wireless networks security

Wireless Networks Security

Mohammed Abdalhakam Taha

Abstract: Throughout the previous decades, all communications tend to be wireless, this includes

computers, PDAs, phones and even sensors and actuators; as a result a higher concern is given to

wireless network security to cope with various threats in all the networks levels.

This paper discuss various wireless networks and their security, for each type, structure and

related threats are described and how different techniques are applied to achieve security goals starting

by general case. Discussion entails 802.11 WLANs, 3G cellular and ad hoc networks; for the later type

one section is devoted for sensor networks. The paper ends with security issues related to mobility.

Keywords: security, WLAN, cellular, ad hoc, sensor, mobility

Table of Contents 1. Introduction

2. Network security issues

2.1 Security Main Goals

2.2 Data Cryptography

2.4 Summary

3. WLAN Security

3.1 802.11 Overview

3.2 802.11 Security Threats

3.3 Wired Equivalent Privacy (WEP)

3.4 WEP upgrade

3.5 802.11i Protocol

3.6 Summary

4. Cellular Networks Security

4.1 UMTS Overview

4.2 Cellular Security Threats

4.3 UMTS security mechanisms

4.4 Summary

5. Wireless Ad hoc Security

5.1 Ad hoc network overview

5.2 Ad hoc networks security threats

5.3 Ad hoc Data-level security solutions

5.4 Ad hoc link layer security solutions

5.5 Brief overview about Bluetooth security

5.6 Summary

6. Wireless Sensors Security

6.1 Wireless sensors network overview

6.2 Wireless sensor network security threats

6.3 Wireless sensor network security Solutions

6.4 Summary

7. Security issues in mobility

7.1 Wireless mobility overview

7.2 Wireless Mobility Security

7.3 Summary

8. Conclusion

References

List of Acronyms

1. Introduction: Wireless networks saw a tremendous growth through the past decades due to its various

facilities including rapid installation for the network, user mobility, flexibility of nodes modifications

and scalability; in the other side these make it more vulnerable to attack [kryg02]. Wireless networks have the same threats objected to the wired networks, in addition many

factors make it harder to secure like [Yang06]:

Open access medium nature: since the signals are propagated through the air, it can be detected

and analyzed more easily, enabling others to intercept or inject messages using available tools.

Limited bandwidth: since all users share the same channel (frequencies), this make it more

threatened to denial of service (DoS) attack.

Complex structure: supporting better mobility facility and channel utilization make it more

complex and hence more vulnerable to threats throughout these various structure levels.

Back to Table of Contents

2. Network security issues: Security of the network can be achieved by applying certain mechanisms to attain security main

goals.

2.1 Security Main Goals:

We can measure a security of the system depending on two main factors [Tmim06] [Krse04]:

1. Information Security:

Authentication: We want to ensure that the sender and receiver are the intended parties.

Confidentiality: Only sender and receiver must be able to 'understand' the message.

Integrity: The message must reach complete and correct (without any deletion or injection).

Non-Repudiation: To ensure that the sender will not wrongly deny the message he sent.

2. Network Security

Service reliability: We must verify the availability and accessibility of the service at any

time.

While cryptography of messages can solve confidentiality problem, it can also be used in some

scenarios to ensure authentication. Digital signature (achieved using some Hashing functions) can

affirm the integrity and non-repudiation.

2.2 Data Cryptography: As addressed, data encryption has a core role in the security jargon, by which a sender decrypt

his message so that only aimed receiver can decrypt it. It can be categorized according to whether it is

symmetric or asymmetric and in the other side whether it is block cipher or stream cipher cryptography

[Tmim06].

2.2.1 Symmetric/Asymmetric Encryption:

In symmetric encryption, a single shared key is used between the sender and receiver; so, they

need to agree on it firstly, then they can use it for both encryption and decryption.

In asymmetric encryption both sides A and B has its own private key and another public key,

when A want to send to B it uses B's public key(which is earlier sent to it) and send it, then only B can

decrypt it using its own private key.

While symmetric encryption is more secure the management of key sharing is difficult.

