Network Security

1
Network Security

• Pieter.Hartel_at_utwente.nl

2
Overview

• The Internet is broken
• Wireless Sensor Networks are even harder to secure

3
The Internet is broken
Tal05 D. Talbot. The Internet is broken. MIT
Technology review, Dec 2005. http//www.technology
review.com/InfoTech-Networks/wtr_16051,258,p1.html

4
Tussle in Cyberspace

• Once upon a time, there was a happy family
  dedicated to universal packet carriage but it was
  not a mirror of society with
• Users
• Commercials ISPs network providers
• Governments
• IPR holders
• Content and service providers

Cla02a D. D. Clark, J. Wroclawski, K. R.
Sollins, and R. Braden. Tussle in cyberspace
defining tomorrow's internet. In Conf. on
Applications, technologies, architectures, and
protocols for computer communications (SIGCOMM),
pages 347-356, Pittsburgh, Pennsylvania, USA, Aug
2002. ACM. http//doi.acm.org/10.1145/633025.63305
9
5
Design principles

• Modularize along tussle boundaries
• E.g. Separate machine name and trademark
• Efficiency is not everything
• Design for choice
• Designers cannot know what users want
• Design open protocols interfaces
• Compensation must flow, like data
• In the end if everything goes wrong...

6
We need the law

• The first step in knowing
• who we are is knowing
• when we are and
• where we are!
• John Cleese as
• Mr Stimpson, 1986

7
Who we are

• Internet (Timed) flat fee
• Two-factor authentication (more...)
• Username/password
• MAC IP address
• Badly broken
• Phone Rating and billing
• Caller ID (more...)
• Better...

On the Internet, nobody knows youre a dog
Blu01 M. S. Blumenthal and D. D. Clark.
Rethinking the design of the Internet the
end-to-end arguments vs. the brave new world. ACM
Trans. Inter. Tech., 1(1)70-109, 2001.
http//doi.acm.org/10.1145/383034.383037
8
Two factor authentication

• Internet
• Apr 2005 Man-in-the-middle attack warning Bruce
  Schneier
• Oct 2005 Federal Financial Institutions
  Examination Council recommends 2FA
• Mar 2007 Dutch high street bank 2FA system hit by
  social engineering
• CEO of the bank talks to the press

Sch05a B. Schneier. Two-factor authentication
too little, too late. Commun. ACM, 48(4)136-136,
Apr 2005. http//doi.acm.org/10.1145/1053291.10533
27.
9
Caller ID (CNID)

• Phone
• Transmitted between 1st and 2nd ring
• Caller 67 sets privacy bit to block display at
  callee
• Gives you the choice to avoid telemarketeers ?
• Easy to get around with VoIP
• Not used for billing!

10
When we are

• Internet
• Network Time Protocol (RFC-1305, older protocols)
• Phone
• Rating Billing based on time of day, duration,
  data volume, origin, destination, premium...
• You can select your long distance provider
• Billing is an expensive process...

11
Where we are

• Internet
• Global address space
• NAT
• What is my ip address?
• Phone
• Country codes
• Area codes

12
The end point

• Internet golden rules
• Check the padlock on your browser
• Keep virus scanner and firewall up to date
• Dont open suspect attachments
• Dont install suspect software
• Check your statements
• MOT for PCs?
• Phone
• Check your statements

13
The real world

• Out of band signalling helps
• SS7 has replaced SS5 because of the blue boxes
• Bank card and PIN sent separately
• Credit card activation by phone
• Credit card payment confirmation by SMS in Italy
• Using your mobile in the office
• Charging Internet Telephony
• account confirmed using sms

14
The virtual world

• Security gateways
• Signs, verifies, en/decrypts for you
• As simple as possible, Tamper resistant
• Hardened OS, Open source
• Can be trusted to do signalling
• Use SIMs?
• Patchwork VPN of security gateways
• Alternate paths in the Internet
• Alternate networks
• Different light paths?

15
Conclusions

• Internet security is an add-on
• Universal packet carrier, versatile endpoints
• Evolution using overlays and gateways
• Identity, time, and location
• Align future Internet with real world
• Research out of band signalling
• Challenge if the cost rises linearly, the
  benefits should rise exponentially

16
Wireless sensor networks
Wal06 J. P. Walters, Z. Liang, W. Shi, and V.
Chaudhary. Wireless sensor network security A
survey. In Y. Xiao, editor, Security in
Distributed, Grid, and Pervasive Computing, pages
367-410. Auerbach Publications, CRC Press, 2006
http//jpnwalters.com/Documents/sensor_chapter.pdf
17
Typical applications

• Environmental monitoring
• Ocean water monitoring
• Animal monitoring
• Health care
• Body area networks
• Industrial safety
• Smart buildings
• Military
• Transport and logistics

18
Batteries change everything

• Who we are?
• Battery powered devices must be selfish
• When we are?
• Clocks consume power
• Clocks needed to plan sleep
• Where we are?
• WSN use received signal strength, triangulation,
  acceleration etc to determine location
• Mobility support needs location for handover

19
Battery technology lags behind

• Limited capacity
• 8 yearly increase (Wh/cm3)
• doubles every 9 years, not every 18 months

Slide from andreas.savvides_at_yale.edu
20
Energy consumption (mW)

• Full power 2 weeks
• Comm. 1 bit 1000 instructions

Slide by lodewijk.vanhoesel_at_utwente.nl
21
WSN technical challenges

• Obstacles
• Limited resources power
• Unreliable communication
• Unattended operation, dynamic
• System requirements
• Self organisation
• Time synchronization
• Localization
• Differences with the Internet
• 1 to many in stead of 1 to 1
• In network processing essential
• Scalability!

