for Wireless Networks-A Survey

illnurturedtownvilleMobile - Wireless

Nov 21, 2013 (3 years and 10 months ago)

72 views

Various Authentication schemes
for Wireless Networks
-
A Survey


Jignasha Dalal


M.E Sem
-
III (computers)






Guided by


Prof. Madhumita Chatterjee

Topics


Introduction


Infrastructure mode communication


Adhoc mode communication


Comparison


Conclusion

Introduction



Wireless network is a network set up by using radio signal frequency
to communicate among computers and other network devices.


Security threats against the wired network are equally applicable to
the wireless networks, but the wireless networks suffer a no. of
additional vulnerabilities that make it more challenging to secure.



Open wireless medium


Limited bandwidth & Limited Battery power


System complexity


Rogue access point


Limited Storage


Heterogeneity

Introduction



Authentication is the process of proving the identity of a computer or
computer user.


Generally, in wired networks, number of nodes is fixed and they are
static. All nodes in wired network are having enough capability to
store and process authentication related data.


In wireless networks, nodes are mobile with limited processing
power, storage and battery power
.


Mobility of nodes causes continual requests for costly re
-
authentication
.


An

efficient Authentication solution

is needed to reduce such cost.


Wireless nodes communicate with each other in


Infrastructure mode


Adhoc mode.


Introduction



The basis of infrastructure mode centers around an access point,
which serves as the main point of communications in a wireless
network.


Introduction



Ad
-
hoc mode allows computers equipped with
wireless transmitters and receivers to communicate
directly with each other, eliminating the need for an
access point.


The drawback of this mode is that computers are not
able to communicate with computers on a wired
network.


Communication between the wireless
-
equipped
computers is limited by the distance and
interference directly between them.



Infrastructure mode communication



In infrastructure mode of communication, base station
or base infrastructure network is required.



Following schemes are studied:


1.
A New Authentication Scheme with Anonymity for
Wireless Environments

2.
Security Enhancement on a New Authentication
Scheme With Anonymity for Wireless Environments

3.
Mobile Agent based Authentication for Wireless
Network Security


Infrastructure mode communication

1
st

scheme


A New Authentication Scheme with
Anonymity for Wireless Environments


The scheme is given by Jianming Zhu and Jianfeng Ma,
members IEEE.


The scheme is based on the hash function and smart cards,
and mobile users only do symmetric encryption and decryption
.



It takes only one round of message exchange between the
mobile user and the visited network, and one round of message
exchange between the visited network and the corresponding
home network.



Infrastructure mode communication


1
st

scheme


The model of wireless environments


Infrastructure mode communication


1
st

scheme


Notations


HA, FA

Home agent of a mobile user, Foreign Agent

+ , _

Exclusive OR, Concatenation

PW
MN

Password of MN

ID
A

Identity of A

T
A

Timestamp generated by A

Cert
A

Certificate of A

(x)
K

Symmetric encryption using k

E
k
(x)

Asymmetric encryption using k

h(x)

One way hash function

Infrastructure mode communication


1
st

scheme


Protocol


Initial phase


When

a

new

mobile

user

MN

wants

to

register

at

his/her

HA,

he/she

submits

his/her

identity

ID
MN

to

the

HA
.




Then,

HA

delivers

PW
MN

and

a

smart

card,

which

contains

ID
HA
,

r,

and

h(
.
),

for

the

user

through

a

secure

channel
.

The

PW
MN

and

r

are

calculated

as

follows
:



PW
MN

=h(N_ID
MN
) and


r =h(N_ID
HA
) + h(N_ID
MN
) + ID
HA

+ ID
MN


where N is a long random number kept secretly by the HA.

Infrastructure mode communication


1
st

scheme


Protocol continued


First phase


In this phase, FA authenticates MN and issues a temporary certificate to MN,
which will be used in the second phase when MN always communicates this FA
within this area.



MN
-
>FA: n, (x
0
)
L
, ID
HA
, T
MN

where n = r +
PW
MN
and L = h(
T
MN

+
PW
MN
).



