Wireless Sec Pres
Transcript of Wireless Sec Pres
-
8/9/2019 Wireless Sec Pres
1/121
Security Issues, Concepts and
Strategies in Wireless AndMobile Systems
By: Imad Jawhar
-
8/9/2019 Wireless Sec Pres
2/121
Outline
Introduction
!he wireless en"ironment and systems
Concepts and terminologies used in
wireless security
Some commonly used wireless and mobile
systems and protocols
Wireless application protocol #WA$%
-
8/9/2019 Wireless Sec Pres
3/121
Wireless transaction protocol #W!$%
Wireless transport layer security #W!&S%
protocol
Some additional concerning WA$ security
Some research and 'uture directions in
wireless system security
Conclusions
-
8/9/2019 Wireless Sec Pres
4/121
!he Wireless (n"ironment
Communications in the wireless en"ironment has
its own issues and challenges)
*enerally, it has the 'ollowing characteristics:+ elati"ely low bandwidth and data rate)
+ elati"ely high error rates)
+-eed 'or low power consumption to preser"e battery
li'e o' mobile systems)
+ Mobility o' the nodes adds more comple.ity because o'
topology changes)
-
8/9/2019 Wireless Sec Pres
5/121
+Signal 'ading)
+/ando'' issues)
+And other challenges)
+All o' these issues a''ect design and design 'or
security
-
8/9/2019 Wireless Sec Pres
6/121
!here e.ists many 'orms o' wireless
communications and networ0ing, and the
number o' these 'orms dynamicallyincreasing)
!he 'ollowing is a list o' the some "ery
popular 'orms o' wireless communications)
-
8/9/2019 Wireless Sec Pres
7/121
Satellite Communications:
+1ses microwa"e lin0s and pro"ides global
connection o' many networ0 in'rastructures)
+!hree types o' satellites:
*(O: *eostationary (arth Orbit Satellites)
M(O: Medium (arth Orbit Satellites) &(O: &ow (arth Orbit Satellites)
-
8/9/2019 Wireless Sec Pres
8/121
Cellular -etwor0s:
+Widely used recently) 2uic0ly increasing in
popularity all o"er the world)
+*eographic area is di"ided into cells)
+(ach cell is ser"iced by a base station #BS%)
+Se"eral stations are ser"ed by a Mobile!elecommunications Switching O''ice
#M!SO%, or a similar structure)
-
8/9/2019 Wireless Sec Pres
9/121
+Base station connects mobile users to M!SO)
+M!SO connects base station #BS3s% to
telephone switching o''ice)+!he 'irst generation o' systems was AM$S
#Ad"anced Mobile $hone Ser"ice% which used
analog communications
-
8/9/2019 Wireless Sec Pres
10/121
!he second generation uses digital tra''ic
channels, encryption, error detection,
correction, and allow channel access to bedynamically shared by all users)
-
8/9/2019 Wireless Sec Pres
11/121
!hird generation systems will ha"e:
+4oice 5uality that is comparable to public
switched telephone networ0s)
+/igher data rates)
+Symmetrical and asymmetrical data
transmission rates)+Support 'or both pac0et and circuit switched
data ser"ices)
-
8/9/2019 Wireless Sec Pres
12/121
+Adapti"e inter'ace to the Internet to re'lect
common asymmetry between inbound and
outbound tra''ic)+More e''icient use o' a"ailable spectrum
+Support 'or wide "ariety o' mobile )e5uipment)
+More 'le.ibility to accept new ser"ices andtechni5ues)
-
8/9/2019 Wireless Sec Pres
13/121
Cordless Systems:
+1sed inside homes and buildings)
+Allow wireless communications between
cordless de"ices such as a telephone to a single
multiple base stations using !6MA #!ime
6i"ision Multiple Access% and !66 #!ime6i"ision 6uple.% communications)
-
8/9/2019 Wireless Sec Pres
14/121
Wireless &ocal &oop #W&&%:
+Increasingly more popular way to pro"ide
wireless last mile connections between the enduser and the local switching telephone center)
+Allows reduction in installation cost, and time)
+Selecti"e installation is possible #only installwhen customer desires ser"ice, not in
anticipation o' the customer desiring ser"ice%)
-
8/9/2019 Wireless Sec Pres
15/121
Mobile I$:+Allows nomadic access to the Internet 'rom
di''erent access points)+A user is able to maintain connectability to the
Internet while mo"ing 'rom one access point toanother)
+It uses process registration, agent solicitation,mo"e detection, and tunneling to achie"e thisob7ecti"e)
-
8/9/2019 Wireless Sec Pres
16/121
Wireless &ocal Area -etwor0s #W&A-s%:
+apidly becoming "ery popular)
+!his is due to many characteristics such as:
-eed 'or mobility)
Cost e''ecti"eness)
Con"enience) apid deployment ability)
-
8/9/2019 Wireless Sec Pres
17/121
6ecrease in si8e o' electronic and digital e5uipment)
Speed o' mobile computing de"ices)
-
8/9/2019 Wireless Sec Pres
18/121
!here are 'our types o' wireless &A-s )
&A- (.tension:
+$ro"ide wireless connections o' mobile
computing units to a wired networ0)
+1sed in manu'acturing, stoc0 e.change, and
warehouses)
-
8/9/2019 Wireless Sec Pres
19/121
Cross9building Interconnect:
+1sed to pro"ide wireless connections between
buildings)+1ses microwa"e communications with dish
shaped antennas)
+More o' a lin0 than a &A-)
-
8/9/2019 Wireless Sec Pres
20/121
-omadic Access:
+1sed to pro"ide connecti"ity 'rom mobile units
such as a laptop, $6A or other computingde"ices to a 'i.ed campus networ0 per e.ample)
-
8/9/2019 Wireless Sec Pres
21/121
Ad /oc -etwor0ing:
+Also called rapidly deployable networ0s)
+An increasingly popular 'orm o' establishing
networ0s between mobile computing de"ices,
such as laptops, computers inside mo"ing
"ehicles)
+!he temporary wireless networ0 is establisheddynamically on the 'ly)
-
8/9/2019 Wireless Sec Pres
22/121
