; Security Issues ; in Mobile Computing 11 0 book on mobile c Qe : computing can be considered complete without a discussion on security. ae Tee are based on wireless networks and witless communication ie, that larger secur eee systems is a major concern, We have already mentioned ear- works. Security becomes Angina Ronee at ee wsineg net: y andatory in mobile systems due to the existence of hackers, viruses, intruders and Internet-based attackers, who have easy access to such systems through the broadcast nature of wireless channels. Much of the security problem in wireless networks can be traced to the base stations or access points (APs), which operate without any security at all and can be easily taken out and put into wired (Ethernet) nets, exposing the data on it to everyone within its radio range. It is worth mentioning here that the dissimilarities between wired and wireless networks make it difficult to implement the existing firewalls and other intrusion detection systems (IDS) of wired networks in wireless networks. The most significant difference is that data in a wireless network are transmitted over the broadcast medium, rendering it available to all nodes in the vicinity. Another major difference lies in the communication link, which is slower and of lower bandwidth. Limited battery constraints and higher costs are also major drawbacks in mobile, portable systems, giving rise to frequent disconnections, as discussed in earlier chapters. In spite of the above differences, network security in wireless systems can still be divided roughly into the following four traditional, intertwined areas » Secrecy (or confidentiality or privacy): Keeping information out of the hands of unautho- rized users. i + Authentication? Making sure that one is communicating with the intended person. * Non-repudiation: Using signatures and ensuring that a person cannot go back on his/her earlier communication * Integrity control: Ensuring that tl ader is familiar with ne received message was not tampered with. Ww here that the re the basic concepts and sepataue of Crypt ‘ a “se te basis of most network security protocols. See Salley ola 4 eet ae key cryptography. Furthermore, it sno excellent di vn public and private ey CTY , Fart care nt oS detail security techniques like digital signatures, message det, ts nis book to dIgcURSUREE G apSec), virtual pivate DEtNeR (VPNs) or authenticati Walls, Internet Protocol, Security (PSeCy | oa ee uisites for understan ‘sy ‘These are assumed as prered as oe a ea ‘oe ee be found in detail in Tanenbaum (2003) and Stallings (2000) in this book a securi ireless networks and see how we ity threats to wir Pos i yhe general secur ! vr and In this chapter, we shall discuss the BF” ne a ; various wireless AN/PAN standards 4i issed in th have been addressed.in the168 Mobile Computing 11.1 Security threats to wireless networks As mentioned earlier, wireless networks are vulnerable to many more security threats than tradi. tional wired networks. These are as follows: 1 10. 11. Accidental attack: This gives rise to exposure due to frequent failure of devices and compo- nents, because of their small sizes and capabilities Passive attack: Here, the goal of the intruder is only to monitor or get information that is being transmitted, Attacks may include releasing message content or traffic characteristics, Since no data are altered, passive attacks are difficult to detect Active attack: In this type of attack, modification of data or false data transmission takes place, (man-in-the-middle attack) giving rise to masquerade or replay. Denial of service (DoS) is possible where there is either temporary prevention of communication facilities or disruption of the entire network. This is done by flooding it with a large number of messages to degrade the performance of the system. Unauthorized usage: This attack takes place because of the growing use of the Internet, which leaves the network vulnerable to hackers, viruses and intruders. It can be prevented by using proper user authentication techniques. Broadcast based: As mentioned earlier, an eavesdropper is able to tap the communication into the wireless communication channels, by positioning itself within transmission range, Device vulnerability: Mobile devices can be hijacked easily, and if secret IDs or codes are embedded in the device, hackers may get access to private information stored on it and to other network resources. Heterogeneity: Mobile nodes need to adjust to potentially different physical communica- tion protocols as they move to different locations. Resource depletion/exhaustion: In mobile systems, resources like processing power and battery life are very limited. Hence, techniques such as public key cryptography cannot be used during normal operations to conserve power. The device may also be left open to an attack that reduces the normal lifespan of the bat tery A DoS attack may consume and waste all the power in the battery, leaving the unit unable to function. In ad hoc networks, these attacks can cause routing nodes in the network to fail, making the network partially unreachable. Detectability: Mobile systems used in the military do not want to be detected, Even if strong encryption is being used and the data cannot be deciphered, just detecting the signal puts the mobile user at risk if its position can be located. The device can, be jammed by local radio frequency (RF) interference or the user attacked. Theft of service: It is very easy to install wireless LANs by just takingithem ‘out of the box’ and by plugging them into the network so that they work. In such systems, security settings are either disabled by default or factory-set default passwords are comimonly known, Unautho- rized, nearby users, malicious or otherwise, can get a dynamically assigned Internet protocol (IP) address and connect to the Internet War driving/walking: This is like the popular war game called war dialing, which was am earlier technique for searching phone numbers with modems attached to them. As wireless LANs gain popularity, hackers can find them by just taking a notebook computer ot pocket PC fitted with a wireless card and some detection software like netstumbler, kismet, airsnort, etc., an optional global positioning system (GPS) and driving/walking round the city. This information is then used to build a network from the identified APs.Security Issues in Mobile Computing 169 : No security or security is provided through other means | r 8 | “ye 802-11 security = (2 AP | ( Bom re \ a Printer | ait Figure 11.41 Wireless Security of 