4 Wireless Security Technologies - NICT · level authentication and, then, discusses the vertical...

51MIYAMOTO Goh and KURODA Masahiro

1 Introduction

The ubiquitous environment is expected tobe always connected to network. The nextgeneration wireless network, called theBeyond 3 G, that integrates various radio sys-tems, such as 3 G, WLAN and wirelessMANs, is a candidate for the environment. Itprovides an all IP wireless solution to IP ser-vices, taking advantage of each radio system.

There are activities to integrate wirelessnetworks into all IP network using IP tech-nologies［1］-［3］. The main idea is to localizeradio dependent functions as much as possibleand to have a common IP layer to supportmobility, authentication and signaling control.The IP network infrastructure is prevailing asmetropolitan network in conjunction with theIEEE802 wireless technologies and expectedto accommodate the 3 G system.

The IP network based on 3 G is graduallyextending as wireless networks, whereas thenetwork works on IEEE802.11 is dramaticallyexpanding its deployment because of the costefficiency. In the 3rd Generation PartnershipProject (3 GPP), there are discussions toenhance the mobility and handover manage-ment in the radio access network (RAN)between radio systems under the IP layer forthe Beyond 3 G［4］. The IEEE802 LMSC［5］isalso working on the integration of radio sys-tems. The IEEE802.16［6］Working Group isdeveloping a specification for Fixed Broad-band Wireless Access Systems for combinedfixed and mobile operation in wireless MANenvironment and the IEEE802.21［7］WorkingGroup is defining a seamless handover inter-face among wireless technologies, such asIEEE802.11, 802.16 and 3 G. The IEEE802LMSC based wireless systems are becoming

4 Wireless Security Technologies

4-1 Mobile Ethernet and its Security Toward Ubiquitous Network

MIYAMOTO Goh and KURODA Masahiro

The ubiquitous environment is a seamless integration of radio systems, such as the 3 G,WLAN and wireless MANs, and is expected popular in near future combined with small RFdevices. The Mobile Ethernet is an architecture to integrate different types of radio systems andprovide transparent network access anytime anywhere. We explain the Mobile Ethernet archi-tecture for future ubiquitous environment from the viewpoint of 3 GPP and IEEE802 LMSC. We,then, talk the Mobile Ethernet Security which is the security framework to accommodate bothapplication and network authentications. We, then, discuss wireless security issues. One is tohave a common mechanism to keep confidentiality among radio systems. The other is to pro-vide functions to maintain availability. The wireless security discussion is still on the way and weneed to investigate privacy issues for security of future ubiquitous network.

KeywordsSecurity, Mobility, DoS attack, Ubiquitous wireless network, Wireless security

52 Journal of the National Institute of Information and Communications Technology Vol.53 No.4 2006

key components of the ubiquitous environ-ment and are expected to converge to a com-mon IEEE802 MAC layer in conjunction withsoftware radio technologies［8］with MIMOsystems. The common IEEE802 MAC conver-gence does not expect complex IP packet for-warding and inefficient reauthentication inplace.

There are two types of mobility manage-ment. One is macro mobility which requireslossless but not real-time feature. The other ismicro mobility to keep response time for real-time applications, such as VoIP and Videoconference over IP. The macro mobility ismanaged by Mobile IP［9］in integrated wire-less systems. In the Mobile IP enhancements,efficient route optimization, fast handover［10］and control packet reduction using hierarchi-cal network management［11］are raised. Theseenhancements need capsulations and manymessage exchanges, such as Binding Update,at terminal movements between access routersand Return Routability to check the validationof the binding update information. The capsu-lation increases process load and these mes-sages exchanges increase signaling load forfrequent handovers in metropolitan areas. Thisapproach is suitable for the macro handoverbetween two different service networks. Themicro mobility, on the other hand, requiresseamless wireless integration for real-timeapplications. A packet loss in voice communi-cation causes noise and some disconnection.The Ubiquitous environment expects bothmacro and micro mobility following standardsfor public use.

The security management for ubiquitousenvironment has different aspects. There arenetwork access authentications, wirelessaccess security, and wireless privacy. In theintegrated wireless network, when a mobiledevice handovers from one radio system to theother, the network verifies the wireless accesswhether it is allowed by inquiring an authenti-cation server in the network. A network accessauthentication which is independent of radiosystems is expected. The network also needsto have safe wireless access not to be attacked.

Once the wireless system is attacked byDenial of Services (DoS) by utilizing contextinformation which is in air, the network willnot function properly. Untraceability usingcontext information are required to escapefrom DoS attacks besides wireless jamming,wireless session hijacking, and wireless asso-ciation flooding.

