Академический Документы
Профессиональный Документы
Культура Документы
Lecture Week-5
Mobile Security-1
Mobile
Security
18-
18-Mar
Mar--10 Widyatama University
University--Informatics 2
Contents
Introduction to Wireless
Wireless World
Wireless Threats
Wireless Security Protocols and Cryptography
Security Considerations for Wireless Devices
Wireless Technologies and Applications
Cellular Networks
Wireless Data Networks
Wireless Standards and Technologies
Wireless Deployment Strategies
Implementing Wireless LANs : Security Considerations
Enabling Secure Wireless Access to Data
Real Examples from the Wireless World
The Wireless Future
Accessing Wireless LANs
-18-
18
3--Mar
Mar--10 Widyatama University
University--Informatics
Wireless World (1/2)
History of Wireless Technologies
Transmitting the 1st wireless radio signal in 1894 by G. Marconi
AM radio sets in 1920s by GE, AT&T, RCA
• TV, radio, phone took 20-
20-30 years to reach 25% of US population
After world war II
• 1970s : 1st wireless networks
analog, operated in a limited frequency range, only a low volume of simultaneous calls
AT&T’’s Advanced Mobile Phone Service in 1979
AT&T
GSM (Global System for Mobile Communications) standard
• 1980s : wireless markets start to evolve
• 1990s : wireless networks mature
1st commercial GSM networks in 1991 (2001, 800 M users)
2G networks – TDMA, CDMA, Personal Digital Communications
Wireless LAN standard (IEEE 802.11) in 1990
Bluetooth SIG in 1998 by Ericsson, IBM, Intel, Nokia, and Toshiba
Wireless Internet, WAP in 1997
Obstacles
• Economics : e.g. wireless-
wireless-internet-
internet-capable cell phones, high price Bluetooth chipsets
• User experience : slow and inconvenience
• Security : stock trading, access to corporate networks
Market forecast
• Wireless LAN (more than $3B) vs. Bluetooth (less than $1B) in 2005
-18-
18
4--Mar
Mar--10 Widyatama University
University--Informatics
Wireless World (2/2)
History of Wireless Security
Eavesdropping and Jamming
• Banning radio scanners, testing encrypted voice and data
• Communication Act of 1934, Electronic Communications Privacy Act in 1986
• Sending high volume of radio signals – Jamming
• Possible breaches
Interception of law enforcement data on specialized mobile radio, or CDPD networks
Interception of credit card authorizations over wireless networks
Stealing of cellular airtime
Interception of e-
e-mail messages on wireless Internet connections
Physical breach of security at base stations
Wireless Internet – Wireless Security
• Secure Sockets Layer, Transport Layer Security
• WAP Forum : Wireless Transport Layer Security
S -like alternative
Does not provide end-
end-to-
to-end encryption
Leaving data temporarily in an unencrypted – WAP Gap
Wireless value chain
• Device vendors (Nokia, Motorola, Ericsson, Samsung)
Putting security features on handsets
• Network operators ( Verizon, Vodafone, Sprint PCS)
Wireless data introduced a new series of issues
Trust relationship
• Hardware providers
• Contents / Application providers
Potential breaches, loss of consumer confidence
-18-
18
5--Mar
Mar--10 Widyatama University
University--Informatics
Wireless Threats (1/2)
Uncontrolled Terrain
Anonymous, uncontrolled coverage areas
Eavesdropping
Anonymous attacker passively intercepting radio signals and decoding the data being
transmitted
Sensitive data such as username and password in cleartext
Password encryption algorithms such as MS NTLM can be easily broken
Active eavesdropping – ARP spoofing : man-
man-inin--the-
the-middle attack
Communications Jamming
DoS jamming
Client jamming : jammed client loses connectivity and cannot access the application
Base station jamming : a rogue stands in for the legitimate base station
Injection and Modification of Data
Inserting commands (control messages) to a base station
Man--in
Man in--the-
the-Middle attack
Rogue Client
Rogue Network Access Points
Attack Anonymity – searching network to gain free anonymous access
Client--to
Client to--Client Attacks
Infrastructure Equipment Attacks – bypassing virtual LAN security : switch, MAC, routing