802.11 in a Typical Network 11.2 IEEE 802.11 security through WEP This section discusses the built-in security features of 802.11. The IEEE 802.11 specification identi- fied several services to provide a secure operating environment. The security services are provided by the wired equivalent privacy (WED) protocol to protect link-level data during wireless transmis, Ps. WEP does not provide end-to-end security. Only the wireless portion sion between clients and Al ure 11.1. WEP is discussed in detail below. of the connection is made secure, as shown in Fig 11.2.1 WEP security features of 802.11 wireless LANs three basic security services of authentication, confidentiality and integrity for ind Owens (2002). These are given in detail below: IEEE define WLANs as given in Karygiannis a 11.2.1,1 Authentication When wireless users attempt to gain access to 2 wired network, they must first be validated to make sure they are who they claim to be. This is called authentication. The IEEE 802.11 specifi- cation provides for two types of authentication—open-system authentication and shared-key authentication. The highlights of these are shown in Figure 11.2 as a taxonomy. nest ee Sy eas atmermnest OS 2 exchanges messages with an access point (AP). The AP sends a query as 4 ‘challenge’ to the station. If the station sends the correct 802.11 authentication Open system authentication Shared key authentication (f-stage challenge-response) (2-stage challenge-response) Non cryptographic Cryptographic Does not use RC4 ‘ares No identity verification Station required to prove required for station to join shared WEP key to join network network (Optional) Figure 11.2 802.14 Authentication Techniques—a Taxonomy.170 Mobile Computing Wireless station Authentication request Enerypt challenge using RC4 Decrypt response verify challenges same Figure 11.3 Shared-key Authentication response’, i.e., the correct MAC address fields, it is considered authenticated. Note that there is no cryptographic validation here. Hence open-system authentication is highly vulnerable to unauthorized access and attack. The 802.11 specification only requires this type of ‘authentication’, However, this technique cannot be really called authentication, as the AP accepts the mobile station without verifying its identity In Shared key authentication, another basic ‘challenge-response’ technique is used which is based on cryptography. In this scheme, shown in Figure 11.3, a random challenge (or nonce) is generated by the AP and sent to the wireless client. The client uses a cryptographic key that is shared with the AP to encrypt the challenge and returns the result to the AP. The AP decrypts this result and if the decrypted value is the same as the random challenge it had sent, it allows access. The 128-bit challenge text is generated using the RC4 symmetric key, stream cipher algorithm as given in Tanenbaum (2002). Unlike open-key authentication, shared key authentication is optional in the IEEE 802.11 specification. Voth the above authentication methods have limitations. Firstly, they do not provide mutual authentication, ie., the AP authenticates the wireless client, but the client does not authenticate the AP. The mobile station must trust that it is communicating with a legitimate AP. Secondly, the simple challenge-response schemes used in these techniques are known to be weak and suffer from attacks like the ‘man-in-the-middle’ attack, 11.2.1.2 Confidentiality The aim of providing confidentiality, or privacy, during transfer, as is done in a wired ne must be avoided. The 802.11 standard for WEP also uses the 's to prevent information being eavesdropped twork. Eavesdropping is a purely passive attack which RC4 symmetric key, stream cipher algorithm and is shown in Figure 11.4. At the wireless station side, a Pseudo-random data sequence, called @ ‘keystream’, is obtained by concatenating a 24-bit Initialization Vector (IV) to a shared 40-bit key, and passing the same through the RC4 algorithm. Then the Payload, which consists of the plane text, together with the CRC generated by the CRC generating algorithm, 1 XcORed mE the procedure is performed in reverse to get keystream to generate the ciphertext. At the AP side, back the plaintext.Security Issues in Mobile Computing 171 + ‘SENDER 7, | RECEIVER its: i IV Generation : ' Acca algorithm | Point 24 bits | Initialization vector Shared key | Poa Concatenate | [[eereatenate] eter | Vand key ‘ [vandey Per packet ‘ Per packet ane key ' key Generation C4 algorit i algo gorithm} ' |RC4 algorithm] | Key 1 i stream = Plaintont input Cipher text | Panton output = po <— Packet —> ' Payload bits | pee XOR with | keystream ' Figure 11.4 WEP Privacy and Integrity Using RC4 Algorithm In this way, data can be protected from eavesdropping, during transmission over the wireless link using WEP. WEP is applied to all data above the 802.11 WLAN layers to protect Transmission Control Protocol/Internet Protocol (TCP/IP), Internet Packet Exchange (IPX) and Hyper Text ‘Transfer Protocol (HTTP) traffic. The 802.11 standard WEP supports only a 40-bit cryptographic keys size for the shared key, but nonstandard extensions of WEP that support key lengths upto 104 bits are also prevalent. It may be noted that increasing the Key size increases the security of a cryptographic technique. ee to ensure that data/messages between the wireless clients and the AP are Another goal of WEP is ag “ i s ai ‘ed in transit in an active attack, ie, thete Aamtegrity’ 1s not com pipnisa gai IEEE #02, 11 specieattan provides such a data integrity service so that an active adversary ‘in the mid- i iding confidentiality, as shown in * canine fe procedure that is used for provi : oe ae oe eae client side, to provide such data integrity. At the receiving AP, Figure 11.4, Is used at We T= CRC is recomputed on the received message. This is compared ae oe wuith the original message. If the CRCs do not match, this indicates an with the one comp' i ed. integrity violation and ie De ee secure asa hash or message authentication Note that tae a IEEE 802.11 specification also does not provide for key cae code (Tanenbaum, 2003), 0 ceiputing, string, loading, ete, of keys. Keys mis CO mechanisms like genera, 1 ged in advance over a wired backbone networks MH loaded by the manufac 4 also choose a tandom Key and senidit OVEEMSSSY sion or the mobile station COR erally remain stable for months OFYeaNS ss tens, the other's public Key: Such KEYS 2°01 am is thatthe same Key shared by, sii ane a ‘one from another. Also all users can read each ot so there is no way to di