FA
-
>HA:

b, n, (x
0
)
L
, T
MN
, EKR
FA

(h(b, n, (x
0
)
L
, T
MN
, Cert
FA
)), Cert
FA
, T
FA



HA computes ID
MN

=

h (N_
ID
HA
) + n +
ID
HA




HA
-
>FA:

c, EKU
FA
(h(ID
MN
)_x
0
), EKR
HA
(h(b, c,EKU
FA

(h(ID
MN
)_x
0
), Cert
HA
)),
Cert
HA
, T
HA



FA
-
>MN:

(TCert
MN
)
k
where k = h(ID
MN
) + x
0


Infrastructure mode communication


1
st

scheme


Protocol continued


Second phase


In this phase, MN visits FA at ith session when he/she is
always within this FA. The process is as follows.


MN
-
>FA: TCert
MN
, (x
i
_TCert
MN
_OtherInformation)k
i



k
i

=h(ID
MN
) + x
i−1



Strengths


Mobile node computation is very less.


User anonymity is achieved.


One time key between mobile user and visited network.


It can achieve perfect forward secrecy.


Infrastructure mode communication


1
st

scheme


Weaknesses:

1.
It cannot achieve perfect backward secrecy.



If the session key
k
i
is known to an attacker, he/she can derive
x
i

in the second phase. [
(x
i
_TCert
MN
_OtherInformation)k
i

]


Then, the attacker can compute the future session keys from


K
i+1
= h(ID
MN
) + x
i

,
i
= 1
,
2
, . . . , n.


2.
It cannot achieve mutual authentication.


An attacker can intercept (TCert
MN
)
k

in the first phase.


Then, he/she can modify it to (TCert’
MN
)
k’

, Therefore, MN will
receive a wrong temporary certificate because MN does not
authenticate

FA.

Infrastructure mode communication


1
st

scheme


Weaknesses:

3.
It cannot protect against forgery attack.


An attacker can intercept (
n,
(
x
0
)
L
, ID
HA
,
T
MN
). He/she
modifies it to (
n,
(
x
0
)’
L’

, ID
HA
,
T’
MN
).



The attacker can forge the MN to cheat the HA, because HA
can derive the ID
MN

(
ID
MN

=

h (N_
ID
HA
) + n +
ID
HA
)
and
then pass authentication.


4.
All authentication information is shared over free air using
uncontrolled port.


Infrastructure mode communication


2nd scheme


Security Enhancement on a New Authentication
Scheme With Anonymity for Wireless Environments


It is the enhancement of the 1st scheme. It is given by Cheng
-
Chi Lee,
Min
-
Shiang Hwang.



This scheme removes first three weaknesses of the previous scheme. It
uses two random numbers x
0

and x to remove the weaknesses.



The model and notations are same for both the schemes
.


The protocol


Initial Phase


Initial phase is same for both the schemes
.






Infrastructure mode communication


2nd scheme


Improved First phase


In this phase, FA authenticates MN and issues a temporary certificate to
MN, which will be used in the second phase when MN always
communicates this FA within this area.


MN
-
>FA: n, (h(ID
MN
)_x
0
_x)
L
, ID
HA
, T
MN
[
n,
(
x
0
)
L
, ID
HA
,
T
MN
]




FA
-
>HA: b, n, (h(ID
MN
)_x
0
_x)
L
, T
MN
, EKR
FA

(h(b, n, (h(ID
MN
)_x
0
_x)
L
, T
MN
,
Cert
FA
)), Cert
FA
, T
FA



HA computes ID
MN

=

h (N_ID
HA
) + n + ID
HA



HA
-
>FA: c, EKU
FA

(h(ID
MN
)_x
0
_x), EKR
HA
(h(b, c, EKU
FA

(h(ID
MN
)_x
0
_x),
CertHA)), Cert
HA
, T
HA



FA
-
>MN: (TCert
MN
_ h(x
0
_x))
k
where k=h(ID
MN

_ x) + x
0
.




Infrastructure mode communication


2nd scheme


The protocol continued


Improved second Phase


In this phase, MN visits FA at
ith

session when he/she is
always within this FA. The process is as follows.