+4ery dynamic in nature because topology
changes while nodes mo"e 'rom one location to
another, and nodes dynamically mo"e in andout o' each other3s range and are added and
deleted to the networ0 all together)
-
8/9/2019 Wireless Sec Pres
23/121
+e5uire robust communications algorithms and
protocols, which ha"e the 'ollowing
characteristics: Can 5uic0ly adapt to the changing networ0
topology)
Maintain e''icient connecti"ity and routing between
"arious nodes while wireless lin0s are lost andestablished dynamically as nodes mo"e in and out o'
each other3s range)
-
8/9/2019 Wireless Sec Pres
24/121
+!here are numerous applications 'or Ad /oc
-etwor0s, such as:
!actical military operations) Con'erences)
Campus and classroom en"ironments)
6isaster reco"ery)
Search and rescue operations)
And so on)
-
8/9/2019 Wireless Sec Pres
25/121
Bluetooth:
+A wireless communications protocol)
+Originally started by (ricsson)
+2uic0ly became adopted by a consortium o'
companies in the computer industry)
+*rew 'rom a 'ew companies to thousandsincluding all o' the ma7or companies in the
industry)
-
8/9/2019 Wireless Sec Pres
26/121
+6esigned to establish and maintain connections
between "arious computing de"ices and
electronic e5uipment such as: Computers,cellular phones, $6A3s, and so on)
+!his is done wirelessly a"oiding the need 'or
wires to establish the connections)
+Intended to wor0 in a close pro.imity
en"ironments such as homes, o''ices,
classrooms, hospitals, airports, etc)
-
8/9/2019 Wireless Sec Pres
27/121
+Connections are established by designating
master and sla"e nodes)
+It uses pro'iles 'or di''erent de"ices, whichcharacteri8e the applications)
+!here are types o' communication lin0s which
are multiple.ed o"er the same #adio
re5uency%:
Synchronous Connection9oriented #SCO% 'or "oice)
Asynchronous connectionless #AC&% lin0s 'or data)
-
8/9/2019 Wireless Sec Pres
28/121
+1ses re5uency9hopping spread spectrum with
a high rate ;sec to reduce
inter'erence, and pro"ide low power, and lowcost o' radio communications)
+Operates in the ISM band at ?)@ */8 with a
transmission o' ; to ;== mW, and a range o' ;=
to ;== meters, and a ma.imum bit rate o' ;Mbps, and an e''ecti"e data trans'er rate o' ?;
bps)
-
8/9/2019 Wireless Sec Pres
29/121
D=?);; wireless standard
!his is a wireless &A- standard)
which is increasingly being adopted by
many wireless de"ices to establishcommunications at the physical and datalin0 layers o' the OSI model)
In ?=== "endors sold around a millionD=?);; networ0 inter'ace cards, and salesare e.pected to go up to E)F million in ?==@
-
8/9/2019 Wireless Sec Pres
30/121
Security Issues
Importance o' wireless systems)
In e"ery aspect o' our li"es)
Sensiti"ity o' in'ormation shared onwireless systems #increasingly important%'inancial, personal, social, con'idential, etc)
e.ample: wireless cameras #watching nannyand baby in houseGthe whole bloc0watching%)
-
8/9/2019 Wireless Sec Pres
31/121
Security ser"ices needed
#especially in e9commerce transactions%
User authentication: !he process o'
pro"ing to the system that the user is whomhe>she says he>she is)
-
8/9/2019 Wireless Sec Pres
32/121
Data authentication: It is 'urther subdi"ided into
two sub9ser"ices)
!he 'irst is data integrity, which is the process o'guaranteeing to the recei"er that the data was not
changed during the transmission process)
!he second is data origin authentication is the
process o' pro"ing to the recei"er that the data was
actually sent by the stated sender)
-
8/9/2019 Wireless Sec Pres
33/121
Data confidentiality: It ensures that
unintended parties are not able to read the
data while in transit) (ncryption is used toachie"e this ob7ecti"e)
-
8/9/2019 Wireless Sec Pres
34/121
Authorization: It is the process o' ensuring that only authori8ed users are
allowed to access the data>resources) In a Hclosed systema user is not allowed access without e.plicit authori8ation)!ypically, this is the desired model o' secure systems) Onthe other hand, in an Hopen system a user is allowedaccess #implicit authori8ation% unless speci'ically
deauthori8ed by the system) !he latter model isundesirable 'or the design o' secure systems, unlessabsolutely necessary because o' the nature o' theapplication #a public library, etc)%
-
8/9/2019 Wireless Sec Pres
35/121
Audit: An audit trail is used to 0eep trac0
o' who, when, what, and how transactions
too0 place in a system) !his audit trail canbe an essential tool 'or a'ter the 'act
analysis in cases intentional or unintentional
security attac0s) It can also be used byintrusion detection algorithms to detect and
pre"ent current and 'uture attac0s)
-
8/9/2019 Wireless Sec Pres
36/121
Non-repudiation: !his is an important ser"icethat is essential 'or the proper operation o'
certain e9commerce transactions) It is the
process o' guaranteeing that a certain user
actually did issue a certain order or re5uired acertain transaction) -on9repudiation is usually
implemented using digital signatures, which are
uni5ue to users and pro"ide proo' that a
particular user initiated a particular transaction)
-
8/9/2019 Wireless Sec Pres
37/121
Some Commonly Used Mobile and
Wireless and Mobile Systems and
Protocols: D=?);;
Bluetooth
Mobile I$
-
8/9/2019 Wireless Sec Pres
38/121
IEEE 802.11
!his is a wireless &A- standard)
which is increasingly being adopted by