attacks (Open Shortest Path First, Enhanced Interior Gateway Routing Protocol)
-18-
18
6--Mar
Mar--10 Widyatama University
University--Informatics
Wireless Threats (2/2)
Attacker Equipment
Wireless Network Interface
• Wireless Ethernet NIC
• General Packet Radio Service / Cellular Digital Packet Data cellular telephony handset
Jammer and specialized software
Omnidirectional antennas (unity cain -> collinear), yagi antenna, parabolic
Covert Wireless Channels
Bridge air-
air-gap networks
Roaming Issues
Mobile IP – location registration and packet redirection
• Replay attacks to capture outbound traffic from the network
Cryptographic Threats
CDMA/GSM cellular network, wireless Ethernet networks
Wired Equivalent Privacy (WEP) – cryptographic mechanism for 802.11
• Implementation flaws, key management issues (single static key for all users)
-18-
18
7--Mar
Mar--10 Widyatama University
University--Informatics
Wireless Security Protocols &
Cryptography (1/5)
Removing the FUD (Fear, Uncertainty, Doubt) in
solution
OSI model
Internet model – simplification of the OSI
Wireless LAN security protocols
To improve 802.11 security mechanisms
Most using security protocols that exist in the network layer and
above
Cryptography
Caesar Cipher (Plain text ↔ Cipher text)
Primary areas where cryptography is used
• Authentication
• Encryption
• Integrity
-18-
18
8--Mar
Mar--10 Widyatama University
University--Informatics
Wireless Security Protocols &
Cryptography (2/5)
Secure Sockets Layer / Transport Layer Security
SSL
• solution to the security problems with web browsers
TLS
• successor of S
Other security protocols
• Microsoft's Private Communications Technology
• Secure Transport Layer Protocols
• Wireless Transport layer Security
Applications
• SSL/TLS HTTP connection
TCP established, SSL/TLS established, and then HTTP proceed over SSL/TLS.
SSL/TLS relies on TCP for the connection and the addition of the SSL/TLS does not
change the HTTP communication.
HTTP over SSL/TLS is implemented over TCP port (443) not 80
• used to authenticate and encrypt a connection
The authentication is accomplished by using public-
public-key cryptography and is referred to as
a handshake.
The actual communications using SSL/TLS use a symmetrical encryption algorithm
-18-
18
9--Mar
Mar--10 Widyatama University
University--Informatics
Wireless Security Protocols &
Cryptography (3/5)
Secure Shell (SSH)
designed to replace Unix programs (telnet, rlogin, rshell
rshell,, rcp
rcp))
much like SSL/TLS
• public key to set up and symmetric key for data transfer
implementation of SSH protocol - Unix ssh program
• eliminate security concerns (sniffing, hijacking, injection) with telenet
port forwarding feature
• if not (SSH server + SSH tunnel to user), firewall is configured to only allow traffic
from the insecure network to the SSH server (and then to E- E-mail Server)
Man--in-
Man in-the
the--Middle of SSL/TLS and SSH
attack
• intercept the handshake and replace the public keys exchanged with counterfeits
keys
solution
• Public Key Infrastructure with Certificate Authority (holding key-
key-signing parties)
testing
• 'dsniff
dsniff'' can be used for testing applications using SSL/TLS and SSH for MITM
attacks
-18-
18
10-Mar
Mar-
- -10 Widyatama University
University--Informatics
Wireless Security Protocols &
Cryptography (4/5)
WTLS
based on SSL/TLS, used by WAP devices (handsets, PDAs)
while SSL relies on TCP for reliability function (e.g., retransmission of lost
packets), WAP devices using WTLS cannot use TCP; WAP devices only use
UDP.
3 classes negotiated during the handshake process
• WTLS class 1 : No certificates
no authentication takes place, simply used to set up an encrypted channel
• WTLS class 2 : Server certificate only
client (handset) authenticates the server (by firmware of the handset)
• WTLS class 3 : Client and server certificates
both; implementation of a PKI
WTLS similar to SSL/TLS, as WML to HTML, for WAP devices
WEP (Wired Equivalent Privacy)
included in 802.11
packet encrypted by generating an RC4 stream with a combination of 24-
24-bit
initialization vector and shared key
WEP key can be compromised in a few hours.