MN
-
>FA:
TCert
MN
, (
x
i
_TCert
MN
_OtherInformation
)
ki



k
i
= h(ID
MN

_ x) + x
i
-
1.

Infrastructure mode communication


2nd scheme


Strengths:


The proposed scheme overcomes the weaknesses of the above
scheme.

1.
It can achieve perfect backward secrecy.


In improved first phase, if the key k
i

is known, attacker can decrypt
x
i
, but he/she cannot compute future session keys because the
attacker does not know random number x. (
K
i+1
= h(ID
MN
_x) + x
i

)

2.
It can achieve mutual authentication.


In the improved first phase, MN can authenticate FA by computing
h(x0_x) and comparing it with received h(x0_x).

3.
It can protect against forgery attack.


The attacker cannot forge the MN to cheat the HA, because HA can
compare if the two
h
(ID
MN
) are equal to verify the integrity of ID
MN
.
Therefore, it can protect against a forgery attack.


Infrastructure mode communication


2nd scheme


Strengths continued

4.
It can achieve perfect forward secrecy.


If k
i

is known, it is not possible for attacker to calculate previous
session keys.


Weaknesses:


All authentication information is exchanged over free air using
uncontrolled port.


Infrastructure mode communication


3rd scheme


Mobile Agent

based Authentication for Wireless
Network Security


This scheme is given by Olatunde O. Abiona, Yu Cheng.


The authentication information is not exchanged over free air
using uncontrolled port.


Mobile Agent (MA) will collect the information from client and
carry it to the authenticator (access point).


After successful authentication, specific port will be assigned to
client.


Agent platforms are installed on both supplicant(wireless node)
and the authentication server.


Infrastructure mode communication


3rd scheme


The Architecture



Infrastructure mode communication


3rd scheme


The operation



Infrastructure mode communication


3rd scheme


The supplicant mobile agent (SMA) migrates to the authentication
server platform carrying authentication data from the supplicant.




ASA (Authentication Server Agent) and SMA exchange a series of
challenge and response to authenticate the supplicant.




If the authentication process is successful, the authentication server
sends a success extensible authentication protocol(EAP) message
to the authenticator.



If all the exchanges are successful, then the authenticator will allow
traffic flow through the controlled port.


Infrastructure mode communication


3rd scheme


Strengths:


Authentication information is not exchanged over free air using
uncontrolled port.


Encrypted mobile agent carries authentication information.


Double authentication is provided.



Weaknesses:


It provides only node authentication.


Message authentication is not mentioned.





Infrastructure mode communication


Infrastructure mode communication requires some basic
infrastructure.


Scheme 1 and Scheme 2 gives full details about architecture and
protocol.


Scheme 1 is having many weaknesses. Scheme 2 removes the
weaknesses by providing slight modification to the scheme 1
without compromising the efficiency.


Scheme 3 is based on Mobile Agent Architecture. Mobile Agent
carries authentication information for the user. Security of the
scheme depends upon the security of the mobile Agent. There
are still other security issues to be addressed in the future like
Anonymity, confidentiality, integrity and availability.

Adhoc mode communication(MANETs)



The MANET is a wireless communication network composed of
mobile nodes with neither the base infrastructure network nor the
base stations.



Each node in MANETs consist of the following:

1.
Wireless transmitter

2.
A receiver with appropriate antenna.



MANETs lack central administration and prior organisation.


Adhoc mode communication(MANETs)


Following schemes are studied:


1.
Lightweight Hop
-
by
-
Hop Authentication Protocol
For Ad
-
Hoc Networks

2.
A Lightweight Authentication Protocol for Mobile
Ad Hoc Networks

3.
Authentication in Wireless Networks

Adhoc mode communication(MANETs)

1
st

scheme


Lightweight Hop
-
by
-
Hop Authentication Protocol For Ad
-
Hoc
Network

(LHAP)


This scheme is given by Sencun Zhu1, Shouhuai Xu2, Sanjeev Setia1,

Sushil Jajodia1.