In this paper, we introduce the Mobile Eth-ernet and its security targeted for ubiquitousnetwork. The section 2 explains the MobileEthernet architecture, a Beyond 3 G, and itsmicro mobility solution. The section 3 intro-duces a framework of the network accessauthentication which is consistently used withapplication level authentication and discussesthe handover authentication. The section 4discusses wireless security. It introduces asecurity key management utilizing locationinformation of a mobile device that is inde-pendent of radio systems. We discuss func-tions to protect the wireless interface of theMobile Ethernet from Denial of Server (DoS)attacks. We, then, conclude with future worksin the section 5.

2 Ubiquitous network: Mobile Ethernet

The ubiquitous network expects seamlessintegration of networks and radio systems.The Mobile Ethernet with Mobile IP solutionsprovides both macro and micro mobility. Inthis section we explain the current MobileEthernet and its future network.

2.1 Mobile Ethernet in 3 GPP evolutionThere are discussions of the 3 G direction.

Figure 1 presents the 3 G evolution discussedin the 3 GPP.

The 1st phase shows the current 3 G cellu-lar network service in Japan. The 2nd phase isan attempt to enhance the mobility manage-ment by introducing IETF Mobile IP into corenetwork, but it is not proved as future 3 G.The architecture combines GSM with MobileIP mobility handling［12］. The 3rd phase aimsat the enhancement of mobility management


in the core network as an advanced router net-work［13］. The UTRAN evolution is also dis-cussed to optimize dynamic resource alloca-tion and scheduling. There are talks for traf-fic/mobility control and MAC interfaceenhancement to allow efficient handoverbetween various types of radio systems［14］.The Mobile Ethernet is a candidate RAN tech-nology for the UTRAN evolution.

2.2 Mobile Ethernet architectureThe Mobile Ethernet is a metropolitan area

Layer 2 based network that accommodatesdifferent types of radio systems satisfying acommon interface for both data and signaling.The Mobile Ethernet can extend a support areausing other technologies, such as ProviderBridge［15］and also connect to the Internet viaa router as shown in Fig. 2.

In the Mobile Ethernet, every message isvirtually broadcasted on the core networkshared with proper MAC addresses and allowsto plug-in various radio systems, such as 3 G,

WLAN, wireless MANs, and 4 G, following acommon MAC interface. To achieve scalabili-ty, Layer 2 switches with path-learning cachesare deployed in the network. A path to a desti-nation MAC address is learned at all switcheson the path and unnecessary broadcast is sup-pressed, once the path is learned［16］［17］.

The Mobile Ethernet provides a real-timehandover mechanism based on Layer 2 switcharchitecture and a prediction mechanism ofseamless handover for real-time applications.It also provides a signaling mechanism toupdate path-learning caches on the switchesdynamically, and needs suppressing broadcastsignaling traffic.

The Mobile Ethernet consists of Layer 2switches, the Common Signaling Server(CSS) and Buffering Server. There are threetypes of Layer 2 switches called the GatewaySwitch (GSW), the Branch Switch (BSW),and the Edge Switch (ESW). The GSW hasthe basic mobility functions, such as MACaddress learning with exchanging Layer 2

Fig.1 3 GPP Evolution


mobility management frames and IPv6 multi-cast traffic control without flooding, and inter-faces for MAC address replacement and MACaddress table setup to the Common SignalingServer. A BSW is the intermediate switchbetween a GSW and an ESW and has thebasic mobility functions in it. An ESW man-ages MAC frame transfers, such as relayingcommon radio signaling messages between amobile device and the CSS besides the basicfunctions.

The CSS manages messages to controlmobile devices and radio systems. The serverinforms to a mobile device adjacent APs listfor the network access point detection andmobility management instruction such as ahandover request［18］. The mobile device, onthe other hand, informs various common radiosignaling messages, such as the Location AreaUpdate message for mobility management indormant mode［19］and measured received-sig-nal strength information used for triggering innetwork initiated handover［20］. The BufferingServer keeps user data frames for pagingmobile devices. The components and inter-faces are shown in Fig. 3.

2.3 Future Mobile EthernetThe Mobile Ethernet architecture

described in the previous section defines all

the components and specifications. Our exper-imental Mobile Ethernet system［21］consistingof different types radio systems, W-CDMA(3 G) and IEEE802.11b, verifies thecommon MAC interface and components forlossless and real-time handover.