common key for all users on a given wireless network
18-
-18
11-Mar
Mar-
- -10 Widyatama University
University--Informatics
Wireless Security Protocols &
Cryptography (5/5)
802.1x
layer 2 protocol
to authenticate users and can optionally be used to establish encryption keys
EAP(Extensible Authentication Protocol) is used to authenticate the users
IP Sec
lower in the protocol stack than SSL/WTLS, SSH, or WTLS : IP layer
tunnel mode
• enable all IP traffic to be encrypted and optionally authenticated inside a single session
enabling technology behind VPN
Implementation
• Encapsulated Security Payload, Authentication Header
• encryption standard algorithms for ESP : DES, Triple DES, AES
• authentication algorithm for AH : Message Digest 5, Secure Hash Algorithm
Modes
• Transport mode : only encrypt data of the IP packet
• Tunnel mode : encrypt entire packet including the headers
IPSec VPN tunnel : VPN gateway + IPSec tunnel + remote user
18-
-18
12-Mar
Mar-
- -10 Widyatama University
University--Informatics
Security Consideration
for Wireless Devices (1/2)
Security Issues
Devices
• laptop, PDA, wireless infrastructure (AP, bridge) mobile phone handset
Physical security
• loss of device -> lock
Information leakage
Device security features
• factory or master passwords
Application security
• embedding passwords or keys into an application -> reverse
reverse--engineering
• sensitive application
Detailed Device Analysis
Laptop
• loss of data encryption keys (e.g., wired equivalent privacy keys, soft tokens, passwords)
• not store the keys on the machine; HIDS, personal firewall software; disabling boot up with CD
PDA
• poor password protection; input mechanisms (e.g., wireless, infrared port, USB, Bluetooth)
• encrypt sensitive data (Elliptic Curve Cryptography)
-18-
18
13-Mar
Mar-
- -10 Widyatama University-
University-Informatics
Security Consideration
for Wireless Devices (2/2)
18-
-18
14-Mar
Mar-
- -10 Widyatama University
University--Informatics
Cellular Networks (1/4)
3 Methods for Spectrum Allocation : provides access to a given
frequency for multiple users
Frequency Division Multiple Access (FDMA)
Time Division Multiple Access (TDMA)
Code Division Multiple Access (CDMA)
FDMA
used on the initial analog Advanced Mobile Phone System (AMPS)
available spectrum divided into channels; each channel used for a single
conversation
FDMA assigns channels even if no conversations are taking place - less efficient
only for voice transmission
2G wireless technologies
• GSM : 80%, CDMA : 11%, PDC : 5%, traditional TDMA : 2%, iDEN : 1%
TDMA
digitizes the voice signal and turns the signal into a series of short packets
uses a single-
single-frequency channel for a very short time and migrates to another
channel
voice packets can occupy different time slots in different frequency ranges at the
same time
digital signal, better frequency allocation, support for multiple data types
Global System for Mobile Communications (GSM) basis
18-
-18
15-Mar
Mar-
- -10 Widyatama University
University--Informatics
Cellular Networks (2/4)
CDMA
frequency hopping spread spectrum in 1940s - utilizing a wider frequency range
• increases signal quality and connections
• more secure, decrease the risk of the signal being detected by unauthorized parties
rather than dividing spectrum by time or frequency, adds a unique code onto each packet before
transmission
the same code is used at the receiving end to enable the conversation to be reconstructed
stronger security, better (8-
(8-10 time than FDMA, 5 time than TDMA) frequency allocation, improved call
quality, simplified system planning (by using the same frequency in every sector of every cell)
TDMA versus CDMA
TDMA advantages
• longer battery life (less transmitter power), less expensive infrastructure, widest deployment (GSM), international
roaming (GSM), data security (GSM's Subscriber Identity Module cart)
TDMA disadvantages
• hard roaming handoffs, distortion (lower signal-
signal-to-
to-noise ratio)
CDMA advantages
• bandwidth efficiency, soft roaming handoffs (polls various cells and switches to the cell that offers the best signal
and coverage), less distortion, strong voice security
CDMA disadvantage
• more expensive, no international roaming, no SIM card
PDC (Personal Digital Cellular)
based on TDMA in 800MHz and 1500MHz
bandwidth efficiency, packet data, only in Japan
iDEN (integrated Dispatch Enhanced Network) by Nextel
wireless market called specialized mobile radio (SMR), walkie-
walkie-talkie with a cellular phone,
18-
18
- 16
-Mar
Mar-
- -10 Widyatama University
University--Informatics
Cellular Networks (3/4)
Security Threats
Network Operator's Security Goals
• Authentication, Privacy, Data and voice integrity, Performance
Security Risks and Threats
• Network and systems availability (DoS
(DoS),
), Physical protection, Fraud (cloned or pirated handsets)
Types of Cellular Fraud
• theft of handsets, sign up for services using false id, handset cloning,
Combating Fraud