many wireless de"ices to establishcommunications at the physical and datalin0 layers o' the OSI model)
In ?=== "endors sold around a millionD=?);; networ0 inter'ace cards, and salesare e.pected to go up to E)F million in ?==@
-
8/9/2019 Wireless Sec Pres
39/121
!he D=?);; architecture uses the wired
e5ui"alent pri"acy protocol #W($%)
6ata is encrypted with W($ to protect thewireless lin0 between clients and access
points)
-etwor0 administrators distribute a W($9algorithm9based 0ey 'or authori8ed users,
which pre"ents access by unauthori8ed users)
-
8/9/2019 Wireless Sec Pres
40/121
!he protocol has authentications,deauthentication #this ser"ice is in"o0ed
whene"er an e.isting authentication is to beterminated%, and pri"acy pro"isions ;K EK)
Authentication #and deauthentication%ser"ices are used 'or establishing identity o'a station)
!he standard does not speci'y any particularauthentication scheme)
-
8/9/2019 Wireless Sec Pres
41/121
$ri"acy ser"ices are used to pre"ent the
content o' messages 'rom being read by
other than intended recipients EK)
-
8/9/2019 Wireless Sec Pres
42/121
Bluetooth
!his is a wireless communications protocol,
which was originally started by (ricsson)
5uic0ly became adopted by a consortium o'companies in the computer industry)
!he consortium grew 'rom a 'ew companies
to thousands including all o' the ma7orcompanies in the industry)
-
8/9/2019 Wireless Sec Pres
43/121
It is designed to establish and maintain
connections between computing de"ices,
and electronic e5uipment, such ascomputers, $6A3s, cell phones, and so on,
wirelessly a"oiding the need 'or wires)
It is intended to wor0 in a close pro.imityen"ironment, such as homes, o''ices,
classrooms, hospitals, airports, etc)
-
8/9/2019 Wireless Sec Pres
44/121
Connections are established using
designated masterandslavenodes)
It usesprofiles'or di''erent de"ices, whichcharacteri8e the applications, synchronous
connection9oriented #SCO% 'or data, and
asynchronous connectionless #AC&% lin0s'or "oice, which are multiple.ed on the
same lin0)
-
8/9/2019 Wireless Sec Pres
45/121
re5uency9hopping spread spectrum with a high
;sec rate is used to reduce inter'erence,
and pro"ide low power, low cost radiocommunications)
It operates in the ISM band at ?)@ */8 with a
transmission power o' ; to ;== mW and a range
o' ;= to ;== meters, and a ma.imum bit rate o' ;Mbps, and an e''ecti"e data trans'er rate o' ?;
bps)
-
8/9/2019 Wireless Sec Pres
46/121
1p to D de"ices can communicate in a
$iconet with one de"ice acting as the master
and the other de"ices as sla"es) Se"eral$iconet in one area can 'orm a HScatternet
in which all nodes use the same 're5uency
range with each H$iconet using a di''erenthop se5uence)
-
8/9/2019 Wireless Sec Pres
47/121
!he bluetooth baseband speci'ication
de'ines a 'acility 'or lin0 security between
any two Bluetooth de"ices, consisting o' the'ollowing elements EK:
- At!entication
- Encry"tion #"ri$acy%
- &ey mana'ement and sa'e.
-
8/9/2019 Wireless Sec Pres
48/121
!he security algorithms use 'our parameters:
+Unit address: !he @D9bit de"ice address, which
is publicly 0nown)+Secret at!entication (ey: A secret ;?D9bit 0ey)
+Secret Pri$acy (ey: A secret 0ey o' length 'rom
@ to ;?D bits)
-
8/9/2019 Wireless Sec Pres
49/121
+)andom nmber: A ;?D9bit random number
deri"ed 'rom a pseudorandom generation
algorithm e.ecuted in the Bluetooth unit) !he two secret 0eys are generated and
con'igured with the unit and are not
disclosed)
-
8/9/2019 Wireless Sec Pres
50/121
!he authentication process is used to
pro"ide "eri'ication o' the claimed identity
o' one o' the two Bluetooth de"icesin"ol"ed in an e.change)
Authentication is done by "eri'ying that the
two de"ices share the same precon'iguredauthentication 0ey)
-
8/9/2019 Wireless Sec Pres
51/121
(ncryption o' pac0et payload can be used to
protect user in'ormation) !he access code
and the pac0et header are ne"er encrypted) !he encryption is done using an encryption
algorithm 0nown as (=EK) or each pac0et
transmission, a new encryption 0ey isgenerated)
-
8/9/2019 Wireless Sec Pres
52/121
!he algorithm generates a one9time payload
0ey by combining in a comple. 'ashion a
random number, which is sent to the sla"e,the masterLs address, the current cloc0 "alue
and a shared secret 0ey) Because the cloc0
"alue changes 'or each encryption, adi''erent encryption 0ey is used each time,
enhancing security)
-
8/9/2019 Wireless Sec Pres
53/121
Mobile I$
It is used to enable computers to maintainInternet connecti"ity while mo"ing 'romone Internet attachment point to another)
It uses the concept o' home and 'oreignnetwor0s and home and 'oreign agents)
Messages intended 'or a certain node, which
are sent to its home networ0, are 'orwardedto a care o' address to the mobile node at the'oreign networ0 where it is registered
pre"iously when the mo"e was detected)
-
8/9/2019 Wireless Sec Pres
54/121
!he 'orwarding process uses datagram9
tunneling and encapsulation options, which
include I$9within9I$, minimal9encapsulation,
or *eneric routing encapsulation #*(% EK)
Mobile I$ has security 'eatures, which are
essential to its operation) !his is because a
wide "ariety o' attac0s could be used by anunauthori8ed user to access in'ormation o'
another user)
-
8/9/2019 Wireless Sec Pres
55/121
It uses message authentication, registrationre5uest and reply contain authenticatione.tensions with security parameter inde.