The future Mobile Ethernet expects aMobile Ethernet switch which is used as aGSW, a BSW, or an ESW and a CSS/Buffer-ing server integrated somewhere in the net-work, once the specification and interface ofeach component is verified and standardized.The network also expects any access points atany location and provides wireless access tousers anytime. The future Mobile Ethernet isexpected to provide a ubiquitous wireless net-work independent of radio systems showed inFig. 4.

In near future, a mobile device can config-ure its radio adjusting to available radio sys-tems and services at a user location. Themobile device changes its radio from one tothe other seamlessly and expects a uniqueaddress, such as IP address for efficient ser-vice continuity. The Mobile Ethernet has thefeature not to change an IP address to accessany radio systems.

Fig.2 Mobile Ethernet


3 Mobile Ethernet security

The Mobile Ethernet allows a user toseamlessly handover from one radio system tothe other along with the user movement. Theuser expects service continuation with nointerruption, even in the case of real-timeapplications. Following section describes aframework for network access authenticationwhich is consistently used with applicationlevel authentication and, then, discusses thevertical handover authentication.

3.1 Framework for network access authentication

We proposed the security framework forthe Mobile Ethernet consisting of applicationlevel authentication, network access authenti-cation, and the security link between the twoauthentications［22］. The framework expectsthat a user device is divided into two compo-nents, a personal identity card (PIC) securelystoring any kind of certificates, such as wire-less access/ISP certificates, and a mobiledevice holding the delegated certificates usedfor network access/application level authenti-cations. It defines mutual authentication

Fig.3 Components and Interfaces

Fig.4 Future Mobile Ethernet


between the PIC and the mobile device withcertificate activation in the PIC using biomet-rics or another method.

The application level authentication ismutual authentication between a mobiledevice having the delegated certificate andservice providers, such as ISP. The networkaccess authentication is also mutual authenti-cation between the mobile device and wirelessnetworks. The device authenticates a wirelessnetwork when it connects to it. The networkalso checks whether the device has the right to

access it.Figure 5 shows the framework to accom-

modate both application level and networkaccess authentications.

3.2 Handover authentication and AAAWhen a mobile device moves to a different

radio system in the same segment (intra-seg-ment handover), the device sends an UpdateEntry Request (UER) to the AP and goes upthe hierarchy until the UER reaches the AAAserver shown in Fig. 6. The network access

Fig.6 Proactive Network Access Authentication

Fig.5 Application and Network Authentication Framework

authentication is done by a twoway handshakebetween the device and the AAA server.When the mobile device moves to a radio sys-tem in another segment, it goes up to the AAAserver in the hierarchy.

In the case of handover, a real-time appli-cation expects authentication on the fly. TheMobile Ethernet expects proactive authentica-tion taking advantage of the network initiatedhandover. The network knows which radiosystem is to be used when a mobile devicemoves out of current communication area. Thenetwork transfers the security context from theESW where the mobile device in located tothe new ESW and authenticate beforehandwithout sending a request in the future.

The authentication framework assumesmany service providers, such as applicationand wireless access, and many users. In suchsystem, if users authenticate by sharing asecret every time they moves, it requiresheavy computation for users to do beforehand.It is preferable to employ a ticketgranting ser-vice and register each provider with eachAAA server in a segment. The ticket-grantingauthentication is applied to ubiquitous envi-ronment assuming a PIC for each user for anyservices.

4 Wireless security toward ubiquitous network

There are two discussions in wirelesssecurity. One is to have a common mechanismto keep confidentiality among radio systems.The other is to provide functions to maintainavailability.

The Mobile Ethernet expects to integratevarious radio systems. Each radio system hasits own authentication mechanism on it andsome mechanisms are not consistent with oth-ers. We introduce a security key managementutilizing location information of a mobiledevice［23］that is independent of radio sys-tems. We, then, discuss functions to protectthe wireless interface of the Mobile Ethernetfrom Denial of Server (DoS) attacks.

4.1 Radio independent authenticationIn this section we describe a radio inde-

pendent wireless security using locationinformation that provides a lightweightauthentication between a mobile device andthe network［24］.(1) Location information as key material

In the mobile environment, location infor-mation is a candidate for authentication. Theauthentication uses the list of location of amobile device as a shared context between amobile device and the AP. The location of amobile device changes in accordance with theuser movement. The location is sharedbetween the device and the AP when the userstarts communication［25］-［27］. The list oflocation information, which is a kind of trailof the mobile device, is considered as a sharedcontext between the two entities.