2.2.2 Block/Stream Cipher:

In block cipher, the message is encrypted block by block depending on the key of encryption,

three common method are used [Chdr05]:

Electronic Codebook Mode (ECB): a basic configuration where encrypted output is a direct

function of the key (fig. 1.a).

Chain Block Chaining Mode (CBC): where an output block from a previous phase will be

used with the key to produce the current block (fig. 1.b).

Output Feedback Mode (OFB): here an initialization vector is encrypted to produce a vector

that is used to produce the output block and encrypted for the next phase and continue like

that (fig. 1.c).

In stream cipher, the message stream (bit by bit) is encrypted by a generated key from the

secured shared key. It can be generally categorized into either synchronous stream where the

produce vector key depends only on the shared key (fig. 2.a), or self-synchronized where it rely

also on the previous state generated (fig. 2.b).

In spite of stream cipher simplicity and speed, block cipher is better and recommended for its

security [Chdr05].

2.2.3 Encryption Standard Protocols:

famous encryption standards are DES, AES and RC4 [Chdr05] [Tmim06].

Data Encryption Standard (DES): an ECB encryption, for 56-bit key recommended by National

Institute of Standards and Technology (NIST) since 1974 but because of short key size, a newly

enhanced standard is proposed 3DES where the algorithm is cycled 3 times (in CBC manner).

Advanced Encryption Standard (AES): a newly block cipher recommended standard to replace

DES (1997), it is being used in the 802.11i.

RC4: is a variable key-size stream cipher algorithm, used in Secure Socket layer (SSL) and

Wired Equivalent Privacy (WEP).

2.4 Summary: Nature of wireless networks which offer more facilities has also generated security limitations

entails complexity, bandwidth and detection which reveals the importance of achieving authentication,

confidentiality, integrity and availability through various techniques, most important method is

encryption where various standards where made according to complexity, management and speed

needed. These issues are considered in the subsequent sections for various types of wireless networks.


3. WLAN Security: The IEEE 802.11 defines standards for WLAN that widely used in establishments for its

benefits mentioned; hence a lot of attention is given for its security.

3.1 802.11 Overview: The 802.11 defines a set of implementation (802.11a~802.11g) for the physical (PHY) and data

link layer (MAC/LLC) for WLAN. WLANs are grouped into Basic Service Sets (BSS) that consists of

Station Terminals (STA) and Access Point (AP) which is linked to the remaining network structure [Chdr05].

3.2 802.11 Security Threats: A lack of any of the security features mentioned in section 2.2 make the system vulnerable to

attacks; some of the famous types of attacks [Tmim06]:

Traffic Analysis: in which the attacker can collect information about the network, including IDs,

type of protocols, AP location.

Packet Eavesdropping: where the attacker can 'listen' to and moreover can act actively by

injecting some packets to the stream.

Unauthorized Access: where the attacker tries to get access to a network that he is not

authorized to.

Man-in-the-Middle attack: when the attacker can get packets before a receiver he can change

the contents of message, ACKs or IP addresses.

Replay attack: where the attacker 'records' the authentication information to use it to access the

network.

DoS attack: Also known as Channel jamming [Yang06] , where frequent packets are sent

simultaneously for the target making it unable to manipulate other legitimate user packets.

To cope with such threats two known protocols (WEP and WPA) were made to guarantee

authentication, data confidentiality and integrity.

3.3 Wired Equivalent Privacy (WEP): WEP is the first security protocol provided by 802.11, yet it is widely used since it offered some

sort of security, but not anymore, because of some critical defects on its architecture [Yang06].

3.3.1 WEP structure:

WEP defines Encryption, Authentication and integrity for the transmitted data, the payload data

concatenated with its CRC are encrypted using RC4 stream cipher encryption (that use a 24 bit

initialization vector IV, and 40 bit key) [Krse04] [Tmim06], the IV (which is changing each frame) along

with encrypted data and headers constitute the transmitted frame shown in fig. 3.a. Fig. 3.b shows this

process.

3.3.2 WEP Weaknesses:

As described, some flaws were found in the WEP protocol mentioned, these includes [Tmim06]:

The small key size (40 bit) that can be easier to be resolved.