#S$I% and authenticator) Authentication procedures are carried out to
secure mobile9home #mobile node>homecommunication%, mobile9'oreign #mobilenode>'oreign agent communications%, and'oreign9home #'oreign agent>home agentcommunications%)
Wireless A""lication Protocol
-
8/9/2019 Wireless Sec Pres
56/121
Wireless A""lication Protocol
#WAP%
!his is an open standard, which pro"ides mobile
users o' wireless terminals such as wireless
phones, pagers, and $6A3s access to telephony
and in'ormation ser"ices EK) It is designed to wor0 with all wireless networ0
technologies such as *SM, C6MA, and !6MA)
It is based on e.isting Internet standards such as
I$, M&, /!M&, and /!!$ EK ;=K FK ;?K)
-
8/9/2019 Wireless Sec Pres
57/121
!he WA$ 'orum is an industry association o' o"er
== members Hthat has de"eloped the de9'acto
world standard 'or wireless in'ormation and
telephony ser"ices on digital mobile phones and
other wireless terminals ;
-
8/9/2019 Wireless Sec Pres
58/121
1sers are able to access e9commerce sites
'rom new wireless de"ices such as $6As
and mobile phones)
-
8/9/2019 Wireless Sec Pres
59/121
*!e WAP S"eci+ication:
WA$ de'ines an open, standard architecture,
and a set o' protocols 'or the
implementation o' wireless access to theInternet)
!he WA$ speci'ications include ;@K EK:
-
8/9/2019 Wireless Sec Pres
60/121
An ,M-ty"e mar(" lan'a'e Wireless
Mar(" an'a'e #WM%: It has te.t and
image support with 'ormatting layout and
commands)
6ec0>card organi8ational metaphor #documents
subdi"ided into cards which speci'y one or more
units o' interaction%, and support 'or na"igationamong cards and dec0s)
-
8/9/2019 Wireless Sec Pres
61/121
A sample o' WM& code, consider the 'ollowing simpledec0 with one card ?=K)
Nwml
Ncard idP3card;3
Np
/ello WA$ World)
N>p
N>card N>wml
-
8/9/2019 Wireless Sec Pres
62/121
!he tags Nwml, Ncard, and Np enclose the dec0,
card, and paragraph, respecti"ely) When a wireless
de"ice recei"es this code, it will display the message
H/ello WA$ World on the terminal3s screen)
!he boo0 in EK has a table with all o' WM& tags,
which are di"ided into eight 'unctional groups: 6ec0
Structure, Content, ormatting, 1ser Input,
4ariables, !as0s, and !as0>("ent Bindings) e'er toEK ;?K 'or more in'ormation on the WM& language)
-
8/9/2019 Wireless Sec Pres
63/121
A /microbroser s"eci+ication: It de'ines
how WM& and WM&Scripts are determined in
the wireless de"ice) A li'!tei'!t "rotocol stac(: Wireless Session
$rotocol is e5ui"alent to /!!$ in a compressed
'ormat) 6esigned to minimi8e bandwidth use
allowing di''erent wireless networ0s, with"arying bandwidth capacities, to run WA$
applications)
-
8/9/2019 Wireless Sec Pres
64/121
rameor( +or Wireless *ele"!ony
A""lications #W*A%: It pro"ides access to
traditional telephony ser"ices #such as Callorwarding% through WM&Scripts)
Pro$isionin':It allows Ser"ice $ro"iders to
recon'igure mobile de"ices remotely usingShort Messaging System #SMS%, which is a
*SM standard ;K)
-
8/9/2019 Wireless Sec Pres
65/121
Com"onents o+ t!e WAP
Arc!itectre !he WA$ model consists o' three elements:
the client, gateway, and original ser"er) !his
is shown in 'igure ;) !he gateway ser"es as a pro.y, which
connects the wireless de"ice>s to the original
ser"er) /!!$ is used to communicate between the
gateway and the original ser"er)
-
8/9/2019 Wireless Sec Pres
66/121
!he WA$ gateway per'orms 'unctions, which are spared
'rom the relati"ely less capable processor in the wireless
de"ices)
It pro"ides 6-S ser"ice, con"erts between the WA$
protocol stac0 #protocols that ha"e been optimi8ed 'or
low bandwidth, low power consumption, limited screen
si8ed, and limited storage% and the traditional WWWstac0 which includes /!!$ and !C$>I$)
encodes>decodes in'ormation 'rom the wired web to
more compact 'orm)
-
8/9/2019 Wireless Sec Pres
67/121
which is more easily digested and displayed
by the more limited wireless de"ice)
!his reduces the amount o' datacommunicated wirelessly)
!he gateway also reduces communication
o"erhead and latency by caching recentlyre5uested web pages and in'ormation)
-
8/9/2019 Wireless Sec Pres
68/121
:igure ; + !he WA$ $rogramming Model)
Client Original Ser"er
WA( user agent
*ateway
(ncoders and
6ecoders
Content
C*IScripts, etc)
esponse #content%(ncoded response
e5uests(ncoded re5uests
-
8/9/2019 Wireless Sec Pres
69/121
WA$ speci'ications ha"e se"eral
components to pro"ide secure
communications) !hese components include the W!&S
protocol, WA$ identity module #WIM%
smart cards 'or storing user certi'icates, and'unctions such as Crypto)sign!e.t#%, which
is used 'or signing o' WA$ transactions)
-
8/9/2019 Wireless Sec Pres
70/121
As shown in 'igure ?, the WA$ $rotocolStac0 is a layered architecture whichconsists o' se"eral protocol layers)
We will brie'ly describe each o' the layersand 'ocus on the the W!$ and W!&S layersin this paper)