It uses two keys: 1) TRAFFIC key to authenticate packets and 2)
TESLA(Timed Efficient Stream Loss
-
tolerant Authentication
)

key for
trust maintenance for authenticating KEYUPDATE message.



TESLA uses one
-
way hashed chain to generate keys, and delays
disclosure of keys to guarantee that a node receives the packet before
another node can forge the packet with already released keys.




Each node has a public key certificate and public key of CA.



Adhoc mode communication(MANETs)

1
st

Scheme


Strengths:


It is Independent of routing protocol.


Traffic Authentication and trust maintenance is inexpensive.



Weaknesses:


The Scheme is vulnerable to message tampering attacks, replay attacks and
wormhole attacks.


It also requires loose time synchronization between the nodes to
work.(TESLA).


It involves delayed authentication because Traffic key cannot be verified until
TESLA key is released. So it is r
equired to buffer messages.


Use of two keys adds more complexity.


Confidentiality and integrity is not achieved.

Adhoc mode communication(MANETs)

2nd scheme


A Lightweight Authentication Protocol for Mobile Ad Hoc
Networks


This scheme is given by Bin Lu, Udo W. Pooch[9].


It utilizes
one
-
way hash chain
to provide effective and efficient
authentication for neighboring communications in MANETs.


It uses only one key for trust management and message
authentication. So it is less complex than the previous scheme.


Each node periodically broadcasts a KEYUPDATE message
which contains most recent key.


Delay of key disclosure is determined by sender. So it does not
require loose time synchronization between nodes.

Adhoc mode communication(MANETs)

2nd scheme


Strengths:


Only one key is used for message authentication and trust
management. So complexity is less compared to the previous
scheme


Traffic maintenance and trust management is inexpensive.


It does not require loose time synchronization between the
nodes.


It achieves integrity.


Weaknesses:


The Scheme is vulnerable to replay attacks and wormhole
attacks.


It involves delayed authentication. So it is required to buffer
messages.


Confidentiality is not achieved
.


Adhoc mode communication(MANETs)

3
rd

Scheme


Authentication in Wireless Networks


This scheme is given by G.V. S. Raju and Rehan
Akbani.



It is per hop per packet authentication scheme.



It achieves non repudiation and integrity.



Trust management and message authentication is
computationally expensive compared to the previous
schemes.


Adhoc mode communication(MANETs)



Key Exchange


Adhoc mode communication(MANETs)

3rd scheme


For key exchange, RSA or Diffie Hellman key exchange algorithm
can be used.


Key exchange is employed under any one of the following
circumstances:



When a new node joins a neighborhood.



When an existing node in the neighborhood has remained idle for
too long, and then it needs to transmit a packet.



The keys should expire after a certain amount of time
.



Every node needs to store current index no. associated with each
neighbor to avoid replay attacks.


Adhoc mode communication(MANETs)

3
rd

Scheme


Protocol


Unicast packet



H1=HMAC(M || ind, K
A
-
Ai
)


Ind, M and 40 bits of H1 are transmitted to single neighbor.


In order to save on bandwidth requirements, only last 40 bits of MAC are
transmitted.


This still makes the search space large enough for the adversary so that the
chances of randomly generating the correct MAC for a forged message are
remote.


Multicast Packet


H1= HMAC(M, K
AN
)



H2= HMAC(H1,K
A
-
Ai
)



Additional bytes required per packet = 4 + n*5 where n is no. of neighbors


Adhoc mode communication(MANETs)

3
rd

Scheme


Strengths:


It does not require clock synchronization.


It is resistant to man
-
in
-
middle attack, replay attack
and brute force attacks.


It does not have delayed authentication.


Weaknesses:


The scheme is computationally more expensive.


It has more bandwidth and storage overhead.


Throughput decreases as number of neighbors
increase.


Adhoc mode communication(MANETs)



Adhoc mode communication does not require any type of base
infrastructure.


Scheme 1 and scheme 2 are based on the generation of one
way hash chains.


Scheme 1 uses two keys: 1) TRAFFIC key for packet
authentication and TESLA key for trust maintenance between
nodes. Scheme 1 does not provide integrity.