Using the 'linear' CRC can give an intruder a chance for changing both the data and the CRC

(message forgery).

The 24 IV bits which is sent as plain text, will eventually be repeated, 'Real implementations

show that it requires only 20 000 packets to recover the key, which takes less than 1 min in a

fully loaded AP' [Yang06] .

3.4 WEP upgrade: To overcome WEP holes, some protocol was added while keeping the same RC4 protocol, these

new set of standards is known as Wi-Fi Protected Access (WPA) [Yang06] :

For RC4 key problem: Temporal Key Integrity Protocol (TKIP) is used to produce a unique 128

bit RC4 key through multiple phases.

For integrity: Message Integrity Codes (MIC) is used as an alternative to the linear CRC so

avoiding message forgery.

For authentication: 802.1x protocols are used [Chdr05], the Extensible Authentication Protocol

over LAN (EAPoL) is for the client to AP, to authenticate the 802.11 network by the RADIUS

server as shown in fig. 4.

3.5 802.11i Protocol: The 802.11i protocol, released in June 2004, intended to be a 'final' solution for the wireless

security where it solve problems of integrity, encryption and authentication; it is commonly known as

WPA2 [Tmim06]:

For authentication: the 802.1x described before is supported in addition to another method in

which a shared key is used (as in WEP) is used to derive other Pre-shared Key (PSK).

For integrity: using MIC as in WPA

For encryption: it supports the TKIP/MIC and the AES based algorithm CCMP (Counter Mode

with Cipher Block Chaining Message Authentication Code Protocol).

3.6 Summary: With coming of the WLAN and its 802.11 protocol, great deal of interest is directed to security

side, especially because of various threats that includes unauthorized access, data eavesdropping and

modifying or even affecting network reliability. WEP was designed to give high level of security, but

some weaknesses rose which lead to the 802.1x 'batch' solution to overcome these holes, and finally

802.11i protocol is released with stronger authentication, integrity and encryption facilities.


4. Cellular Networks Security: Throughout the last two decades a rapid progress is observed in wireless telecommunication to

reach the current 3G networks; the widely used circuit-switched-based GSM networks was evolved to

the 2.5G General Packet Radio Service (GPRS) networks as an intermediate phase to 3G giving a

better pace for packet data transmission, Security issues description here is limited to the third

generation extension to GSM: Universal Mobile Telecommunication System (UMTS), other 3G

systems shares a lot of these concepts.

4.1 UMTS Overview: The existing GSM/GPRS system is integrated with the UMTS that actually based on the

WCDMA; so, in addition to the available Radio Access Network (RAN), the system is incorporated

with the UMTS-RAN (URAN) as shown in fig. 5 [Grdz06], where another Packet Switching-Core

Network (PS-CN) is added to the existing circuit-based one. The Radio Network Controller (RNC)

connect the mobile station through the BTS to the core network, Roaming is supported through the

Boarder Gateway (BG) while connection to the internet is achieved through the Gateway GPRS

Support Node (GGSN). Other existing information servers include the HLR that holds user

information, other IP servers (DNS, RADIUS...) and the Authentication Center (AuC).

Actually the mobile station SIM contains an International Mobile Subscriber Identity (IMSI)

that to be authenticated with the core network (i.e. the AuC), moreover, the new UMTS SIM (USIM),

has the capability of encryption [Yang06] .

4.2 Cellular Security Threats: The attacks described in section 2.2 for WLAN (like eavesdropping and DoS) is applicable here

too; we may have noticed the complexity of the cellular network that leads to think of more ways of

attacks [Yang06]:

1. Through the internet interface (Gi link): crossing the network for the targeted node, Similar to

other IP networks attack but result in problems for the whole cell decreasing its reliability.

2. From other CN (Gp link): can be firewalled, but if attacker could pass through near CNs, it is

likely to attack the current one (with similar security).

3. From the user plane of the RAN: if the attacker success then he might get the ability to harm the

data system severely, including various servers and proxies inside the CN, one example is the

distributed DoS (DDoS) that makes a lot of traffic problem in the network.