On top is the Wireless Mar0up &anguage#WM&% #described later%, and WM&Scriptlayer, which is a scripting language withsimilarities to Ja"aScript)
-
8/9/2019 Wireless Sec Pres
71/121
Below WM& and WM&Script is the
Wireless Application (n"ironment #WA(%
layer, which speci'ies an application'ramewor0 'or wireless de"ices such as
mobile phone, pagers, and $6As)
WA( consists o' tools and 'ormats that aredesigned to ease the tas0 o' de"eloping
applications and de"ices supported by WA$)
Wireless Mar0up &anguage #WM&% WM&Script
-
8/9/2019 Wireless Sec Pres
72/121
Wireless Application (n"ironment #WA(%
Wireless !ransaction $rotocol #W!$%
Wireless Session $rotocol #WS$%
Wireless !ransport &ayer Security #W!&S%
p g g # % p
Wireless 6atagram $rotocol #W6$%
16$
*SM
I$
69AM$S IS9F E* Bluetooth
igure ? + WA$ $rotocol Stac0)
-
8/9/2019 Wireless Sec Pres
73/121
!he WA( layer is 'ollowed by the Wireless Session$rotocol #WS$%)
WS$ pro"ides applications with an inter'ace 'or two
session ser"ices connection9oriented operating o"er
the Wireless !ransport $rotocol #W!$% #comparableto !C$ on the in wired networ0s% and connectionless
operating o"er the unreliable transport protocol called
Wireless 6atagram $rotocol #W6$% #comparable to
16$ in wired networ0s%)
-
8/9/2019 Wireless Sec Pres
74/121
Basically, WS$ is based on /!!$ with some
modi'ications and additions to optimi8e its use
o"er wireless lin0s)
Below the WS$ layer, resides the Wireless
!ransaction $rotocol #W!$%, which will be
described later)
!hen below W!$, resides the Wireless !ransport&ayer Security #W!&S%, which will also be
discussed later)
-
8/9/2019 Wireless Sec Pres
75/121
Below the W!&S layer, 'ollows theWireless 6atagram $rotocol #W6$%, which
in turn operates on top o' the a number o'
bearer ser"ice pro"iders such as *SM, 69AM$S, IS9F, E*, Bluetooth, etc)
We will only concentrate on the W!$ and
W!&S layers in this presentation)
-
8/9/2019 Wireless Sec Pres
76/121
Wireless *ransaction Protocol
#W*P% W!$ manages transactions by con"eying
re5uests and responses between a user agent
#such as a WA$ browser% and an application
ser"er 'or such acti"ities as browsing and e9
commerce transactions EK)
It pro"ides reliable transport ser"ices without the
undesirable o"erhead o' !C$, which is thetransport layer protocol, used in wired networ0s)
-
8/9/2019 Wireless Sec Pres
77/121
!his results in a lightweight protocol more
suitable 'or implementation in Hthin clients
#such as wireless>mobile de"ices% and o"erlow9bandwidth wireless lin0s)
It includes the 'ollowing 'eatures:
+Optional user9to9user reliability: W!$ user triggers
the con'irmation o' each recei"ed message)
+Optional out9o'9band data on ac0nowledgments)
-
8/9/2019 Wireless Sec Pres
78/121
+$61 concatenation and delayed
ac0nowledgment to reduce the number o'
messages sent)
+Asynchronous transactions)
+!hree classes o' transaction ser"ices to pro"ide:
unreliable datagram ser"ice, reliable datagram
ser"ice, and re5uest>response transactionser"ice and support the e.ecution o' multiple
transactions during one WS$ session)
-
8/9/2019 Wireless Sec Pres
79/121
*!e Wireless *rans"ort ayer
Secrity #W*S% Protocol !he WA$ protocol stac0 includes security
'eatures in its Wireless !ransport &ayer
Security #W!&S% layer, which is directlybelow the Wireless !ransaction $rotocol
#W!$%)
-
8/9/2019 Wireless Sec Pres
80/121
W!&S/andsha0e
$rotocol
W!&S Alert
$rotocolW!$
W!&S ecord $rotocol
W!&S ChangeCipher Spec
$rotocol
:igure E + W!&S $rotocol Stac0
W6$ or 16$>I$
-
8/9/2019 Wireless Sec Pres
81/121
Security o' WA$ transactions is achie"ed using the
W!&S protocol ;DK EK)
!he W!&S protocol pro"ides entity authentication,data con'identiality, and data integrity)
It is based on the I(! SS&>!&S protocols ;=K
;FK) W!&S pro"ides security 'or communications
between the WA$ wireless de"ice and the WA$*ateway)
-
8/9/2019 Wireless Sec Pres
82/121
As shown in 'igure E, the W!&S $rotocol
Stac0 includes W!&S handsha0e protocol,
W!&S Change Cipher Spec $rotocol,W!&S Alert $rotocol, and W!$ at the top)
Below resides the W!&S ecord $rotocol,
which in turn lays on top o' the W6$ or
16$>I$ layer)
-
8/9/2019 Wireless Sec Pres
83/121
!he 'unction o' the W!&S ecord $rotocol is to ta0e
the user data 'rom the ne.t higher layer #W!$, W!&S
handsha0e protocol, W!&S Alert $rotocol, W!&Schange cipher spec protocol% and encapsulates the data
in a $61 #$rotocol 6ata 1nit% EK)
!he $61 contains the data in a compressed, and
encrypted 'orm with a W!&S record header appendedto it) (ncryption is done using a symmetric encryption
algorithm) !he allowable encryption algorithms are
6(S, triple 6(S, C and I6(A ;EK)
-
8/9/2019 Wireless Sec Pres
84/121
!he W!&S protocol has three di''erentclasses o' ser"ice ;=K:
Class 1: !his class implements
unauthenticated 6i''ie9/ellman 0ey e.changeto establish the session 0ey) (arly WA$ de"ices
