Upcoming Wireless Networks and New Challenges Generalities Mesh - - PowerPoint PPT Presentation

Security and Cooperation in Wireless Networks

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

• Generalities
• Mesh networks
• Vehicular networks

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Introduction

• Upcoming wireless networks:

– Personal communications:

• Wireless mesh networks
• Hybrid ad hoc networks
• Mobile ad hoc networks

– Vehicular networks – Sensor networks – RFID (Radio Frequency IDentification) – Mobility in the Internet

2

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Wireless mesh networks

• Mesh network:

– One Wireless Hot Spot (WHS): connected to the Internet – Several Transit Access Points (TAPs): functioning as relay stations Between WHS and MSs – Mobile Stations

3

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Wireless mesh networks

• Easy to deploy:

– Single connection point to the Internet

• Providing internet connectivity in a sizable geographic area:

– Much lower cost than classic WiFi networks

• Interesting to us because they contain some features and vulnerabilities
• f future networks (such as multi-hopping wireless) and are still in their

early deployment phase

• Performance (in this case fairness) and security are closely related
• Not yet ready for wide-scale deployment:

– Severe capacity and delay constraints

• Due to being wireless and multi-hop are prone to interference

– But technology will be able to overcome: Multi-radio and multi- channel

– Lack of security guarantees

4

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Hybrid ad hoc networks

• Hybrid ad hoc networks or multi-hop cellular networks:

– No relay stations: assigning the relay task to other mobile stations – Other mobile stations relay the traffic

• Problem of power management: as no priori planning is possible

5

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Mobile ad hoc networks

• Mobile ad hoc networks (MANETs):

– One step further: removing completely the infrastructure – Mobile ad hoc networks in hostile environments – In self-organized mobile ad hoc networks the mobile stations relay each other’s traffic – Mobile ad hoc networks: a very active research field

6

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Mobile ad hoc networks

• It is important to distinguish between two kinds of Ad Hoc Networks:

 Mobile ad hoc networks in hostile environments:

– Presence of a strong attacker is likely: military networks – Security challenges:

• Secure routing
• Prevention of traffic analysis
• Resistance of a captured device to reverse engineering and key retrieval.

 Self-organized mobile ad hoc networks:

– Small scale applications, e.g. a group of people can establish a network using their PDAs or laptops where no infrastructure is available – No authority in the initialization phase – Nodes have to figure out how to secure the communications – Selfishness can be a serious issue:

• Nodes may selfishly refuse to forward packets
• Greedily overuse the common channel

7

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Sensor networks

• Collecting data about physical phenomena (light, temperature, humidity,

acceleration, etc.) in addition to communication and computing capabilities

• Large number of sensor nodes, a few base stations

– Base stations much more powerful than sensor nodes

• Sensors are usually battery powered:

– Main design criteria: reduce the energy consumption

• Multi-hop communication reduces

energy consumption:

– Overall energy consumption can be reduced if packets are sent in several smaller hops instead of one long hop

• Smaller range of transmission
• Less interference -> Fewer

re-transmissions are needed due to collisions

8

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Sensor networks

• Security requirements:

– Integrity (data packets from sensor nodes to the sink and control packets from the sink to the nodes) – Confidentiality – Availability (specially in life critical applications such as people’s health monitoring)

• Special conditions:

– Energy consumption (limited power) – Computing and storage capacity of sensors is limited – Access to the sensors cannot be monitored and therefore they can be corrupted by the adversary: then the adversary can learn the content

• f the memory the cryptographic keys or modify the behavior of the

nodes.

9

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

RFID

• A wireless technology to enable identification of objects and people
• Current applications: management of books at libraries, toll-payment at

highways, access control to buildings, etc.

