Security in Mobile and Wireless Networks APRICOT Tutorial Perth Australia 27 February, 2006 Ray Hunt, Associate Professor Dept. of Computer Science and Software Engineering University of Canterbury, New Zealand 1 Security Issues in Wireless and Mobile IP Networks Section 1 - Wireless & Mobile IP Architecture, Standards, (Inter)operability, Developments Section 2 - Cryptographic Tools for Wireless Network Security Section 3 - Security Architectures and Protocols in Wireless LANs Section 4 - Security Architectures and Protocols in 3G Mobile Networks 2 1 Wireless & Mobile IP Architecture, Standards, (Inter)operability, Developments (Section 1) 3 Outline Wireless LANs – Standards, Architecture  IP roaming  Wireless security and authentication  QoS (Quality of Service)  Integration of 3G and WLANs  New Developments by IEEE - Broadband Wireless Access 4 2 Wireless IP Networking Revolution Past Present Future Paradigms Demand Solutions Local Area WLAN - On campus Unlicensed Bands Fixed - At home Data • Personal mobility Mobility Combined • High data rate with • Incremental infrastructure “handoff” Network Connectivity (Data + Voice) “3G” WCDMA Wide Area Mobile Licensed Bands - On the road Voice • Full mobility • Modest data rate • All new infrastructure 5 Recent WLAN Activity …. IEEE and ETSI involved in standardisation  WLAN standards are converging to  achieve interoperability Integration of WLAN and 3G appearing  Wireless IP momentum - rapid growth in  requirements for mobile IP access WLAN offers good mobile solution for  indoor IP access Major players investing in WLAN (CISCO,  Intel, Ericsson, Nokia, others …) 6 3 WLAN Architecture Standards, MAC Layer, Frequency Spectrum, Speed/Distance 7 Standards Organisation in IEEE IEEE Standards Association Standards Activities Board Sponsor Sponsor Sponsor Local and Metropolitan Area Networks (LMSC, IEEE 802) 802.3 802.11 802.15 802.16 802.5 CSMA/CD CSMA/CA Wireless Broadband Token Passing Ethernet Wireless Personal Wireless Ring 1-100 Mbps WLAN Area Networks Broadband Access IEEE 802.11: ~650 Members, 250+  supporting companies www.ieee802.org/11  8 4 WLAN Standards Evolution 2.4 GHz (BW 80 MHz) 5 GHz (BW 450 MHz) ETSI BRAN Proxim OpenAir FH 1996 1.6 Mbps HyperLAN/1 24 Mbps 1997 IEEE 802.11 FH IEEE 802.11 DS 1, 2 Mbps 1, 2 Mbps 1998 IEEE802.11a 1999 HomeRF FH IEIEEEE E80 820.121.1b1 HbR OFDM 1.6 Mbps 11,, 22,, 55..55,, 1111 MMbbppss Replaced by 54 Mbps IEEE 802.15 P2A0N0s0 -(52004) IEExtEeEns 8io0n2s.11 EETTSSII BBRRAANN eg Bluetooth 802.11g (54 Mbps) HHyippeerrLLAANN//22 802.11a (54 Mbps) 5544 MMbbppss Under Development IEEE 802.16a/e IEEE 802.20 9 2006 Broadband Access ISO Model Applied to WLANs Application LLC provides traditional HDLC type protocol Presentation MAC controls access to the physical Session channel according to a predetermined set of rules Transport Network Logical Link Control (LLC) Main differences: Datalink • Radio link unreliable Medium • Higher error rate Access Control (MAC) • Security risks Physical • All traffic goes via AP (Access Point) 10 5 MAC Overview IP Packets MAC Layer Management Entity (MLME) MAC DSAP • Retransmission, error correction radio mgmt association Fragmentation e.g. scanning management & ARQ power shared-key WEP (RC4) & AES management authentication encryption • Radio link security • Data authentication • Data encryption management addressing framing • Simple scrambling info base (MIB) • Peer-to-peer • 48 bit MAC address CSMA/CA • Ethernet compliant channel access • Unique identifier • Radio link QoS • Multicast and • Dedicated real-time broadcast support PHY SAP support with 802.11e 11 Key Wireless LAN Technologies Older technologies limited speed to 1-2 Mbps Significant developments by IEEE 802.11 Variety of standards  speeds up to 54 Mbps IEEE 802.11a/b/g (11 & 54 Mbps) - popular To compete with traditional LANs, wireless must offer: cost effect solutions security efficient power management 12 6 Key Wireless LAN Technologies  IEEE 802.11b (11 Mbps) 2.4 GHz (Wi-Fi)  IEEE 802.11a (54 Mbps) 5 GHz (Wi-Fi5)  IEEE 802.11g (54 Mbps) 2.4 GHz  IEEE 802.16 / 802.20 Broadband Wireless Access Standard (Wireless MANs)  Bluetooth Wireless PAN (Personal Area Network) 2.4 GHz (= IEEE 802.15) www.bluetooth.com  HomeRF (1.6 Mbps) 2.4 GHz www.homerf.org 13 14 Courtesy UMTS Forum 7 WLANs: Speed/Distance Scenarios Wireless 54 Mbps Multimedia + 802.11a 802.16 802.11g 802.20 IEEE 802.11b dominates in products 11 Mbps 802.11b Wireless Local Area Coverage 5,5 Mbps 2 Mbps 802.11 1 Mbps 3G WANs 500 Kbps 10m 30m 60m 100m 200m > 400m 15 IEEE 802.11 Standards contd ... ATM Speed IEEE 802.11g Ethernet Speed 16 8 “Actual” Realistic Speeds MAC / PHY overhead Higher rate & PER -> lower throughput PER: Packet Error Rate Courtesy of Atheros 17 IEEE 802.11a/b/g  IEEE 802.11 Working Group provided extensions to 802.11b for data rates above 20 Mbps leading to IEEE 802.11g IEEE 802.11g offers 802.11a data rates in 2.4 GHz band and requires mandatory implementation of IEEE 802.11b modes This standard provides a path for development of multi-mode WLAN products IEEE 802.11a  IEEE 802.11g  IEEE 802.11b 18 9 Summary of Key Differences Standard Distance (m) Speed (Mbps) Power (mw) IEEE802.11b <100 11 (~6) 50-100 IEEE802.11g <100 54 (~30) 50-100 IEEE802.11a <50 55 (~30) 200 Bluetooth 10-100 1 1 (10m) 100 (100m) 19 Additional Requirements ….. IP Mobility between WLAN subnets and into 3G networks Authentication - local and remote Security across the airwaves, end-to-end, Wireless LAN, Wireless WAN (3G) Quality of Service - to support time dependant applications 20 10