only implement this le"el, which is insu''icient
and should not be used 'or e9commerce
transactions ?;K)
-
8/9/2019 Wireless Sec Pres
85/121
+Class 2: !his class en'orces ser"er side
authentication using public 0ey certi'icates
similar to SS&>!&S protocol) !he WA$ *ateway
uses a W!&S certi'icate, which is a particular
'orm o' )=F certi'icate compressed to sa"e
bandwidth) !his le"el is used in currently
a"ailable de"ices, which are being used in se"eral
read9only access and in9economy ban0ing
applications in (urope and the 1 ??K)
-
8/9/2019 Wireless Sec Pres
86/121
+Class 3: 1sing this class, clients are able to
authenticate using client side certi'icates, which
are regular )=F 'ormat) !hese certi'icates
can be stored either on the client or on a
publicly accessible ser"er with a pointer to the
certi'icate stored in the wireless de"ice) !his
class is beginning to be used in wireless phones?EK)
-
8/9/2019 Wireless Sec Pres
87/121
-o0ia, $- Mobile, and Interpay -ederland ha"e
success'ully tested 'inancial transaction on a mobile
networ0 ?EK, based on WIM technology, which is a
part o' the WA$ ;)? #Wireless Application $rotocol%speci'ication)
With this real time payment solution, a mobile
telecommunications networ0 operator, a mobile phone
and in'rastructure manu'acturer and a paymentprocessor ha"e made impro"ement in security 'or
mobile commerce transactions)
-
8/9/2019 Wireless Sec Pres
88/121
!he solution is based on WIM #Wireless Identity
Module%, which is a mobile Internet technology
enabling more secure transactions)
-on9repudiation o' transactions is ensured by a
digital signature) In practice, this means users can
per'orm transactions sa'ely using a single $I-9code)
In addition, built9in security elements in the terminaland networ0 ensure more secure and reliable
transactions)
-
8/9/2019 Wireless Sec Pres
89/121
Class E security ser"ices, which are in the process
o' being o''ered by di''erent wireless de"icemanu'acturers such as -o0ia and Motorola, are
e.pected to allow ban0ing institutions to enhance
their current wireless e9commerce ser"ices to
allow Hout9o'9economy transactions)
-
8/9/2019 Wireless Sec Pres
90/121
As shown in 'igure E, the W!&S protocol stac0 alsocontains the 'ollowing protocols:
*!e C!an'e Ci"!er S"ec Protocol:
+!he cipher spec is associated with the current transaction)
+It speci'ies the encryption algorithm, the hash algorithm
used as part o' /MAC, and cryptographic attributes, such
as MAC code si8e) !his protocol is used in the process
o' establishing the cipher suite used 'or subse5uentcommunications during a session)
-
8/9/2019 Wireless Sec Pres
91/121
*!e Alert Protocol:
+1sed to con"ey W!&S9related alerts to the peer entity)
Alert messages are compressed and encrypted as well)
*!e 3ands!a(e Protocol in t!e W*S:
+ It allows the ser"er and client to authenticate each otherand to negotiate an encryption and MAC algorithm and
cryptographic 0eys to be used to protect the data sent in
the W!&S record) !he /andsha0e protocol is used to
establish the security pro"isions be'ore any application
data is e.changed EK)
Some Additional Isses
-
8/9/2019 Wireless Sec Pres
92/121
Concernin' WAP Secrity:
esearch has identi'ied some additional
issues regarding the security o' WA$ based
systems) !he 'ollowing are some o' theseissues)
-
8/9/2019 Wireless Sec Pres
93/121
Abot Maintenance o+ t!e WAP 4ateay:
+!he WA$ *ateway can be maintained by the
Wireless Ser"ice $ro"ider #WS$% or by the(nterprise #on the ser"er side%)
+I' the WS$ maintains the WA$ gateway howe"er,
some literature ;=K re'ers to the presence o' a
security Hgap caused by the ending o' theWireless !ransport &ayer Security #W!&S%
session at the *ateway)
-
8/9/2019 Wireless Sec Pres
94/121
+!he data is temporarily in clear te.t on the
*ateway until it is re9encrypted under the SS&
session established with the (nterprise3s web
ser"er)
+In such cases, the WA$ *ateway should be
maintained at the (nterprise) A more detailed
discussion o' this issue is presented in ;=K)
-
8/9/2019 Wireless Sec Pres
95/121
*!e WAP Identity Modle #WIM%:+-ew generation o' WA$ phones will pro"ide
WIM to 'acilitate client side authentication?@K) WIM is used to implement W!&S
protocol Class E 'unctionality)
+It has embedded support 'or public 0ey
cryptography) With the WIM implementation,SA ?;K is mandatory and (lliptic Cur"eCryptography ?;K is optional)
-
8/9/2019 Wireless Sec Pres
96/121
+Smart card is one possible implementation o' WIM)
It could be a part o' the SIM #subscriber identity
module% card in a cellular phone #in *SM ;K% or
an separate smart card #WIM card%)+A combination o' SIM9WIM card is typically called
a SWIM card) !he WIM card would be con'igured
by the manu'acturer with two sets o' pri"ate9public
0ey pairs #one 'or signing and one 'orauthentication%, and two manu'acturer3s certi'icates)