• RFID systems:

– RFID tags – RFID readers – Back-end databases

• RFID tag: microchip and antenna

– Active: have battery – Passive: harvest energy from the reader's signal (reflecting its signal)

• RFID reader:

– Reads the identifying information out from nearby RFID tags

10

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Mobility in the Internet

• The growing mobility of hosts has led the Internet community to

reconsider the overall organization of the network (Mobile IPv6)

• When a node changes its location: its address changes
• Mobile IP: solves this problem at the IP layer

11

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Mobility in the Internet

• The home agent is a router permanently aware of the current location of

the nodes that are away from home

• Care-of address: Address used by the mobile node while it is attached to a

foreign link

• Binding: Association of a care-of address with a home address (stored at home

agents and correspondent nodes)

• Two modes of mobility supported by IPv6:

– Bidirectional tunneling:

• Mobile node tunnels the packets for the correspondent node through its

home agent

• Home agent tunnels the packets to the mobile node via its care-of

address – Route optimization:

• Mobile node registers its current address binding with the correspondent

node

• Packets are sent directly to the mobile node's care-of address
• Use the optimal route between the mobile and correspondent node

12

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Mobility in the Internet

• Attacks:

– Address stealing:

• If binding updates were not authenticated: an attacker could send

spoofed binding updates: A is sending packets to B, then the attacker sends a malicious binding update to A with the care-of- address of C to redirect the packet flow to C.

– DoS attacks exploiting binding update protocols:

• Exhausting the resources of the mobile node or the correspondent

node by sending spoofed IP packets that trigger a large number

• f binding update protocol instances

13

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Mobility in the Internet

• Protection mechanism against address stealing: Return Routability (RR)

– Non-cryptographic solution – Makes the attack much more difficult – Assumption of an uncorrupted routing infrastructure

14

• Mobile Node MN checks the routability to

the Correspondent Node CN: (a) via the Home Agent HA (HoTI) (b) directly (CoTI)

• CN replies to both of them: HoT and CoT

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Return Routability

• Once MN has received both HoT and CoT:

– MN sends a Binding Update to CN

• Protection mechanism against DoS attacks:

– Each node can set a limit on the amount of resources (time, memory, bandwidth) devoted to processing binding updates

15

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Wireless Mesh Networks

16

Wired Access Point (WAP)

(a) A WiFi Network

• WMNs allow a fast, easy and inexpensive network deployment.
• However, the lack of security guarantees slows down the deployment of

WMNs

Transit Access Point (TAP)

(b) A Mesh Network

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

A Typical Communication in WMNs

• Several verifications need to be performed:

– WHS has to authenticate the MS. – MS has also to authenticate the TAPs – Each TAP has to authenticate the other TAPs in the WHS – The data sent or received by MS has to be protected (e.g., to ensure data integrity, non-repudiation and/or confidentiality).

• Performing these verifications has to be efficient and

lightweight, especially for the MS.

WHS TAP3 TAP2 TAP1 MS 17

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Securing a Communication in WMNs: Example

18

EK_3(SReq) EK_2(SReq) EK_1(SReq) EK_WHS(SReq) SRep EK_3(SRep) EK_2(SRep) EK_1(SRep)

Example: SReq = EK_WHS (ReqID, roamingInfo, K, Nonce)

• SReq: Session Request; SRep: Session Reply; K_3: TAP_3’s public Key
• Each TPA decrypts the SReq and encrypts it with the next TAP’s public Key
• SRep generated by WHS and protected in the same way
• Nonce: to prevent replay attacks; K_WHS: WHS’s public Key
• K: will be used as a key by WHS to encrypt the reply
• roamingInfo: information used by WHS to authenticate the MS
• The information contained in SRep let MS to generate the session key which will be

used for ensuring integrity of exchanged data packets and for confidentiality

WHS TAP3 TAP2 TAP1 MS

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Characteristics of WMNs

• The session key will be used to check the integrity of the messages (using MACs)

and also for the confidentiality if required

• The TAPs are not physically protected:
• Capture
• Cloning
• Tampering

19

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

 Three fundamental security operations:  Detection of corrupt nodes:  An attacker may compromise TAPs

• Accessing the internal state (the attacker retrieves the secret data

stored in the device and will analyze the traffic going through it)

• Modifying the internal state (the attacker modifies the configuration

parameters, secret data, etc. For example modifying the routing algorithm)  Secure routing

• Attacker may force the traffic through a specific TAP; or lengthen the

routes between the WHS and the TAPs

• DoS: for example the adversary may jam the communication between

TAPs in a given area and force the reconfiguration of the network.  Fairness

20

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Fundamental Security Operations

• Attack example: TAP2 is compromised by the attacker and the link between TAP5 and

TAP6 is jammed

• Countermeasures: The detection of these attacks leads to the reconfiguration: TAP2 is

replaced by an uncorrupted equipment and routing is updated.