4. From the signal plane of the RAN.

The good news is that, it is difficult to achieve an attack targeting cellular networks for many

reasons, these includes [Yang06]:

Traffic generated by a single mobile station is limited due to the channel capacity and capacity

processing of the handset or the USIM.

Targeting the CN needs very special tools, not like the case of WLAN where off-the-shelf Wi-Fi

card can work.

Human direct reaction, since usually service is paid by volume and an attack can drop down the

service (in case of DDoS).

Most importantly, to start an attack you need to get some nodes identities which is difficult due

to the Authentication and encryption mechanisms (described later).

4.3 UMTS security mechanisms: In order to recover from security holes in the GSM, UMTS architecture retains a lot of the GSM

basic features in addition to its enhancements.

4.3.1 Anonymity:

UMTS inherits from GSM the use of temporal MSI (TMSI) to avoid tracing the MS by its IMSI

while routing calls. After ensuring authentication and data encryption, another TMSI is assigned for the

session [Chdr05].

4.3.2 Authentication:

UMTS uses Authentication and Key Agreement (AKA) mechanism where the network

Authenticate the USIM and then the USIM authenticate the network through the Challenge/Response

mechanism.

In the first phase, the USIM sends request from the VLR/MSC to access the network. the MSC

in turn requests a generation of security vector from the AuC/HLR that entails encryption key, integrity

key, the verification of the MS and a random number challenge for the MS. in the second phase if the

response from the USIM coincides with expected one then the AKA has completed [Chdr05].

4.3.3 Confidentiality:

UMTS uses a block cipher encryption algorithm known as KASUMI which uses 128-bit session

key CK maintained from authentication process. As shown in fig. 6, inputs to this algorithm are: CK,

32-bit COUNT-C (a ciphering sequence number updated each block), 5-bit BEARER channel

identifier, DIRECTION bit and 16 bit key stream block LENGTH, the result key block is XORed with

the plain text and the same key in the other side is used to recover the data [Chdr05].

4.3.4 Integrity:

Not like the GSM, UMTS guarantee integrity of message. It uses UMTS Integrity Algorithm

(UIA) [Grdz06]. As shown in fig.7, the resulted integrity key IK from the authentication phase, COUNT-I

bits, DIRECTION bit and the per-connection FRESH nonce are incorporated with message using f9

algorithm to produce Message Authentication Code (MAC-I) that is concatenated with message to

ensure integrity when compared with the receiver XMAC-I [Chdr05].

4.4 Summary: Taking the UMTS as an example for the 3G structure we might observe clearly the complexity

of such wireless system and hence threats can emerge from different sides. Consequently UMTS uses

various mechanism to ensure security goals; where it uses temporal MSI for anonymity, AKA for

authentication, KASUMI block cipher algorithm for confidentiality and its own integrity algorithm

method for integrity.


5. Wireless Ad hoc Security: In the wireless ad hoc networks, multiple nodes interact directly without presence of a central

backbone (like the case in Wi-Fi or 3G networks), this simple and cost-effective feature make it popular

structure in many fields.

5.1 Ad hoc network overview: In the Mobile Ad hoc network (MANET), there is no routing devices, so here we can classify

them to either single-hop network (e.g. PAN) where source and destination have a direct link, or

general multi-hop network (e.g. sensors and ad hoc LANs) where each node can additionally route

messages to other nodes. The later ability raises a new security challenge regarding network layer.

According to algorithms, routing protocols can be categorized into [Yang06]:

1. Link State: where the source calculate the shortest path according to global information about

other links cost.

2. Distance Vector: where information about each neighbor cost is received and then judging to

which node to forward.

3. Source Routing: where the source explicitly specify the complete path to the destination.

According to updating routing information actions it can be divided into [Yau03]:

1. Proactive routing: where updates are sent periodically, (e.g. Optimized Link State Routing

(OLSR) and Topology Broadcast Reverse Path Forwarding (TBRFP)).

2. Reactive routing: where updates are sent on-demand, so a discovery phase is needed, (e.g. Ad

hoc On-Demand Distance Vector (AODV) and Dynamic Source Routing (DSR)).