22
Threat model
redundancy

• The bad guys
• We dont know who they are
• Can collude
• Can be a clone of a good guy
• Can appear/disappear
• Can be powerful (Jam!)
• The good guys
• Can try to work around the bad guys
• Base assumed good

Sensor 5
Aggre- Gator 2
Base
Sensor 4
Aggre- gator 1
Aggre- Gator 3
Sensor 1
Sensor 2
Sensor 3
23
Ideas for defence

• Encrypted Authenticated packets against DoS
• Hash chains for key establishment
• Homomorphic encryption for aggregation
• Redundancy In network processing against DoS

Ray08 D. R. Raymond and S. F. Midkiff.
Denial-of-Service in wireless sensor networks
Attacks and defenses. IEEE Pervasive Computing,
7(1)74-81, Jan 2008. http//dx.doi.org/10.1109/MP
RV.2008.6
24
Security in the MAC layer

• MAC layer
• Uncoordinated (e.g. CSMA as in Ethernet)
• Coordinated (e.g. TDMA as in GSM)
• Security goals
• Access control message integrity against packet
  injection
• Confidentiality against eaves dropping
• Cannot handle replay attacks

Kar04 C. Karlof, N. Sastry, and D. Wagner.
TinySec a link layer security architecture for
wireless sensor networks. In 2nd Int. Conf. on
Embedded networked sensor systems (SenSys), pages
162-175, Baltimore, MD, USA, Nov 2004. ACM, New
York. http//doi.acm.org/10.1145/1031495.1031515
25
Packet format
CBC-Encryption
CBC-MAC

• Why do we need encryption MAC?

26
CBC Cipher Block Chaining
block
IV
block
encrypt
encrypt
block
block

• Same plaintext block maps to different ciphertext
  block
• Protects against reordering and replacing
• Limited error propagation
• The larger the IV the better

27
How well does this work

• Authentication forgery 2-8
• MAC forgery 2-32
• Minimum data size 8 bytes
• Reuse of counter after 216 messages

28
Key establishment

• Key establishment methods include
• Master key in all nodes ?
• Random selection from set of keys (Birthday
  paradox)
• TTP based on public key
• Piggy back on the MAC protocol

50
23
29
?Tesla Time released secrets

• Symmetric crypto only
• Requires loose time synchronisation
• Number of authenticated senders is limited

Per01 A. Perrig, R. Szewczyk, J. D. Tygar, V.
Wen, and D. E. Culler. SPINS security protocols
for sensor networks. Wireless Networking,
8(5)521-534, 2002. http//dx.doi.org/10.1023/A10
16598314198
30
From Base to Node (Simplified)
secret
t
random
Hash chain
K2
P3
public
31
Homomorphic encryption

• El Gamal reminder
• Multiplicative group Zn, generator g
• Private key x ? Zn, and public key gx
• Enc(m,gx) (c,k)(m.gxy, gy), where y?R Zn
• Multiplicative privacy Homomorphism
  E(m)?E(m)E(m.m) for suitable ?,.
• Enc(m,gx)?Enc(m,gx) (c,k)?(c,k)
• (m.?xy,gy)?(m.gxy, gy) (m.gxy.m.gxy,gy.gy)
  
• (m.m.gx(yy), gyy) Enc(m.m, gx)

Seb07 F. Sebéa and J. Domingo-Ferrer.
Scalability and security in biased many-to-one
communication. Computer Networks, 51(1)1-13, Jan
2007. http//dx.doi.org/10.1016/j.comnet.2005.11.0
04
32
Data aggregation
M7 E(3.2)?E(5.2) E(3.2.5.2)
M5 E(3)?E(2) E(3.2)
M6 E(5)?E(2) E(5.2)
M1E(3)
M4E(5)
M3E(2)
M2E(2)
33
Finally some problems

• Privacy in Wireless networks
• Implantable medical devices
• From the Lab to the Jungle

34
Privacy is a problem

• 50-80 of Wifi networks operate in clear
• Its not only the data that Wireless networks
  transport but also the increased ease at which
  you can get the data

Iss05 B. Issac, S. M. Jacob, and L. A.
Mohammed. The art of war driving and security
threats - a malaysian case study. In 13th IEEE
Int. Conf. on Networks and 7th Malaysia Int.
Conf. on Communication, pages 124-129. IEEE
Computer Society, Nov 2005. http//dx.doi.org/10.1
109/ICON.2005.1635452
35
Implantable Medical devices

• US 25M total, 250K implanted yearly
• Resources
• 5-7 year battery lifetime,
• Radio up to 250Kbps, up to a few meters
• Purpose
• Therapy, monitoring telemetry
• Goals
• Safety, Availability, Accuracy, Auditability,
  Device ID vs Privacy

Hal08b D. Halperin, T. S. Heydt-Benjamin, K.
Fu, T. Kohno, and W. H. Maisel. Security and
privacy for implantable medical devices. IEEE
Pervasive Computing, 7(1)30-39, 2008.
http//dx.doi.org/10.1109/MPRV.2008.16
36
From the Lab to the Jungle

• 3100 KM US-Mexican border
• 10m sound / vibration sensor range
• 7m radio range ground, 35m 1m stick
• 440,000 sensors or 88,000
• Battery life 6 months?
• Issues
• Person or animal?
• Air drop or manual placement?
• Whom to alert?
• A fence might be cheaper

Tan06 A. S. Tanenbaum, C. Gamage, and B.
Crispo. Taking sensor networks from the lab to
the jungle. IEEE Computer, 39(8)98-100, Aug
2006. http//doi.ieeecomputersociety.org/10.1109/M
C.2006.280
37
Conclusions

• Wireless ? Wired
• Mains powered ? Battery powered
• In network processing essential
• Look at the application

Watch this video