Scheme 2 uses only one key, so reduces complexity. It also uses
MAC to provide integrity.


Scheme 3 achieves all the security goals but node computation
and bandwidth overhead increases as the number of neighbors
increase. Trust management and message authentication is
expensive compared to the scheme 1 and scheme 2.

Comparison
(Infrastructure mode communication)


Symmetric enc/dec= AES algorithm(16 byte key), Digital signature= (24 byte
elliptic curve algorithm, hash function =MD
-
5(16 byte key), Certificate size=
2Kbits(256 bytes).


Mobility

Scheme 1

(Sec 3.1.1)

Scheme 2

(Sec 3.1.2)

Scheme 3

(Sec 3.1.3)

Node Computation
(node Auth)

1 symm enc, 1 symm
dec, 2 hashes
(low)

1 symm enc, 1 symm
dec, 3 hashes
(low)

Challenge
-

Response

Node Computation
(msg Auth)

1 symm enc, 1 symm
dec 1 hash (low)

1 symm enc, 1 symm
dec 1 hash (low)

________

Bandwidth overhead

high

high

------------

Storage

256 bytes (certificate)
+ 16 bytes (key)
= 272 bytes (low)

256 bytes(certificate)
+ 16 bytes (key)
= 272 bytes (low)

_________

Complexity

Low

Low

high

Comparison
(Infrastructure mode communication)


Scheme 1

(Sec 3.1.1)

Scheme 2

(Sec 3.1.2)

Scheme 3

(Sec 3.1.3)

Replay

Resistant

Resistant

-------------

Man
-
in
-
middle

Not Resistant

Resistant

Resistant

Rogue Access point
(Mutual
Authentication)

Not

Resistant

Resistant

Resistant


Attacks

Comparison
(Infrastructure mode communication)



Security Achieved

Scheme 1

(Sec 3.1.1)

Scheme 2

(Sec 3.1.2)

Scheme 3

(Sec 3.1.3)

Forward

secrecy

Achieved


Achieved


______

Backward

Secrecy

Not

Achieved

Achieved

_______

Non
-
repudiation

Achieved

Achieved

Not

Achieved

Confidentiality

Achieved

Achieved

Not

Achieved

Integrity

Achieved

Achieved

Not

Achieved

Comparison
(Adhoc mode communication)



Mobility

Scheme 1

(Sec 3.2.1)

Scheme 2

(Sec 3.2.2)

Scheme 3

(Sec 3.2.3)

Node

Computation

(node

Auth)

2 sign ,2 mac
calculation, one
way hash chain
generartion

(moderate)

2 sign, one way hash
chain generation

(low)

1 asymm enc, 1
asymm dec

for each neighbour

(low)

Node

Computation

(msg

Auth)

one or more hash
operations (low)

2 mac, one hash

(moderate)

2 HMAC computation

(high)

Bandwidth

overhead

moderate

low

high

Storage


256 bytes+1
6*n

(low)

256 bytes + 16 *n

(low)

256 bytes (certificate)
+ 4 * n (index
no.)+ 16*n(key)
+16 (common
key) (high)

Comparison
(Adhoc mode communication)



Attacks

Scheme 1

(Sec 3.2.1)

Scheme 2

(Sec 3.2.2)

Scheme 3

(Sec 3.2.3)

Replay

difficult

to

launch

difficult

to

launch

Resistant

Man
-
in
-
middle

Not Resistant

Not resistant

Resistant

Brute

force

attack


Resistant

Resistant

Resistant

Comparison
(Adhoc mode communication)



Security Achieved

Scheme 1

(Sec 3.2.1)

Scheme 2

(Sec 3.2.2)

Scheme 3

(Sec 3.2.3)

Forward

secrecy

Not

Achieved

Not

Achieved


Achieved

Backward

Secrecy


Achieved

Achieved

Achieved

Non
-
repudiation

Not

Achieved

Not

Achieved

Achieved

Confidentiality

Not

Achieved

Not

Achieved


Not

Achieved

Integrity

Not

Achieved

Achieved


Achieved

Conclusion


Infrastructure mode communication


Scheme 2(sec 3.1.2) is the best based on above comparison.