An AP of the network, whereas, computethe location of a mobile device by the signalstrength［28］from the device. These locationsare shared by transmitting between the deviceand the AP. Although it is coarser than that ofthe Global Positioning System (GPS), aunique ID of an AP at which the device isconnecting is also seemed to be location of themobile device. The location informationshared between a mobile device and a networkis utilized as a seed to generate a symmetrickey between the mobile device and the APthat performs mutual authentication.(2) Track: Shared location information

A track is a list of location information ofa mobile device. The location information, forinstance, is the ID of a radio system. Once atrack is created, the list is updated separatelyon the mobile device and network, and keptconsistent. The latest location, then, is insertedat the top of the list and the oldest one at thebottom is removed to keep the length required.

The track is used as a shared context formutual authentication between a mobiledevice and the AP to solve the followingissues: a) Eavesdropping and Prediction, b)Compromise and c) Confliction.a) Eavesdropping and prediction

If there is an eavesdropper who sniffs any



traffic of a mobile device at any place, anattacker can have the location information ofthe device. The attacker, however, hardly pre-dict the entire track of the device from thelocation information which the eavesdropperhas. If the strong enough key variation is2128, the estimated minimum length of thetrack is greater than 40 and looks practicalcomputation when implementing on a mobiledevice.b) Compromise

The compromise of the track caused by itslong-term use never happens because it is fre-quently changed along with the move of amobile device. It is assumed that the mobiledevice is so robust that the track will not bedisclosed by any physical attacks.c) Confliction

There is a confliction in tracks such that atrack of a mobile device is equivalent to thatof the other devices The network avoids bydetecting the likelihood of the confliction. Itenables that, for instance, a user carries twomobile devices whose tracks don’t conflict.

4.2 UntraceabilityWireless security is treated as the exten-

sion to the wired network security and focuseson access control and confidentiality, but thecore feature of wireless network is availability.We expect security threats in its wireless partof the Mobile Ethernet that come from theopenness of Ethernet frames in air. Contents inair are protected by the established cryptogra-phy, but contexts including headers are openin air. A malicious person can trace the MACaddress of a mobile device and attack it.Untraceability of a mobile device becomes animportant requirement for Denial of Serviceattacks, besides wireless jamming, wireless

session hijacking, and wireless associationflooding.

We have proposed the Transient MACAddress (TMAC) scheme which allows amobile device to dynamically change its MACaddresses to escape from the tracing［29］［30］.Only a mobile device and the AP to which thedevice is connecting can remember the transi-tion of the MAC address, as the TMAC isupdated by means of a one-way keyed hashfunction. An attacker, who does not acquirethe TMAC key, cannot predict the nextTMAC from the current TMAC.

5 Conclusion and future work

We explained the Mobile Ethernet archi-tecture and its future direction from the view-point of 3 GPP and IEEE802 LMSC. We, also,described the Mobile Ethernet Security. Weexplained the security framework to accom-modate both application and network authenti-cations. We, then, talked about wireless secu-rity considerations. One is to have a commonmechanism to keep confidentiality amongradio systems. The other is to provide func-tions to maintain availability.

The wireless security discussion is still onthe way and we need to study privacy issuesfor future ubiquitous wireless network.

Acknowledgements

We present special thanks to people ofMitsubishi Electric Corporation who support-ed the Mobile Ethernet development and toProf. Wade Trappe who discussed the wirelessDoS attack targeted for next generation wire-less network.

References01 H. Lach, C. Janneteau, and A. Petrescu, “Network Mobility in Beyond-3 G Systems”, IEEE Communica-

tion Magazine, pp.52-57, Jul. 2003.

02 H. Yumiba, K. Imai, and M. Yabusaki, “IP-Based IMT Network Platform”, IEEE Personal Communication

Magazine, Vol.8, No.5, pp.18-23, Oct. 2001.


03 T. Otsu, I. Okajima, N. Umeda, and Y. Yamao, “Network Architecture for Mobile Communication Sys-

tems Beyond IMT-2000”, IEEE Personal Communication Magazine, Vol.8, No.5, pp.31-37, Oct. 2001.

04 http://www.3gpp.org/specs/specs.htm

05 http://www.ieee802.org/

06 http://www.ieee802.org/16/

07 http://www.ieee802.org/21/

08 H. Harada and R. Prasad, “Simulation and Software Radio for Mobile Communications”, Artech House,

2002.

09 D. Johnson, C. Perkins, and J. Arkko, “Mobility Support in IPv6”, Internet-Draft, draft-ietf-mobileip-ipv6-

24.txt, Jun. 2003.

10 R. Koodli, “Fast Handovers for Mobile IPv6”,

http://www.ietf.org/internet-drafts/draft-ietf-mobileip-fastmipv6-06.txt, Internet-Draft, Mar. 2003.

