Title: New Challenges in Securing our Communication Infrastructure
1New Challenges in Securing our Communication
Infrastructure
2Agenda
- Wireless Overview
- State of the Wireless Union Where are we?
- Vision for 4G
- Security Challenges for Future Wireless Networks
- 3G Multicast Security
- Authentication in Broadcast Environments
- Security in Ad Hoc Networks
- Biologically-Inspired Self-Healing Frameworks
- Networks of Networks Security Issues
3State of the Wireless Union
- We are still waiting for third generation (3G)
wireless. - WLAN (Wi-Fi) technologies are rapidly growing
- Estimated 800 Million in US sales for 2004
- Prices for Wi-Fi equipment plummeting
- 100 access point, 70 WLAN card
- New, unregulated networks popping up everywhere
- Its not just Starbucks T-Mobile
- Open-access hotspots
- Warchalking is now a common hobby
Source Allied Business Intelligence
4Vision for the Fourth Generation
- Wireless devices will continue to drop in price
- Wireless sensors will be deployed everywhere
- Ability to monitor everything, from temperature
to traffic - Remote sensing and autonomic living applications
- Next generation wireless systems (4G) will seek
to facilitate mass market services with new
network architecture - Self-organizing, ad-hoc wireless access networks
Ad-hoc wireless network protocols which support
multihop and peer-to-peer service models,
particularly for low-tier uses (in-home, sensors,
etc.) - Networks of networks Future wireless networks
will support co-existence of multiple types of
networks - Security will be a critical issue
- Unregulated networks will provide an untraceable
platform to launch network attacks - Mobility and power-efficiency are still concerns
53G Multicast Security
- Keys must be shared by multicast group
participants - As users join and leave, keys must be changed
- 3GPP has proposed a new entity, the BMSC for
managing broadcast and multicast services - The BMSC can perform key management
63G Multicast Security
- 3GPP currently is investigating several multicast
frameworks - To optimize key management, one should match the
key tree to underlying multicast topology - 3GPP has not decided on a multicast topology
- We are examining the performance of multicast key
management at the BMSC for different 3G multicast
scenarios - Examine the issue of key management during
handoff between node-Bs and RNCs
- Prototype Secure Chat Application has been
developed - Server is implemented in J2SE
- Clients are implemented in J2ME
7Broadcast/Multicast Authentication
- Important challenge facing secure multicast
communication is data authentication - Ensures data is from trusted source
- Ensures data was not modified en route
- Unicast Data Authentication uses standard
cryptographic techniques - Digital Signatures (RSA, DSA)
- Drawbacks Inefficient due to
- Large per packet computation
- Large communication overhead
- Note Drawbacks are not critical in many
applications. - Message Authentication Codes (MAC) (HMAC-MD5)
- Class of symmetric keyed one-way hash function
- Advantages
- Computationally efficient
- Compressed code
- Computationally non-invertible
8Multicast Authentication
- Multicast source authentication is more complex
than unicast - Symmetric Key Cryptography cannot be used
- Key is known to all receivers
- Packets can be forged by any receivers
- Asymmetric key cryptography is required
- Lost packets are not retransmitted
- Digital signature schemes provide good
authentication - Each message is signed by appending digital
signature - Significant drawbacks for realtime, low-power
multicast applications - Time-to-sign and time-to-verify
- Bandwidth and overhead.
- We want a technique that will take advantage of
both - One approach Delayed key disclosure
9Multicast Authentication
- Delayed Key Disclosure (e.g. TESLA)
- Weakness
- Use of buffers allows for a simple denial of
service (DoS) attack - Since there is no way to check packets until key
is disclosed, buffer will overflow - How to protect against DoS attacks?
Keys
Time
K1
K2
K3
K4
K5
10DoS Resistant TESLA
- Idea Use multiple keys and stagger the delayed
key disclosure scheme.
Keys
Time
Ki
Ki2
Ki4
Ki1
Ki3
P1
P1
- End result
- Provides a filter to remove packets from buffer
before the maximum network delay is achieved
P1
11Ad-Hoc Network Security
- Ad-hoc networks introduce new security challenges
- Evolving authentication Nodes are moving, and
clusters are constantly being redefined. - Secure routing New types of attacks (e.g.
wormhole attacks) exist. - Service non-repudiation No proof that a service
(QoS) was provided. - WINLAB approach Develop a hierarchical,
self-organizing network - Can nodes develop an evolving trust model?
Elected nodes give trust certificates.
Internet
BTS
Access Point
AP
WLAN micro-cell
Forwarding node
FN
3G cell
personal-area pico-cell
low-tier (e.g. sensor) user nodes
12Authentication in Hierarchical Ad Hoc Sensor
Networks
- Public key certificates are not suitable for flat
ad hoc networks - To check certificate requires expensive public
key operations - Three tier architecture
- Varying levels of computational power within the
sensor network - Sensors do not communicate with each other
- Forwarding nodes are radio-relay
- TESLA Certificates
- Alternative to PK certificates
- Uses symmetric key cryptography
- Delayed key disclosure
- Authentication framework
- Access points provide filter to application
- TESLA certificates provide efficient sensor node
handoff - Weak and assured data authentication provided
13Self-Healing Wireless Networks
- Ad hoc networks are being deployed for a broad
variety of applications, and are a key platform
for - Remote sensing applications (Homeland Security)
- Military battlefield networks
- Mesh networks and ubiquitous content distribution
- Challenge These networks are not tolerant to
active or passive faults - Nodes are cheap and will often malfunction
- Nodes are in an open environment and vulnerable
to being captured by adversaries
Network Node
Corrupted Network Node
14Self-healing framework
- In nature, we have many cases where systems get
infected and must repair themselves - Ad hoc networks should emulate nature and heal
themselves! - Model Human immune system
- Leuocytes (white blood cells) There are two
types, those that develop in lymph nodes and
those that develop in bone marrow - Killer T-cells Destroy antigens either by
themselves, or by recruiting other white blood
cells - Lymphocytes Produce antibodies, that seek to
surround and cover an antigen, rendering it
harmless until a phage can arrive to destroy the
neutralized antigen - Chemotaxis Leuocytes find their way to an
antigen by following a chemical trail of bread
crumbs
15Mobile Agent Framework
- Biologically-inspired self-healing security
framework - Mobile Code will launch from network lymph nodes
to patrol network - Mobile Code will leave behind tags allowing for
the process of network chemotaxis - In response, Repair and Destroy Agents will be
launched to reboot, or shut down malfunctioning
nodes via secure OS environment
Network Node
Network Lymph Node
Corrupted Network Node
16Enabling Technologies
- Enabling Technologies to be Researched
- Smart Messages (SMs) Migratory execution units
that execute on ad hoc nodes, and will form the
different types of mobile agents involved in a
network immune system - Trajectory Routing Self-routing mechanisms for
mobile code capable of finding fast and efficient
route to faulty node - Anomaly Detection Statistical and policy-based
detection mechanisms for identifying faulty
network nodes - Flexible Security Policies Describe how the
network immune system responds to different types
of corruptions or threats - Authorization and Secure OS Each node must have
a secure environment from which mobile agents
perform their functions
17Network of Wireless Networks Security
- Security Needs
- Certification across networks
- Security must scale to multiple simultaneous
platforms!
Global Internet
Internet-like architecture that promotes organic
growth...
Mobility supporting Internet
wired links
Radio Access Network (cellular)
high-tier devices (mobile terminals)
radio link
microcell
med-tier devices (laptops, PDAs)
picocell
low-tier devices (home, sensors)