New Challenges in Securing our Communication Infrastructure

1
New Challenges in Securing our Communication
Infrastructure

• Wade Trappe

2
Agenda

• Wireless Overview
• State of the Wireless Union Where are we?
• Vision for 4G
• Security Challenges for Future Wireless Networks
• 3G Multicast Security
• Authentication in Broadcast Environments
• Security in Ad Hoc Networks
• Biologically-Inspired Self-Healing Frameworks
• Networks of Networks Security Issues

3
State of the Wireless Union

• We are still waiting for third generation (3G)
  wireless.
• WLAN (Wi-Fi) technologies are rapidly growing
• Estimated 800 Million in US sales for 2004
• Prices for Wi-Fi equipment plummeting
• 100 access point, 70 WLAN card
• New, unregulated networks popping up everywhere
• Its not just Starbucks T-Mobile
• Open-access hotspots
• Warchalking is now a common hobby

Source Allied Business Intelligence
4
Vision for the Fourth Generation

• Wireless devices will continue to drop in price
• Wireless sensors will be deployed everywhere
• Ability to monitor everything, from temperature
  to traffic
• Remote sensing and autonomic living applications
• Next generation wireless systems (4G) will seek
  to facilitate mass market services with new
  network architecture
• Self-organizing, ad-hoc wireless access networks
  Ad-hoc wireless network protocols which support
  multihop and peer-to-peer service models,
  particularly for low-tier uses (in-home, sensors,
  etc.)
• Networks of networks Future wireless networks
  will support co-existence of multiple types of
  networks
• Security will be a critical issue
• Unregulated networks will provide an untraceable
  platform to launch network attacks
• Mobility and power-efficiency are still concerns

5
3G Multicast Security

• Keys must be shared by multicast group
  participants
• As users join and leave, keys must be changed
• 3GPP has proposed a new entity, the BMSC for
  managing broadcast and multicast services
• The BMSC can perform key management

6
3G Multicast Security

• 3GPP currently is investigating several multicast
  frameworks
• To optimize key management, one should match the
  key tree to underlying multicast topology
• 3GPP has not decided on a multicast topology
• We are examining the performance of multicast key
  management at the BMSC for different 3G multicast
  scenarios
• Examine the issue of key management during
  handoff between node-Bs and RNCs

• Prototype Secure Chat Application has been
  developed
• Server is implemented in J2SE
• Clients are implemented in J2ME

7
Broadcast/Multicast Authentication

• Important challenge facing secure multicast
  communication is data authentication
• Ensures data is from trusted source
• Ensures data was not modified en route
• Unicast Data Authentication uses standard
  cryptographic techniques
• Digital Signatures (RSA, DSA)
• Drawbacks Inefficient due to
• Large per packet computation
• Large communication overhead
• Note Drawbacks are not critical in many
  applications.
• Message Authentication Codes (MAC) (HMAC-MD5)
• Class of symmetric keyed one-way hash function
• Advantages
• Computationally efficient
• Compressed code
• Computationally non-invertible

8
Multicast Authentication

• Multicast source authentication is more complex
  than unicast
• Symmetric Key Cryptography cannot be used
• Key is known to all receivers
• Packets can be forged by any receivers
• Asymmetric key cryptography is required
• Lost packets are not retransmitted
• Digital signature schemes provide good
  authentication
• Each message is signed by appending digital
  signature
• Significant drawbacks for realtime, low-power
  multicast applications
• Time-to-sign and time-to-verify
• Bandwidth and overhead.
• We want a technique that will take advantage of
  both
• One approach Delayed key disclosure

9
Multicast Authentication

• Delayed Key Disclosure (e.g. TESLA)
• Weakness
• Use of buffers allows for a simple denial of
  service (DoS) attack
• Since there is no way to check packets until key
  is disclosed, buffer will overflow
• How to protect against DoS attacks?

Keys
Time
K1
K2
K3
K4
K5
10
DoS Resistant TESLA

• Idea Use multiple keys and stagger the delayed
  key disclosure scheme.