3. Hybrid routing: a hierarchical routing where both of previous types are included, an example is

Zone Routing Protocol (ZRP).

5.2 Ad hoc networks security threats: Threats mentioned before for wireless networks targeting data is also applicable here,

furthermore, issues related to routing layer must also be considered, generally speaking, causes of

insecurity may result either from internal or external nodes.

5.2.1 External threats:

External attacker can try to eavesdrop passively (e.g. to locate nodes), or actively (e.g. DoS attack), in

the jargon of MANETs, a known such attack is the sleep deprivation torture attack targeting wasting

nodes’ power [Yau03].

5.2.2 Internal threats:

Here the effect is more severe, that can affect the whole topology. Fault can result from [Yau03]:

Failed node: where the node cannot forward message (e.g. for power or environmental reason).

Badly failed node: where the node can send wrong data like information about non-existing

nodes, producing DoS problems.

Selfish node: Where a node use resources without participation (e.g. achieving no forwarding).

Malicious node: Where a node may contain many of the above features, making a lot of attacks

includes: DoS as in badly failed node, misdirecting traffic by declaring short paths or virtual

nodes or replay attack by changing sequence numbers.

5.3 Ad hoc Data-level security solutions: Different nature of the distributed Ad hoc network results in special consideration in

authentication, integrity and confidentiality.

5.3.1 Key establishment, distribution and authentication:

Not like other networks, using centralized certificate authority (CA) that is accessible from all

nodes is impractical (and insecure), so a distributed CA has to be used instead; an example is ‘threshold

secret sharing’ [Chdr05], where any set S of nodes out of specific Q nodes (S<Q) can be used to give an

authentication service, that is, to get the destination public key, the source ask nearest S trusted nodes

which in turn send some related keys to a combiner to produce the destination key (the combiner can be

multiple combiners with majority-based response scheme). After getting the key (decrypting the result

from CA) the source can use it to authenticate the destination using challenge/response for example.

5.3.2 Confidentiality and integrity:

The selection of algorithm depends mainly on the environment of specific MANET, for the

Public key scheme, using stream-cipher is common because of its low computation overhead [Chdr05].

While some uses message authentication codes (HMAC) for symmetric key scheme that uses one-way

hash function for integrity [Yang06].

5.4 Ad hoc link layer security solutions: As discussed, Ad hoc is vulnerable to link layer attacks; we consider both routing and

forwarding security.

5.4.1 Routing security:

Securing routing message to the correct path (before sending it) depends principally on the

algorithm of routing [Yang06], for example:

For distance vector (like AODV): the goal is to guarantee the correctness of the declared links’

cost of the nodes, this is achieved through some mechanisms that uses one-way hash function.

For link state (like OSPF): the goal is to ensure the existence of all the declared links, this is

done where both a specific message and the link update have the same digital signature.

For the source routing (like DSR): the goal to ensure the order of the whole link (without any

modification), which is achieved by authentication of each hop in the route.

5.4.2 Forwarding security:

The aim here is to guarantee that message sent will take the correct path; this is done through two

phases: detection of any forwarding error and correspondent reaction [Yang06].

In detection phase: the objective is to know where the packet has been dropped, this can be

maintained either by using a localized detection where each node can hear its next node

forwarding failure and inform the source, or by using acknowledgement from the destination

hence the source can detect the fault in the link by forwarding messages using various links

attached to the faulty link’s nodes.

In reaction phase: after detection of attacked node reaction is either Network-wide reaction

where that node is known to be isolated from future routing; or End-host reaction where each

node down-rate differently, giving it a lower priority in future routing.

5.5 Brief overview about Bluetooth security: Bluetooth is a PAN ad hoc protocol; it uses a single-hop routing however its complexity emerge

from its hierarchical structure to support various types of services and security modes according

to devices capabilities [Chdr05]. It supports both unicast and broadcast. Security issues are

implemented in the link layer.

Authentication achieved by a challenge/response mechanism using Link key which is generated

either from user pass key, preconfigured key or regenerated one (using block-cipher

encryption).

Data encryption is attained using the payload key which is derived from the link key and device

MAC address; stream-cipher is used for data.

