New Challenges in Securing our New Challenges in Securing our Communication InfrastructureCommunication Infrastructure

Wade Trappe

AgendaAgenda

Wireless Overview– State of the Wireless Union: Where are we?

– Vision for 4G

Security Challenges for Future Wireless Networks:– 3G Multicast Security

– Authentication in Broadcast Environments

– Security in Ad Hoc Networks

– Biologically-Inspired Self-Healing Frameworks

– Networks of Networks Security Issues

State of the Wireless UnionState of the Wireless Union We are still waiting for third

generation (3G) wireless. WLAN (Wi-Fi) technologies are

rapidly growing:– Estimated $800 Million in US sales for

2004

Prices for Wi-Fi equipment plummeting– $100 access point, $70 WLAN card

New, unregulated networks popping up everywhere– Its not just Starbucks & T-Mobile– Open-access hotspots

Warchalking is now a common hobby

Global Wi-Fi Growth

0

200

400

600

800

1000

1 2 3 4 5 6

Year

Sale

s ($

Mill

ion) North America

Asia

Europe

Source: Allied Business Intelligence

Vision for the Fourth GenerationVision for the Fourth Generation

Wireless devices will continue to drop in price– Wireless sensors will be deployed everywhere– Ability to monitor everything, from temperature to traffic– Remote sensing and autonomic living applications

Next generation wireless systems (4G) will seek to facilitate mass market services with new network architecture:– Self-organizing, ad-hoc wireless access networks: Ad-hoc wireless network

protocols which support multihop and peer-to-peer service models, particularly for low-tier uses (in-home, sensors, etc.)

– Networks of networks: Future wireless networks will support co-existence of multiple types of networks

Security will be a critical issue: – Unregulated networks will provide an untraceable platform to launch network

attacks– Mobility and power-efficiency are still concerns

3G Multicast Security3G Multicast Security

Keys must be shared by multicast group participants As users join and leave, keys must be changed 3GPP has proposed a new entity, the BMSC for managing broadcast and

multicast services The BMSC can perform key management

Node B

Node B

Radio Network Subsystem (RNS)

GGSN

SGSNRNC

Node B

UMTS Terrestrial Radio Access Network

BMSC

UMTS Core Network

Internet

3G Multicast Security3G Multicast Security

3GPP currently is investigating several multicast frameworks

To optimize key management, one should match the key tree to underlying multicast topology

3GPP has not decided on a multicast topology

We are examining the performance of multicast key management at the BMSC for different 3G multicast scenarios

Examine the issue of key management during handoff between node-B’s and RNCs

Prototype Secure Chat Application has been developed

•Server is implemented in J2SE•Clients are implemented in J2ME

Broadcast/Multicast AuthenticationBroadcast/Multicast Authentication Important challenge facing secure multicast communication is data authentication:

– Ensures data is from trusted source– Ensures data was not modified en route

Unicast Data Authentication uses standard cryptographic techniques:– Digital Signatures: (RSA, DSA)

Drawbacks: Inefficient due to: Large per packet computation Large communication overhead

Note: Drawbacks are not critical in many applications.– Message Authentication Codes (MAC): (HMAC-MD5)

Class of symmetric keyed one-way hash function Advantages:

Computationally efficient Compressed code Computationally non-invertible

Multicast AuthenticationMulticast Authentication Multicast source authentication is more complex than unicast:

– Symmetric Key Cryptography cannot be used Key is known to all receivers Packets can be forged by any receivers

– Asymmetric key cryptography is required

– Lost packets are not retransmitted

Digital signature schemes provide good authentication:– Each message is signed by appending digital signature

– Significant drawbacks for realtime, low-power multicast applications: Time-to-sign and time-to-verify Bandwidth and overhead.

We want a technique that will take advantage of both

One approach: Delayed key disclosure

Multicast AuthenticationMulticast Authentication Delayed Key Disclosure: (e.g. TESLA)

Weakness:– Use of buffers allows for a simple denial of service (DoS) attack

– Since there is no way to check packets until key is disclosed, buffer will overflow How to protect against DoS attacks? K1 K2 K3 K4 K5

All Packets Authenticated with K1 have arrived to all group members

Keys Time

Auth Packetswith K1

RevealK2

Auth Packetswith K2

Auth Packetswith K3

Auth Packetswith K4

RevealK1

Auth Packetswith K5

DoS Resistant TESLADoS Resistant TESLA Idea: Use multiple keys and stagger the delayed key disclosure

scheme.