-
8/9/2019 Wireless Sec Pres
97/121
+All W!&S sessions established through a WIM
and a WA$ *ateway will use the same public0eys 'or initial session negotiations)
+A WIM is able to store a number o' certi'icatesor user certi'icate re'erences, such as a 1&9
based re'erence)
+A user will be re5uired to register a certi'icateat each (nterprise #such as a Ban0, etc)%)
+!he WIM must be tamper resistant to ma0e itnot 'easible to e.tract or change in'ormation inthe module, because it contains user pri"ate0eys, which ne"er lea"e the WIM)
User Identi+ication and
-
8/9/2019 Wireless Sec Pres
98/121
User Identi+ication and
At!entication in WAP !he type o' user identi'ication and authenticationpossible in WA$ di''ers with the W!&S class o'ser"ice used)
1sername>password identi'ication and authenticationcan be used with WM& 'orms e.changed betweenthe ser"er and the wireless de"ice)
It is also possible to ha"e client9side identi'ication
and authentication based on the public>pri"ate 0eypair that is hardcoded on the WIM card and boundwith the user3s name in their certi'icate)
-
8/9/2019 Wireless Sec Pres
99/121
5on-re"diation in WAP:
+It re5uires client side certi'icates that bind the
user3s signing 0ey with their name)+!he WA$ browser, on the WA$ de"ice,
pro"ides WM&Script 'unction,
Crypto)sign!e.t#% ?K, which achie"es this
purpose using di''erent scenarios depending onthe implementation)
Some )esearc! and tre
-
8/9/2019 Wireless Sec Pres
100/121
6irections in Wireless Systems
Secrity W!at is Secre Soc(ets ayer #SS% 7
+SS& is the most widely deployed and used
security protocol in the world)+(ssentially e"ery commercial Web browser and
ser"er supports secure Web transactions usingSS&)
+Qou are almost certainly using SS& e"ery timeyou buy online using Hsecure Web pages ;EK)Currently, tens o' billions o' dollars worth o'SS& transactions occur per year)
-
8/9/2019 Wireless Sec Pres
101/121
+SS& is mostly used 'or securing Web tra''ictransactions, howe"er, it is a general protocol
suitable 'or securing many other types o' tra''ic)
+In addition to the World Wide Web, SS& and its
successor, !ransport &ayer Security #!&S%, are usedin other popular applications such as ile !rans'er
$rotocol #!$%, remote ob7ect access #MI,
COBA, IIO$%, e9mail transmission #SM!$%,
remote terminal ser"ice #!elnet% and directory access#&6A$% to secure their transactions)
-
8/9/2019 Wireless Sec Pres
102/121
+As will be shown later in this paper, SS& is
currently being used in di''erent stages o' the
transaction communications between wireless
de"ices and the wired in'rastructure)
U i SS i Wi l
-
8/9/2019 Wireless Sec Pres
103/121
n Usin' SS in Wireless
Commnications 6ue to the percei"ed relati"e decrease in capabilities o'wireless de"ice C$1s and lower bandwidth
capabilities o' wireless channels, there is a dri"e away
'rom SS& and toward security architectures designed'or wireless transactions that lac0 end9to9end security)
/owe"er, some literature
-
8/9/2019 Wireless Sec Pres
104/121
*!e 6e$elo"ment o+ i'!tei'!t Secrity
Mec!anisms +or Wireless Mltimedia
*ra++ic *ransmission
In addition to the abo"e protocols, and
architectures, research is being done in order
to design Hlightweight encryptionalgorithms 'or M$(* "ideo transmission)
In K, researchers propose to pro"ide
encryption o' "ideo data while increasingthe decodability o' the "ideo stream in the
presence o' errors)
-
8/9/2019 Wireless Sec Pres
105/121
!hese algorithm e.plore the predictable
relationship between the I, $, and B9'rames
o' compressed "ideo, and decrease thee.pected number o' bit errors le't in the
data a'ter encoding)
or more in'ormation on these techni5uesthe reader is re'erred to K)
n Secrity o+ Mobile P!one
-
8/9/2019 Wireless Sec Pres
106/121
Commnications
urthermore, some research is being done on thesecurity management planning 'or
telecommunication systems, with 'ocus on intrusion
detection and cloning mobile phone problems)
In DK, researchers discuss mobile phone networ0security management planning with its "arious
aspects such as access control, con'identiality,
authentication, non9repudiation, and integrity o'
data communications)
-
8/9/2019 Wireless Sec Pres
107/121
!he research also addresses intrusiondetection systems design 'or mobile phone
communications)
Intrusion can be classi'ied as: #i% misuseintrusion, i)e), well de'ined attac0s against
0nown system "ulnerabilitiesR and #ii%
anomaly intrusion, i)e), acti"ities based on
de"iation 'rom normal system usage patterns)
-
8/9/2019 Wireless Sec Pres
108/121
Intrusion detection systems are considered
e''ecti"e security tools to de'end against such
attac0s DK)
esearch shows that current so'tware in mobile
phone systems
+#i% do not ha"e an e''icient scheme to "eri'y i' a call is
out o' the client patterns o' communications #in most o'these systems human sta''s are used to identi'y cloned