For integrity CRC is used (but data is encrypted).

5.6 Summary: In wireless ad hoc networks, in addition to other wireless network data threats, link layer threats

emerged where faulty routing or forwarding might be taken (because of multi-hop nature). For data

level issues security goals are achieved peering in mind the nature of distributed-self-routing nodes and

power/speed requirements. For link layer level, type of routing specify how to secure it, and forwarding

fault is solved reactively after detecting location of error.

Bluetooth is an example of single-hop ad hoc network where we tackle the data level threats;

we will consider in the next section another ad hoc protocol, wireless sensor network which in contrast

uses a multi-hop protocol.


6. Wireless Sensors Security Sensor networks, which have various applications (as in environmental, medical and security

fields), have special features related to limitations in power and cost that results in different security

threats and countermeasures.

6.1 Wireless sensors network overview: WSN is a multi-hop ad hoc network in which data sensed and processed using simple circuit

node is routed using neighbor nodes up to the network manager as shown in fig. 8. The gateway sensor

node (base station) is a special node with higher computation, memory and communication capabilities

to deal with the manager side (or other network), tunneling all the network information like keys and

data [Klta09].

RF communication is usually used, which results in broadcasting as a simpler method to

forward data, requests and routing beacons, and using clustering to reduce messages transmitted [Srgi05].

Management

Gateway sensor node

Sensor node

Figure 8. WSN structure

6.2 Wireless sensor network security threats: WSN is subjected to all the ad hoc threats mentioned in section 5.2, like eavesdropping, DoS

attacks and Sybil attack (where the malicious node declares itself with multiple identities). Moreover,

some other WSN specific attacks are [Klta09]:

Hello Flooding: when an attacker with higher transmission power is considered to be a

neighbor and hence starting exchanging data.

Sinkhole attack: when a malicious node announce a high quality link to the base station to

attract packets and allowing other types of attacks.

Wormhole attack: where packets are bypassed between two malicious nodes, the first act as a

sinkhole and forward packet to the other node.

6.3 Wireless sensor network security Solutions: To achieve the security requirements like confidentiality, authentication and integrity to cope

with various attacks described before, many studies and protocols are published that rely on the

symmetric key concept (considering that using public-key encryption is too expensive), below is a brief

description of three of them[Srgi05].

6.3.1 Security Protocols for Sensor Networks (SPINS): protocol proposed by Perrig et al, designed

for limited resource sensor environment. Mainly has two secure blocks: SNEP and µTESLA.

Sensor Network Encryption Protocol (SNEP): uses chaining block cipher (CBC) to achieve

security requirements between two nodes using symmetric key combined with initialization

vector, to decrease communication overhead IV is not actually sent but an agreed counter is

used between source and destination (with long counting to minimize chance of repetition).

Micro Timed Efficient Stream Loss-tolerant Authentication (µTESLA): used for security in

broadcasting scenario, even though the asymmetric is costly, normal symmetric key is insecure

for broadcasting, µTESLA work around this by introducing ‘asymmetry with delayed key

disclosure and one-way function key chains’ [Srgi05].

6.3.2 TinySec: is a link layer security protocol integrated into the sensor operating system TinyOS,

TinySec has two versions one that support authentication and encryption (TinySec-AE) and another

that supports authentication only (TinySec-Auth), for encryption, also IV and CBC is used (Skipjack

Block cipher protocol), for integrity, message authentication code is computed using CBC (CBC-

MAC).

6.3.3 Localized Encryption and Authentication Protocol (LEAP): is a key management protocol in

which every node has four keys; depending on the type of the destination it uses the specific key.

Group key: shared with all the nodes, for general message broadcasting.

Individual key: shared with the base station (e.g. for security alerts).

Cluster key: shared with neighbors (e.g. for routing control information).

Pairwise key: with specific neighbor (e.g. for secure communication route).

6.4 Summary: Wireless sensor networks have the same security concerns discussed for the multi-hop ad hoc

network, moreover, specific attacks targeting wireless sensor networks includes hello flooding,

sinkhole and wormhole attack. various solutions released to deal with security issues like SPINS

protocols suite that provide data confidentiality and two-party and broadcasting data authentication,

TinySec which can guarantee authentication and encryption and LEAP key management protocol that

specify with whom the key is shared.