• Result: Much longer routes for some TAPs (e.g. TAP6 was 2-hops away from WHS and now is 7-hops

away)

21

WHS TAP7 TAP6 TAP5 TAP3 TAP2 TAP1 TAP4 TAP8

Jamming attack Compromised

WHS TAP7 TAP6 TAP5 TAP3 TAP2 TAP1 TAP4 TAP8

Jamming attack Replaced

Attacks: Countermeasures:

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Three Fundamental Security Operations

• Fairness: Starvation problem
• All TAPs use the same WHS as a relay to and from the infrastructure
• Per TAP fairness: 1=3=2 (i= share of the bandwidth for flow i) : is not

necessarily the best bandwidth sharing solution

• Per-client fairness: 1=3=2*2 (because TAP2 serves one client)

TAP3 TAP2 TAP1 WAP flow1 flow2 flow3

M4 M5 M3 M2 M1 22

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

VANETs (Vehicular Ad hoc NETwork)

Roadside base station Inter-vehicle communications Vehicle-to-roadside communications Emergency event

23

• To create safer and more efficient driving conditions: e.g. warning for

environmental hazards

• Allows vehicles and road-side infrastructures to communicate to each other
• Example of protocol: IEEE 802.11p

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Vehicular communications: why?

• Combat the awful side-effects of road traffic

– In the EU, around 40’000 people die yearly on the roads; more than 1.5 millions are injured – Traffic jams generate a tremendous waste of time and of fuel

• Most of these problems can be solved by providing appropriate

information to the driver or to the vehicle

24

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Why is VANET security important?

• Large projects have explored vehicular communications:

Fleetnet, PATH (UC Berkeley),…

• No solution can be deployed if not properly secured
• The problem is non-trivial

– Specific requirements (speed, real-time constraints) – Contradictory expectations

• Industry front: standards are still under development and suffer from

serious weaknesses

– IEEE P1609.2: Standard for Wireless Access in Vehicular Environments - Security Services for Applications and Management Messages

• Research front

– Very few papers

25

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Threat model

• Attacks can be mounted on:

– Safety-related applications – Traffic optimization applications – Payment-based applications – Privacy

• An attacker can be:

– Insider / Outsider – Malicious / Rational – Active / Passive – Local / Extended

26

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Attacks

27

Traffic jam ahead

• Bogus traffic information: Attacker sends false information

(e.g. false hazard warning) to a number of vehicles

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Attacks

• In-transit traffic tampering: the attacker disrupts

communication of other nodes

– It may drop, corrupt or modify messages; it can manipulate the reception of traffic notifications or safety messages – The attacker may also replay messages, e.g. to illegitimately obtain services such as traversing a toll check point – Tampering with in-transit messages can be simpler and more powerful than forgery attacks

28

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Attacks

• Impersonation: The attacker may alter or replay messages to

impersonate other users – E.g. the attacker may impersonate an emergency vehicle to mislead

• ther vehicles to slow down
• Privacy violation: Collection of vehicle-specified information

from overheard communication

– Inference on a driver’s personal data to violate its privacy – The vulnerability lies in the periodic or frequent messages generated by a vehicle: safety and traffic management messages, transaction- based communication such as automated payment, etc. – Such messages include information such as time, location, vehicle identifier, trip details – The vehicle can be tracked through overhearing its messages

29

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Attacks

30 A

* A at (x1,y1,z1) at time t1 * A communicates with B * A refuels at time t2 and location (x2,y2,z2) 1 2

A

B A

* A enters the parking lot at time t3 * A downloads from server X 3

Example of privacy violation issue:

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Attacks

• On-board tampering: The attacker selects to tinker with data

(e.g. velocity, location, …) at their source, tampering with the on-board sensing and other hardware

– It is easier to replace or by-pass the real-time clock or the wiring of a sensor rather than modifying the binary code implementation of the data collection and communication protocols

31

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Attacks

Roadside base station

Jammer

• Jamming: Attacker generates interfering transmissions that

prevents communication within their reception range

• The attacker relatively easily and without compromising

cryptographic mechanisms partition the network

32

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Challenges

• Network volatility: The connectivity among nodes in VANETs can be

highly transient and very short-lived due to the fast movements; two vehicles may remain in each other’s transceiver range for only few seconds

– Consequently password-based secure communication or gradual trust development will not be practical.