Ki Ki+1 Ki+2 Ki+3 Ki+4Keys Time

RevealKi+2

M2

MACKi+1

MACKi

MACKi-1

RevealKi-2

M1

MACKi

MACKi-1

MACKi-2

RevealKi-3

RevealKi+1

P1

RevealKi

P1

P1

M3

MACKi+2

MACKi+1

MACKi

RevealKi-1

Ki-2

Ki-1

End result: • Provides a filter to remove packets from buffer

before the maximum network delay is achieved

Ad-hoc networks introduce new security challenges– Evolving authentication: Nodes are moving, and clusters are constantly being redefined.– Secure routing: New types of attacks (e.g. wormhole attacks) exist.– Service non-repudiation: No proof that a service (QoS) was provided.

WINLAB approach: Develop a hierarchical, self-organizing network– Can nodes develop an evolving trust model? Elected nodes give trust certificates.

InternetInternet

Forwarding node

low-tier(e.g. sensor)user nodes

Access Point

FN

APBTS

3G cell

personal-areapico-cell

WLANmicro-cell

Ad-Hoc Network SecurityAd-Hoc Network Security

Authentication in Hierarchical Authentication in Hierarchical Ad Hoc Sensor NetworksAd Hoc Sensor Networks

Public key certificates are not suitable for flat ad hoc networks– To check certificate requires expensive public key operations

Three tier architecture:– Varying levels of computational power within the sensor network– Sensors do not communicate with each other– Forwarding nodes are radio-relay

TESLA Certificates– Alternative to PK certificates– Uses symmetric key cryptography– Delayed key disclosure

AP

FN

SN

Authentication framework:– Access points provide filter to

application– TESLA certificates provide efficient

sensor node handoff– Weak and assured data

authentication provided

Self-Healing Wireless NetworksSelf-Healing Wireless Networks Ad hoc networks are being

deployed for a broad variety of applications, and are a key platform for:– Remote sensing applications

(Homeland Security)– Military battlefield networks– Mesh networks and ubiquitous

content distribution Challenge: These networks are

not tolerant to active or passive faults:– Nodes are cheap and will

often malfunction– Nodes are in an open

environment and vulnerable to being captured by adversaries

Network Node

Corrupted Network Node

Self-healing frameworkSelf-healing framework In nature, we have many cases where systems get infected and must repair themselves Ad hoc networks should emulate nature and heal themselves! Model: Human immune system

– Leuocytes (white blood cells): There are two types, those that develop in lymph nodes and those that develop in bone marrow – Killer T-cells: Destroy antigens either by themselves, or by recruiting other white blood cells– Lymphocytes: Produce antibodies, that seek to surround and cover an antigen, rendering it harmless until a phage can arrive to

destroy the neutralized antigen– Chemotaxis: Leuocytes find their way to an antigen by following a chemical trail of “bread crumbs”

Mobile Agent FrameworkMobile Agent Framework

Biologically-inspired self-healing security framework– Mobile Code will launch

from network lymph nodes to patrol network

– Mobile Code will leave behind tags allowing for the process of network chemotaxis

– In response, Repair and Destroy Agents will be launched to reboot, or shut down malfunctioning nodes via secure OS environment

Network Lymph Node

Corrupted Network Node

Network Node

Enabling TechnologiesEnabling Technologies

Enabling Technologies to be Researched:– Smart Messages (SMs): Migratory execution units that execute

on ad hoc nodes, and will form the different types of mobile agents involved in a network immune system

– Trajectory Routing: Self-routing mechanisms for mobile code capable of finding fast and efficient route to faulty node

– Anomaly Detection: Statistical and policy-based detection mechanisms for identifying faulty network nodes

– Flexible Security Policies: Describe how the network immune system responds to different types of corruptions or threats

– Authorization and Secure OS: Each node must have a secure environment from which mobile agents perform their functions

Global InternetGlobal Internet

Mobility supporting InternetMobility supporting Internet

Radio AccessNetwork(cellular)

microcell

picocellmed-tierdevices(laptops, PDA’s)

low-tierdevices(home, sensors)

high-tierdevices(mobileterminals)

wired links

radio link

Internet-like architecture that promotes organic growth...

““Network of Wireless Networks” SecurityNetwork of Wireless Networks” Security

Security Needs:•Certification across networks•Security must scale to multiple simultaneous platforms!