7. Security issues in mobility: In the previous sections we consider the security of wireless networks looking at the ‘air

medium’ effects, another side is the mobility of nodes offered by various protocols; talking about IP

mobility, many flaws in IPv4 has been healed in IPv6 as we will see.

7.1 Wireless mobility overview: In a wireless system, when a node moves from a sub-network to another it needs to register

itself in the new network and inform the home network so it can be reachable. In mobile IPv4 an

indirect routing is used where the mobile node (MN) is reached via the home agent and current foreign

agent. A similar scenario when considering mobility in cellular networks [Krse04], in IPv6 direct routing

is available (route optimization), where the correspondent node can directly connect to MN.

7.2 Wireless Mobility Security: The main problem to be tackled in mobility is the identification and authentication between the

MN, current network and home network. Considered below are these security issues in Mobile IPv4

and Mobile IPv6.

7.2.1 Mobile IPv4 Security:

The main issue in IPv4 is registering care-of-address (COA) to MN with the home agent (HA)

through the foreign agent (FA) since insecure authentication can lead to redirecting all data between

HA and MN to another side. This authentication must also provide protection against replay attack [Fnsl03]. For authentication, HMAC-MD5 is used to produce 128-bit “message digest” [Krse04].

When MN migrates to another network key distribution mechanism is needed, this is achieved

through Authentication, Authorization, and Accounting (AAA) server like RADIUS.

Replay protection can be achieved in Mobile IPv4 by two methods [Fnsl03]:

1. Using timestamp by the sender for the message, the receiver can then check the validity of the

message; this is mandatory method.

2. The optional one is by using a ‘nonce’, dividing them to upper and lower 32-bits, MN map the

message to HA through FA using the lower bits of the nonce, HA in turn replies and append

other upper 32-bit random number half, this last half is copied in the next registration request in

lower half of MN, so that HA insures no replay.

7.2.2 Mobile IPv6 Security:

One important difference in Mobile IPv6 is that it is being integrated inside the IPv6 and hence

there is no FA since the mobility is supported from the IP itself.

Mobile IPv6 support both direct and indirect routing [Fnsl03]. Indirect routing (bidirectional

tunneling) is similar to Mobile IPv4 where the MN update the HA with the binding info, which in turn

‘tunnel’ the packets from the correspondent to the MN (compatible with IPv4). In direct routing, the

binding update is sent also to the correspondent giving it the pace for better routing.

Binding update authentication for the HA is achieved using IPSec protocols, either the

authentication header (AH) protocol or the encapsulation security payload (ESP) protocol; in both

cases security association (SA) logical channel is made between the HA and MN [Krse04].

For the correspondent authentication, a challenge/response mechanisms is used, then the MN

create a binding management key derived from data through this process, this key is used by the

correspondent as an entry point for next communications [Fnsl03].

For integrity, HMAC-SHA1 is used to calculate the MAC and the Secure Hash Algorithm

version-1(SHA1) is used for hash value generation.

Remember that in IPv6 there’s no need for key distribution mechanisms since there is no FA and

the mobility is integrated by default in the protocol as we mentioned.

7.3 Summary: A special feature for wireless network is mobility; therefore attention in security is directed to

the node identification and authentication with new and original network. Mobile IP is considered. In

Mobile IPv4, Authentication is achieved by HMAC-MD5 and key distribution using AAA server and

protected against packet replay by using timestamp or 'nonce' method. In IPv6, mobility is integrated in

the protocol itself, so no need for key distribution, in addition direct routing is also supported so node

authentication with both home network and correspondent is needed; the first is achieved using IPSec

protocols and the later by some challenge/response mechanism.


8. Conclusion: Various wireless systems have common features and security goals to address; however, and

depending on the network hierarchy, complexity and special requirements as we saw in WLAN,

cellular, ad hoc and sensor networks, selection of security protocol and methods like encryption and

authentication get narrower.

We might also notice that different attacks and flaws contribute in producing better new security

solution, we observe this clearly in case of WLAN, cellular and Mobile IP.