11 Hesham Soliman, Claude Castelluccia, Karim El-Malki, and Ludovic Bellier, “Hierarchical Mobile IPv6

mobility management (HMIPv6)”, Internet-Draft, draft-ietf-mipshophmipv6-00.txt, Jun. 2003.

12 “Combined GSM and Mobile IP Mobility Handling in UMTS IP CN”, 3 GPP TR23.923 V3.0.0

13 “All-IP Network (AIPN) feasibility study”, 3 GPP TR22.978 V7.0.0

14 Compendium of Abstract, 3 GPP TSG RAN Future Evolution Work Shop, 2-3 Nov. 2004, Toronto, Cana-

da.

15 “Virtual Bridge Local Area Networks – Amendment 4: Provider Bridge”, IEEE P802.1ad/D2.0 Dec. 2003.

16 M. Kuroda, M. Inoue, A. Okubo, T. Sakakura, K. Shimizu, and F. Adachi, “Scalable Mobile Ethernet and

Fast Vertical Handover”, IEEE Wireless Communications and Networking Conference (WCNC) 2004,

Mar. 2004.

17 A. Okubo, M. Tsuzuki, Y. Hirano, K. Shimizu, and M. Kuroda, “Evaluation of Mobile Ethernet Switch on

Network Processor”, Workshop on High Performance Switching and Routing (HPSR) 2004, Mar. 2004.

18 M. Kuroda, K. Ishizu, Y. Saito, and G. Miyamoto, “Empirical Evaluation of Real-Time Vertical Handover

for Beyond 3 G Wireless Network”, WPMC’05, Sep. 2005.

19 Z. Lan and M. Kuroda, “A Load Balancing Proposal for Beyond 3 G Wireless Network”, WPMC’05, Sep.

2005.

20 Y. Saito, K. Ishizu, M. Kuroda, and T. Mizuno, “A Study of Media Independent Paging Mechanism for

Beyond 3 G Wireless Network”, WPMC’05, Sep. 2005.

21 K. Ishizu, Y. Saito, and M. Kuroda, “Design of Media Independent Handover Interface for Beyond3 G

Terminal”, WPMC’05, Sep. 2005.

22 M. Kuroda, M. Yoshida, and R. Ono, “Double Stuff Security for the Beyond 3 G Wireless Network”,

WPMC’03, Oct. 2003.

23 R. Nomura, M. Kuroda, and D. Inoue, “Location-based Key Management for Ubiquitous Wireless Net-

work”, WPMC’05, Sep. 2005.

24 M. Kuroda and R. Nomura, “Radio-independent Mobile Authentication Protocol for Ubiquitous Network”,

WPMC’05, Sep. 2005.

25 I. F. Akyildiz, J. S.M. Ho, and Y. Lin, “Movement-Based Location Update and Selective Paging for PCS

networks”, IEEE Personal Communication Magazine, Vol.8, No.5, pp.18-23, 2001.

26 J. Li, Y. Pan, and X. Jia, “Analysis of Dynamic Location Management for PCS Networks”, IEEE Trans. on

Vehicular Technology, Vol.51, No.5, pp.1109-1119, 2002.

27 Y. Lin, “Reducing Location Update Cost in a PCS Network”, IEEE/ACM Trans. on Networking, 1997.


28 T. Aono, S. Tawara, T. Ohira, B. Komiyama, A. Kitaura, H. Mori, and H. Sasaoka., “Secret Common Key

Generation Method Exploiting the Fluctuation of Communication Channels Using an Espar Antenna”,

Proc. of the 2004 IEICE General Conference, 2004.

29 D. Inoue, R. Nomura, and M. Kuroda, “Transient MAC Address Scheme for Untraceability and DoS

Attack Resiliency on Wireless Network”, WTS2004, Apr. 2004.

30 D. Inoue, M. Kuroda, and K. Ishizu, “FAST Transient MAC Address Scheme Based on Prearranged

Update”, WPMC’05, Sep. 2005.

KURODA Masahiro, Ph.D.

Senior Researcher, Ubiquitous MobileCommunication Group, New Genera-tion Wireless Communications ResearchCenter

Ubiquitous Mobile Network and itsWireless Security

MIYAMOTO Goh

Researcher, Ubiquitous Mobile Com-munication Group, New GenerationWireless Communications ResearchCenter

Wireless Communication

4 Wireless Security Technologies - NICT · level authentication and, then, discusses the vertical...

Documents

Transcript of 4 Wireless Security Technologies - NICT · level authentication and, then, discusses the vertical...