It achieves all security goals and resistant to all the attacks at very low
cost.


Node Computation cost, node storage, bandwidth overhead is very less.



Adhoc mode communication


All Authentication schemes use certificate for node authentication.


Scheme 2(sec 3.1.2 ) can be applicable to MANETs, provided at least
two nodes are having more processing, storage and battery power.


Scheme 3(sec 3.2.3) looks best based on above comparison.


Although, Storage, computation and bandwidth overhead is increasing
according to number of neighbors, the scheme provides good security.


It provides per packet and per hop authentication. So DOS attacks are
very difficult. It is resistant to all other attacks. It achieves all the security
goals
.


References

1)
Olatunde O. Abiona, Yu Cheng. “Mobile Agent based Authentication for Wireless Network Security” ,
978
-
1
-
4244
-
2202
-
9/08 © 2008 IEEE

.

2)
G.V. S. Raju, IEEE Life Fellow and Rehan Akbani. ”Authentication in Wireless Networks”,
Proceedings of the 40th
Hawaii International Conference on System

Sciences


2007
.

3)
Chia Hsing Tung, Yi Ouan Chen, Zhi Mou Chen, and Shuoh Ren Tsai.

Implementation of Security Mechanism for
Adhoc Wireless Networks Based on X.509 and IEEE 802.1X”,
Proceedings of the IEEE International Conference on

Sensor

Networks,

Ubiquitous, and Trustworthy Computing (SUTC’06
)

4)
Cheng
-
Chi Lee, Min
-
Shiang Hwang,
Member, IEEE
, and I
-
En Liao, Member, IEEE. “Security Enhancement on a New
Authentication Scheme With Anonymity for Wireless Environments”,
IEEE TRANSACTIONS ON INDUSTRIAL
ELECTRONICS, VOL. 53, NO. 5,

OCTOBER 2006.

5)
Nidal Aboudagga, Jean
-
Jacques Quisquater , Mohamed Eltoweissy. “Group Authentication Protocol for Mobile
Networks”,
Third IEEE International Conference on Wireless and Mobile Computing, Networking and

Communications

(WiMob 2007).

6)
Murari Bhattacharyya, Subrata Nandi and Soumya Saha . “A Soft Dynamic Service Specific Trust Management and
Authentication Scheme for Mobile Adhoc Networks” ,
1
-
4244
-
0340
-
5/06 2006 IEEE.

7)
Fumiaki Sato Hirohisa Takahira Tadanori Mizuno. “Message

Authentication Scheme for Mobile Ad hoc Networks”,
Proceedings of the 2005 11th

International Conference

on Parallel and Distributed Systems (ICPADS'05).

8)
Eun
-
Jun Yoon, Kee
-
Young Yoo. “Secure Password Authentication Protocol in Wireless Networks”,
Proceedings of the
International Conference on Next

Generation

Web Services Practices (NWeSP'06).

9)
Bin Lu, Udo W. Pooch. “A Lightweight Authentication Protocol for Mobile Ad Hoc Networks”,
Proceedings of the
International Conference on Information

Technology: Coding and Computing (ITCC’05)

10)
J. Zhu And J. Ma . “Authentication Scheme with Anonymity for Wireless Environments”,
0098 3063/04

2004 IEEE.

11)
Jaegwan Park, Jaesung Go, Kwangio Kim.
“Wireless Authentication Protocol Preserving User Anonymity”.

12)
Adrian Perrig Ran, Canetti J.D. Tygar Dawn song. ”
The TESLA Broadcast Authentication Protocol”.

13)
Sencum Zhul, Shouhuai Xu2 Sanjeev Setia1,

Sushil Jajodia1. “LHAP: A Lightweight Hop
-
by
-
Hop Authentication Protocol
For Ad
-
Hoc Networks”,
Proceedings of the 23 rd International

Conference on Distributed Computing

Systems

Workshops
(ICDCSW’03).

14)
G. A. Safdar M. McLoone. Randomly Shifted Certification Authority Authentication Protocol for MANETs,
IEEE 2003
.




Thank You