Security of wireless communication systems_Ezgi Arslanx

workablejeansΚινητά – Ασύρματες Τεχνολογίες

21 Νοε 2013 (πριν από 3 χρόνια και 11 μήνες)

86 εμφανίσεις

Information Security of
Wireless Communication
Systems

Ezgi

Arslan

Outline:


Definition of Information Security


Services of security


Security of Wi
-
Fi and cellular systems


Solutions to intended or unintended attacks


Cryptography


Information theoretic security



Information theoretic security of MIMO channels


04/23/2010

2


Information Security


Definition of information security under US Code:


Information
security

means protecting information
and

information
systems

from unauthorized access,
use, disclosure, disruption, modification or
destruction.


The main concerns of information security are:


Confidentiality


Integrity


Availability


These concerns are more problematic in wireless
networks because it is easier to listen or intercept
some other channel due to transmission in an open
medium.


3


04/23/2010

Confidentiality


Alice : Online Banking Provider


Bob: Bank customer


Eve or Trudy: Bad guy who eavesdrops or attacks the
system in some way. [1]



Confidentiality

aims to prevent unauthorized reading
of information, includes protecting personal privacy.


Bob doesn’t want Eve to know how much money he has
in his savings account.


Alice’s job is to make sure the information kept
secret, because of laws and regulations.

4


04/23/2010

Integrity


Integrity of information is ensured if unauthorized
writing or changing of stored information is
prevented.


It includes ensuring information nonrepudiation and
authenticity.


Alice must protect the integrity of account
information to prevent Trudy from, say, increasing
the balance in her account or changing the balance in
Bob’s account.

5


04/23/2010

Availability


Data availability on both sides (Alice and Bob) is an
important part of the communication.


Recently, Denial of Service (
DoS
) attacks become
very problematic for ensuring availability.


Eve sends fake
DoS

signals to either Bob or Alice in
order to reduce access to information.


If Alice’s website is unavailable, then Alice can’t make
money from customer transactions and Bob can’t get
his business done. Bob might then take his business
elsewhere.

6


04/23/2010

Access Control


Issues of Authentication:


It deals with the problem of determining whether a user
should be allowed to access to a system or a resource.


Is
the one logged on Bob’s computer really Bob, not
Trudy?


When Bob logs into his banking account, how does Alice
know that it is Bob?


Trudy
can intercept, change, insert messages or reply
Alice convincing her that she is Bob.


Ways to authenticate:


Something you know : Passwords


Something you have : ATM cards or smart cards


Something you are : Thumbprint or voiceprint

7


04/23/2010

Access Control


Issues of Authorization:


Authorization is the part of access control concerned
with restrictions on the actions of authenticated users.


Administrator accounts and firewalls. The job of the
firewall is to determine what to let into and out of the
internal network.


Multilevel security labels the information as:




By this way, Eve can only reach to information of
appropriate class.


8


04/23/2010

Solution:


Integrity and availability of the information can
ensured by using protocols, software, authentication
and authorization processes.


The most important problem in an open wireless
medium is to ensure the confidentiality of messages.


Two possible solutions:

1.
Cryptography:

2.
Information theoretic security:

9


04/23/2010

Cryptography


The goal is to transform usable information into a
form that renders it unusable by anyone other than
an authorized user; this process is called

encryption.






Julius
Ceasar’s

Cipher: (shift of n=3)



10


04/23/2010

=>

Cryptography Cont’d


Rather than simple substitution, use time varying key
sequences:

11


04/23/2010

Security of Wi
-
Fi


WEP Encryption: (Wired Equivalent Privacy)








Take bitwise XOR of the key with the message.


IV is changing periodically, K is fixed and pre
-
shared
between the users.


12


04/23/2010

24
-
bit Initial
Vector(IV)

40
-
bit fixed key
K

Security of Wi
-
Fi


WPA Encryption: (Wi
-
Fi Protected Access)


Uses the same blocks as WEP, but improves the
weaknesses of WEP encryption.


IV is 48 bits and changing for each packet.


CRC (Cyclic Redundancy Check) is used in WEP which
is proved to be ineffective, so Message Integrity
Check (MIC) is integrated into WPA to have the error
detection and correction mechanism.


WPA provides much stronger keys as compared to
WEP.


13


04/23/2010

Security of Cellular Networks


In the earlier cell phones, security was not a concern.


Since 2G, each mobile has a Subscriber Identity
Module, SIM, which is a smartcard to identify the
user. SIM also contains a 128
-
bit key that is only
known to itself and the home network.


2G attempts to deal with anonymity, authentication
and confidentiality

14


04/23/2010

Information Theoretic
Security


Question: How much information is too much to leak
to an eavesdropping adversary?[3]


Information theoretic encryption was first
formulated by Claude Shannon in 1949, assuming the
adversary has an unlimited computational resources
and the objective of the transmitter is to ensure that
no information is released to the adversary. [4]


It is called information theoretic security, because
system security is derived purely from information
theory.



15


04/23/2010

Gaussian Wiretap Channel [5]


Secrecy capacity is the
maximum rate at which
transmitter sends
messages in perfect
secrecy.


Secrecy capacity of this
channel is difference of
capacities of intended
receiver and eavesdropper
channels.

16


04/23/2010

Tx

Rx

Eve

X

Z

Y

Y=
X+n
y

Z=
Y+n
z

2
-
2
-
1 Gaussian MIMO
Wiretap Channel [6]

17


04/23/2010


Optimum achievable
scheme is beamforming
through the intended
receiver.


This is shown to be yield
upper bound of the secrecy
capacity.



Tx

Rx

Eve

X

Z

Y

Conclusion


Wireless security consists of various components.
Confidentiality, integrity and availability.


Security can be ensured by protocols, software,
access control, encryption, etc.


The ultimate limits of security is derived and being
investigated using information theory.

18


04/23/2010

References:


[1] “Information security: Principles and Application”
by Mark Stamp, 2006


[2] “Security in Wireless networks”, Ali
Gardezi


[3] “Securing Wireless Communications at the
Physical Layer” by
Ruoheng

Liu and Wade Trappe
2010


[4] “Communication Theory of Secrecy Systems” by
Claude Shannon, 1949


[5] “The Gaussian Wiretap Channel”, by Leung
-
Yan
-
Cheong and Martin Hellman, 1978


[6] “Towards Secrecy Capacity of Gaussian MIMO
Wiretap Channel: The 2
-
2
-
1 Channel” by
Shabnam

Shaifee
, Nan Liu and
Sennur

Ulukus
, 2008

19


04/23/2010