Professional Documents
Culture Documents
Introduction
1. GSM-UMTS security
2. IEEE 802.11 security
a. Wired Equivalent Protocol (WEP)
b. Wi-Fi Protected Access (WPA)
3. MANETs security
Conclusions
References
INTRODUCTION
Mobile computing is a generic term describing one's ability to
use wireless computing technology whilst moving. The devices
that utilize mobile computing give access to resources like the
internet and range from laptops to handhelds.
(b)
Fig 1.4. (a) Authentication components (b) General mechanism
Fig 1.5a: SRES Generation Fig 1.5b: Kc generation
Security in GSM networks
The process of encryption occurs between the BTS and ME without involving the
home network. For achieving seamless roaming between different networks all service
providers use the same encryption algorithm which is A5 specified by the GSM
standard.
In a similar manner to the authentication process, the computation of the ciphering key
(Kc) takes place internally within the SIM.
Anonymity in UMTS
1. VLRo/VLRn
2. IMSI/TMSI
3. Sequence Number (SQN)
4. AK
Security in UMTS (3G)
Fig 1.13a: Authentication vector generation Fig 1.13b: Response generation at USIM
Security in UMTS (3G)
The UMTS encryption
algorithm is known as
KASUMI and uses a 128-bit
session key CK. The
KASUMI algorithm is more
secure than A5 and one of
the reasons for this is simply
the use of longer keys for
encryption.
Fig 1.14 UMTS encryption
Fig 3.6. (a) Reverse path formation (b) Forward path formation
Table 3.1 MANETs routing protocols
Reputation and trust base security
The capture and distribution of
cryptography can provides integrity, feedback about current interactions.
confidentiality, and authentication but Use of feedback to guide trust
fails in the face of insider attacks. decisions.
Malicious misbehavior is divided into two Classification
types: forwarding and routing. Common 1. Observation; first hand and Second
forwarding misbehavior are packet 2. Information Symmetry
dropping, modification, fabrication, 3. Centralization
timing attacks, and silent route change.
System goals
To cope with any kind of observable
misbehavior.
To minimize the damage caused by
insider attacks.
Reputation and trust base system
Information gathering is the process by which a node collects information about the
nodes it cares about. First-hand information can be further classified into personal
experience and direct observation; Watchdog.
This vulnerability can be mitigated by adopting a strategy of limited information
sharing; sharing either only positive information or negative information.
The decisions made by this component are based on the information provided by
the information modeling component.