phones and warn their clients in such situations%R
-
8/9/2019 Wireless Sec Pres
109/121
+#ii% ha"e no e''icient ways to control and
identi'y the impostorR and
+#iii% use an He.perimental satis'action to pro"e
the correctness o' their security mechanisms)
Better, and more automated techni5ues 'or
security management and identi'ication o'
'rauds, and impostors using cloned mobilephones are needed)
-
8/9/2019 Wireless Sec Pres
110/121
+Some research uses neural networ0 techni5ues to
classi'y phone users into groups according to their
past>current pro'iles) It is then relati"ely easy to
determine whether a call was made by the actualsubscriber, or an impostor>intruder DK) Such
technology can be "ery e''ecti"e in battling and
pre"enting cloning o' mobile de"ices and
conse5uently result is substantial sa"ings and moresecurity and pri"acy 'or wireless ser"ice pro"iders
and their customers)
-
8/9/2019 Wireless Sec Pres
111/121
Concldin' )emar(s
Wireless systems are 5uic0ly becoming an
important and increasingly essential part o'
our e"ery day acti"ities) !hey pro"ide unlimited potential 'or
con"enience, more independence,
portability, a"ailability, instantaneous, andubi5uitous connecti"ity where"er we go)
-
8/9/2019 Wireless Sec Pres
112/121
!hey promise great 'inancial gains to thecompanies that in"est in the de"elopment,mar0eting, sales, leasing, maintenance anduse o' these 5uic0ly e"ol"ing andincreasingly smaller, easily portable, andprogressi"ely more intelligent products)
Wireless de"ices are e.pected to hold andcommunicate a large amount o' data andin'ormation about e"ery aspect o' our li"es)
-
8/9/2019 Wireless Sec Pres
113/121
!hey are also e.pected to carry outnumerous, important, and sensiti"e 'inancial
transactions, which can only be done in a
relati"ely secure and well9protecteden"ironment)
!his protection and security is re5uired to
"arying degrees depending on theapplication in"ol"ed)
-
8/9/2019 Wireless Sec Pres
114/121
!he authors in
-
8/9/2019 Wireless Sec Pres
115/121
Some e.periments show that SS&, which is a well9
tested and e"aluated technology, is able to be
practically and e''iciently used in current and the
'uture wireless and portable de"ices)
!his is particularly the case considering that the
capabilities o' the C$13s, memory, and bandwidth
o' these de"ices is signi'icantly impro"ing e"eryday)
-
8/9/2019 Wireless Sec Pres
116/121
!his e''iciency is achie"ed by care'ully selecting andimplementing a subset o' the protocol3s many 'eatures
#ull "ersus abbre"iated SS& handsha0e per e.ample,
etc)% to ensure acceptable per'ormance and
compatibility with a large installed base o' secure webser"ers)
All this can be done while maintaining a small memory
'ootprint) !his is in concert with the concept stated by
the Ice /oc0ey &egend, Wayne *ret8s0y who said:H6on3t s0ate to the puc0R s0ate to where it3s going
-
8/9/2019 Wireless Sec Pres
117/121
Wireless systems3 'ull potential and promise canonly be reali8ed i' the security aspects o' these
systems are well considered)
$roper design and implementation must be done
according to sound security principles, which
must be employed throughout the analysis,
design, implementation, testing, and maintenance
phases o' these products and systems)
-
8/9/2019 Wireless Sec Pres
118/121
6uring their initial inception and the 'irst years o' their
introduction to the mar0et, security was not a ma7or concern or
design ob7ecti"e) /owe"er, this is 5uic0ly changing to ta0e a proper high priority
in the design and implementation o' wireless systems)
Considerable amount o' research has been and is being done to
pro"ide 'or more secure wireless systems at e"ery le"el o' theirarchitecture)
!his research is needed to pro"ide security mechanisms at the
le"el o' the portable de"ice as well as the supporting wired and
wireless system in'rastructures)
-
8/9/2019 Wireless Sec Pres
119/121
)e+erences;) Sandra ay Miller, Hacing the Challenge o' Wireless Security, I((( Computer) July ?==;)
$ages: ;
-
8/9/2019 Wireless Sec Pres
120/121
F) 6) 4an !hanh, HSecurity issues in mobile ecommerce, 6atabase and (.pert SystemsApplications, ?===) $roceedings) ;;th International Wor0shop on, ?===) $age#s%: @;? 9@?
;=) $) Ashley, /) /inton, M) 4andenwau"er, HWired "ersus Wireless Security: !he Internet, WA$and imode 'or (9commerce, Computer Society Applications Con'erence, ?==;) ACSAC?==;) $roceedings ;thAnnual, ?==;) $age#s%: ?F>www)gsmworld)com
;D) Wireless Application $rotocol Wireless !ransport &ayer Security Speci'ication #W!&S%,http:>>www)wap'orum)org>tech>documents>WA$9;FF9W!&S9?====?;D9a)pd')
http://www.wapforum.org/http://www.wapforum.org/http://www.wapforum.org/http://www.wapforum.org/ -
8/9/2019 Wireless Sec Pres
121/121
;F) !) 6ier0s, C) Allen, !he !&S $rotocol + 4ersion ;)=, C ??@