Keys
Time
Ki
Ki2
Ki4
Ki1
Ki3
P1
P1

• End result
• Provides a filter to remove packets from buffer
  before the maximum network delay is achieved

P1
11
Ad-Hoc Network Security

• Ad-hoc networks introduce new security challenges
• Evolving authentication Nodes are moving, and
  clusters are constantly being redefined.
• Secure routing New types of attacks (e.g.
  wormhole attacks) exist.
• Service non-repudiation No proof that a service
  (QoS) was provided.
• WINLAB approach Develop a hierarchical,
  self-organizing network
• Can nodes develop an evolving trust model?
  Elected nodes give trust certificates.

Internet
BTS
Access Point
AP
WLAN micro-cell
Forwarding node
FN
3G cell
personal-area pico-cell
low-tier (e.g. sensor) user nodes
12
Authentication in Hierarchical Ad Hoc Sensor
Networks

• Public key certificates are not suitable for flat
  ad hoc networks
• To check certificate requires expensive public
  key operations
• Three tier architecture
• Varying levels of computational power within the
  sensor network
• Sensors do not communicate with each other
• Forwarding nodes are radio-relay
• TESLA Certificates
• Alternative to PK certificates
• Uses symmetric key cryptography
• Delayed key disclosure

• Authentication framework
• Access points provide filter to application
• TESLA certificates provide efficient sensor node
  handoff
• Weak and assured data authentication provided

13
Self-Healing Wireless Networks

• Ad hoc networks are being deployed for a broad
  variety of applications, and are a key platform
  for
• Remote sensing applications (Homeland Security)
• Military battlefield networks
• Mesh networks and ubiquitous content distribution
• Challenge These networks are not tolerant to
  active or passive faults
• Nodes are cheap and will often malfunction
• Nodes are in an open environment and vulnerable
  to being captured by adversaries

Network Node
Corrupted Network Node
14
Self-healing framework

• In nature, we have many cases where systems get
  infected and must repair themselves
• Ad hoc networks should emulate nature and heal
  themselves!
• Model Human immune system
• Leuocytes (white blood cells) There are two
  types, those that develop in lymph nodes and
  those that develop in bone marrow
• Killer T-cells Destroy antigens either by
  themselves, or by recruiting other white blood
  cells
• Lymphocytes Produce antibodies, that seek to
  surround and cover an antigen, rendering it
  harmless until a phage can arrive to destroy the
  neutralized antigen
• Chemotaxis Leuocytes find their way to an
  antigen by following a chemical trail of bread
  crumbs

15
Mobile Agent Framework

• Biologically-inspired self-healing security
  framework
• Mobile Code will launch from network lymph nodes
  to patrol network
• Mobile Code will leave behind tags allowing for
  the process of network chemotaxis
• In response, Repair and Destroy Agents will be
  launched to reboot, or shut down malfunctioning
  nodes via secure OS environment

Network Node
Network Lymph Node
Corrupted Network Node
16
Enabling Technologies

• Enabling Technologies to be Researched
• Smart Messages (SMs) Migratory execution units
  that execute on ad hoc nodes, and will form the
  different types of mobile agents involved in a
  network immune system
• Trajectory Routing Self-routing mechanisms for
  mobile code capable of finding fast and efficient
  route to faulty node
• Anomaly Detection Statistical and policy-based
  detection mechanisms for identifying faulty
  network nodes
• Flexible Security Policies Describe how the
  network immune system responds to different types
  of corruptions or threats
• Authorization and Secure OS Each node must have
  a secure environment from which mobile agents
  perform their functions

17
Network of Wireless Networks Security

• Security Needs
• Certification across networks
• Security must scale to multiple simultaneous
  platforms!

Global Internet
Internet-like architecture that promotes organic
growth...
Mobility supporting Internet
wired links
Radio Access Network (cellular)
high-tier devices (mobile terminals)
radio link
microcell
med-tier devices (laptops, PDAs)
picocell
low-tier devices (home, sensors)