References: 1. [Yang06] Hao Yang, Fabio Ricciato, Songwu Lu and Lixia Zhang, "Securing A Wireless World"

Proceedings Of The IEEE, Feb 2006, v. 94 no. 2.

http://ieeexplore.ieee.org/iel5/5/33381/01580512.pdf?arnumber=1580512

2. [Chdr05] Praphul Chandra,"Bulletproof Wireless Security: GSM, UMTS, 802.11 and Ad Hoc

Security", Elsevier Inc. Pub.,2005, Chapter 1,3,6 and 8

http://www.amazon.com/BULLETPROOF-WIRELESS-SECURITY-Communications-

Engineering/dp/0750677465

3. [Tmim06] Abdel-Karim R. Al Tamimi,"Security in Wireless Data Networks: A Survey Paper",

Washington University survay paper, 2006

http://www1.cse.wustl.edu/~jain/cse574-06/ftp/wireless_security.pdf

4. [Grdz06] Ali I. Gardezi, "Security In Wireless Cellular Networks", Washington University

survey paper, 2006

http://www1.cse.wustl.edu/~jain/cse574-06/ftp/cellular_security.pdf

5. [Srgi05] Mayank Saraogi, "Security in Wireless Sensor Networks", University of Tennessee,

Knoxville, a survay paper, 2005

http://web.eecs.utk.edu/~saraogi/594paper.pdf

6. [Fnsl03] Edvard Fonsell, "Security in IP Mobility Solutions", Helsinki University of

Technology-Telecommunications Software and Multimedia Laboratory paper, May 2003,

http://www.tml.tkk.fi/Studies/T-110.551/2003/papers/7.pdf

7. [Yau03] Po-Wah Yau and Chris J. Mitchell, “Security Vulnerabilities in Ad Hoc Networks”, In

Proc. of the 7th Int. Symp. on Communications Theory and Applications, 2003

http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.64.7599&rep=rep1&type=pdf

8. [Klta09] Hemanta Kumar Kalita and Avijit Kar, "Wireless Sensor Network Security Analysis",

International Journal of Next-Generation Networks (IJNGN), December 2009, Vol.1, No.1,

http://airccse.org/journal/ijngn/papers/1.pdf

9. [Krse04] James F. Kurose and Keith W. Ross, “Computer Networking: A Top-Down Approach

Featuring the Internet”, 3rd Edition, Addison Wesley publishing, 2004, Chapter 8,

http://www.amazon.com/Computer-Networking-Top-Down-Featuring-

International/dp/B003F89KJG

10. [Kryg02] Tom Karygiannis and Les Owens, "Wireless Network Security: 802.11, Bluetooth and

Handheld Devices", National Institute of Standards and Technology special publications,

November 2002,

http://csrc.nist.gov/publications/nistpubs/800-48/NIST_SP_800-48.pdf


List of Acronyms: AES Advanced Encryption Standard

AKA Authentication and Key Agreement

AODV Ad hoc On-Demand Distance Vector

AuC Authentication Center

CBC Chain Block Chaining (cipher)

CRC Cyclic Redundancy Check

D/DoS Distributed/Denial of Service

DES Data Encryption Standard

DSR Dynamic Source Routing

ECB Electronic Codebook (cipher)

FA Foreign Agent

GPRS General Packet Radio Service

HA Home Agent

HLR Home Location Register

I/MSI International/Mobile Subscriber Identity

IV Initialization Vector

MANET Mobile Ad hoc network

MIC Message Integrity Codes

MN Mobile Node

MSC Mobile Switching Centre

OFB Output Feedback (cipher)

OSPF Open Shortest Path First

RADIUS Remote Authentication Dial In User Service

TKIP Temporal Key Integrity Protocol

U/RAN UMTS/Radio Access Network

U/SIM UMTS/Subscriber Identity Module

UMTS Universal Mobile Telecommunication System

VLR Visitor Location Register

WEP Wired Equivalent Privacy

WPA Wi-Fi Protected Access

X/MAC Expected/Message Authentication Code


Date Last Modified: 13/1/2011