• Liability vs. privacy: Identification of the vehicles as the source of

messages should be possible to be used as hard-to-refute data in legal investigations (e.g. in the case of accidents). On the other hand, information useful for such purposes (coordinates, time intervals or biometric information of the drivers, etc.) would raise strong privacy concerns.

33

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Challenges

• Delay sensitive applications: Most safety and driver-assistant applications
• f VANETs require low delay in message processing and delivery. The

security protocols must consider this requirement.

• Network scale: With roughly a billion vehicles around the globe and the

multitude of authorities governing transportation systems makes the design of a facility to provide security keys a big challenge.

• Slow penetration: Penetration will be progressive (over 2 decades or so),

this means that any deployed architecture must be able to cope with the presence of not yet equipped vehicles.

34

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Security Architecture

Certificate Authority ≈ 100 bytes ≈ 140 bytes Safety message Cryptographic material {Position, speed, acceleration, direction, time, safety events} {Signer’s digital signature, Signer’s public key PK, CA’s certificate of PK} Authenticated message Data verification Secure positioning Tamper- proof device Event data recorder Secure multihop routing Services (e.g., toll payment or infotainment) 35

?

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Security Architecture

• Presents the components needed to provide security in VANETs

regarding the threats described before

• The field is still immature
• Security hardware: Two logical blocks are needed for security

– Event Data Recorder (EDR): responsible for recording vehicle’s critical data such as position, speed, time, etc.

• During emergency events EDR is used as an airplane’s black box

– Tamper-Proof Device (TPD): A proper hardware to protect the cryptographic keys and performing cryptographic operations specially signing and verifying safety messages

36

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Tamper-proof device

• Each vehicle carries a tamper-proof device

– Contains the secrets of the vehicle itself – Has its own battery – Has its own clock (notably in order to be able to sign timestamps) – Is in charge of all security operations – Is accessible only by authorized personnel

37

Tamper-proof device Vehicle sensors (GPS, speed and acceleration,…) On-board CPU Transmission system ((( )))

Vehicular networks

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Vehicular Public Key Infrastructure (VPKI)

• Symmetric cryptography is not suitable: does not provide the

non-repudiation property that allows the accountability of driver’s actions (e.g. for accident reconstruction or to find the

• riginator of forgery attacks)
• Therefore, a VPKI (public key infrastructure) is required where

CAs (Certificate Authorities) issue certified public/private key- pairs to vehicles

38

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

The CA hierarchy: two options

Country 1

Region 1 Region 2

District 1 District 2

39

Car A Car B Car A Car B

• Manuf. 1
• Manuf. 2
• 1. Region based CAs
• 2. Manufacturers as CAs
• The governments control certification
• Keys should be recertified by the foreign

authority when the car enters the foreign region

• Vehicle manufacturers issue keys
• Each car has to store the keys of all

vehicle manufacturers

• In both cases authorities are cross-

certified so that vehicles from different authorities can authenticate each other

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Authentication

40 A B

• To authenticate each other vehicles sign each message with their

private key and attach the corresponding certificate

• When another vehicle receives the message it verifies the key used to

sign the message; once it is done successfully it verifies the message

• To reduce the cryptographic overhead only critical messages can be

signed or one in every few messages

Certificate of A’s key (signed by the CA)

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

41 At 3:00

• Vehicle A

spotted at position P1 At 3:15

• Vehicle A

spotted at position P2

• To Preserve identity and location privacy keys change over time
• Keys renewed according to vehicle speed (e.g., ≈ 1 min at 100 km/h)
• Anonymity is conditional on the scenario
• Liability has to be enforced: Only law enforcement agencies should be

allowed to retrieve the real identities of vehicles (and drivers)

• Each key can be tracked back to the real identity of the vehicle (the

Electronic License Plate (ELP))

What about privacy: using anonymous keys?

Georg-August University Göttingen

Upcoming Wireless Networks and New Challenges

Conclusion on the security of vehicular communications

• The security of vehicular communications is a difficult and highly

relevant problem

• Car manufacturers seem to be poised to massively invest in this

area

• Slow penetration makes connectivity more difficult
• Security leads to a substantial overhead and must be taken into

account from the beginning of the design process

• The field offers plenty of novel research challenges

42