networks ICU Myunghan Yoo.
Secure and Efficient Key Management in Mobile Ad Hoc Networks Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, Spyros Magliveras Department of Computer.

Secure and Efficient Key Management in Mobile Ad Hoc Networks Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, Spyros Magliveras Department of Computer.
Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Anand Patwardhan Jim.

Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Anand Patwardhan Jim.
Cryptography for Backup Navigation

Cryptography for Backup Navigation
Security Issues In Sensor Networks By Priya Palanivelu.

Security Issues In Sensor Networks By Priya Palanivelu.
Packet Leashes: A Defense against Wormhole Attacks in Wireless Networks Yih-Chun Hu (Carnegie Mellon University) Adrian Perrig (Carnegie Mellon University)

Packet Leashes: A Defense against Wormhole Attacks in Wireless Networks Yih-Chun Hu (Carnegie Mellon University) Adrian Perrig (Carnegie Mellon University)
Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.

Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
Key Distribution in Sensor Networks (work in progress report) Adrian Perrig UC Berkeley.

Key Distribution in Sensor Networks (work in progress report) Adrian Perrig UC Berkeley.
SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, J.D. Tygar Research Topics in Security in the context.

SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, J.D. Tygar Research Topics in Security in the context.
SPINS: Security Protocols for Sensor Networks Adrian Perrig Robert Szewczyk Victor Wen David Culler Doug TygarUC Berkeley.

SPINS: Security Protocols for Sensor Networks Adrian Perrig Robert Szewczyk Victor Wen David Culler Doug TygarUC Berkeley.
A Lightweight Hop-by-Hop Authentication Protocol For Ad- Hoc Networks Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date:2005/01/20.

A Lightweight Hop-by-Hop Authentication Protocol For Ad- Hoc Networks Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date:2005/01/20.
ITIS 6010/8010: Wireless Network Security Weichao Wang.

ITIS 6010/8010: Wireless Network Security Weichao Wang.

Similar presentations

Ads by Google