• encryption (Electronic Serial Number), blacklist (track the ESNs of stolen phones), traffic analysis, legislation
General Security Principles
Encryption - size of key : 56-
56-bit in DES
GSM
handsets with SIM card (smart card with 32K/64K EEPROM)
base transceiver station
base station controller
mobile switching center
authentication center
home location register / visitor location register
operating and maintenance center
GSM security
authentication algorithm for handset (A3)
block cipher algorithm to encrypt voice and data (A5/1 or A5/2)
key generation algorithm (A8)
-18-
18
17-Mar
Mar-
- -10 Widyatama University
University--Informatics
Cellular Networks (4/4)
CDMA
a 64-
64-bit symmetric key (called A-
A-Key) for authentication, no SIM card
why not public keys - hardware limitation, infrastructure requirements
Authentication
• encryption algorithm CAVE (cellular authentication and voice encryption)
• to minimize the risk of intercepting the A-
A-Key in the air, dynamic value called shared secret data
• steps
commence a call; MSC retrieve subscriber info from HLR, MSC generates 24-
24-bit random number for unique challenge
(RANDU); RANDU is transmitted to the phone, phone generate 18-
18-bit AUTHU, MSC calculates AUTU which should
match
Confidentiality
• 64-
64-bit Signaling Message Encryption Key (SMEKEY)
Shortcomings
no mutual authentication
poor security algorithms (replacing CAVE with SHA-
SHA-1)
no consistent SIM card mechanism on handset for key storage
voice encryption not always
18-
-18
18-Mar
Mar-
- -10 Widyatama University
University--Informatics
Wireless Data Networks (1/3)
General Demands
faster throughput
more global roaming capabilities
interoperability with internet
Wireless Data Networks
Cellular Digital Packet Data (CDPD)
Mobitex
General packet Radio Service (GPRS)
Cellular Digital Packet Data (CDPD)
standard developed in US in 1990s
• offering wireless data services using AMPS (Advanced Mobile Phone Service) infrastructure
advantages
• speed (19.2 Kbps), TCP/IP based (compatible with Internet), quick call setup
architecture
• similar to wireless voice networks
• mobile end system ... mobile database stations - mobile data intermediate system - Internet (firewall)
security
• similar to wireless voice network (CDMA) : unique id called NEI (Network Entity Identifier)
• no tamper-
tamper-resistant hardware such as SIM
• Diffie--Hellman key exchange
Diffie
• vulnerabilities
no mutual authentication, local key storage (no SIM to store NEI)
-18-
18
19-Mar
Mar-
- -10 Widyatama University
University--Informatics
Wireless Data Networks (2/3)
Mobitex
wireless data technology developed by Ericsson in
1980s
• operate in one of 4 frequency families (80MHz, 400MHz, 800MHz, 900MHz)
• 8Kbps rate, 512-
512-bytpe block transmission
• royalty
royalty--free license
architecture
• peer-
peer-to
to--peer ... base station - local switch - regional switch - national switch /
Internet
application of the network : Blackberry wireless e-
e-
mail pager offered by Canadian-
Canadian-based Research in
Motion (RIM)
• RIM device (32-
(32-bit Intel 386 processor, 2MB flash mem,
mem, 304Kb static RAM) security
model focused on MS outlook & Lotus cc:Mail
RIM security architecture
• desktop - mail server - firewall - Internet - mobile network ... RIM handheld
Mobitex vs. CDPD (Mobitex
(Mobitex will outlast CDPD)
• network infrastructure (eliminating AMPS hardware), strong industry association
(Mobitex Operators Association led by Ericsson), greater coverage
-18-
18
20-Mar
Mar-
- -10 Widyatama University
University--Informatics
Wireless Data Networks (3/3)
General Packet Radio Service (GPRS)
GSM developed in 1990s
packet-based
packet-
• compatibility with the Internet
• always
always--on connection
• efficient networks
higher throughput
use many time slots in parallel
data split into chunks and sent simultaneously on multiple channels to a handset
handsets
Class A terminal (support GPRS and GSM and the simultaneous operation)
Class B terminal (support GPRS and GSM but not simultaneously)
Class C terminal (only GPRS)
architecture
base station - base station controller - SGSN - HLR / GGSN - Internet
• SGSN : data router (service GPRS service node)
• GGSN : gateway GPRS Support Node
• other network components : charging gateway, border gateway, DNS,DNS, firewall and NMS
security issues
DoS against GGSN
IP address spoofing
GGSN - Internet - VPN server - corporate LAN
• not end-
end-to
to--end security(SGSN-
security(SGSN-GGSN), added cost(VPN), trust issue (enterprise - mobile
operator)
-18-
18
21-Mar
Mar-
- -10 Widyatama University
University--Informatics
Conclusion & Final Words
Mobile
Security
Demo
18-
18-Mar
Mar--10 Widyatama University
University--Informatics 22
Conclusion
Threats to organizations are real and
increasing, seamless mobility requires
careful security planning
Security incidents involving mobile and
wireless environment are increasing
Securing seamless mobility requires
holistic approach that address people,
process and technology
18-
18-Mar
Mar--10 Widyatama University-
University-Informatics 23