Transcript Securing WiMAX converged networks: threats and solutions

UNIVERSITY OF PATRAS
Department of Electrical & Computer Engineering
Wireless Telecommunications Laboratory
M. Tsagkaropoulos [email protected]
“Securing WiMAX converged networks:
threats and solutions ”
M. Tsagkaropoulos
Dept. Of Electrical and Computer Engineering
Wireless Telecommunications Laboratory
University of Patras
Patras 26500
Greece
Tel: +30-2610-997301
Fax: +30-2610-997302
Email: [email protected]
“Securing WiMAX converged networks: threats and solutions”
UNIVERSITY OF PATRAS
Department of Electrical & Computer Engineering
Wireless Telecommunications Laboratory
M. Tsagkaropoulos [email protected]
Agenda:
WiMAX implementation
Security Architecture of 802.16 (WiMAX)
Vulnerabilities and possible solutions
Open Issues
Conclusions
“Securing WiMAX converged networks: threats and solutions”
UNIVERSITY OF PATRAS
Department of Electrical & Computer Engineering
Wireless Telecommunications Laboratory
M. Tsagkaropoulos [email protected]
Change of Telecoms Trends
Fixed
1990
1995
modem
PSTN
14.4 kbps
ISDN
2000
modem
PSTN
56.6 kbps
2005
2010
ADSL
xDSL
256 kbps
516 kbps
2 Mbps
2015
64 kbps
Mobile
GPRS
GSM
HSCSD
9.6 kbps
28.8 kbps
W-CDMA
40 kbps
EGDE
384 kbps
W-CDMA
2 Mbps
HSDPA
OFDMA
50 Mbps
10 Mbps
Portable
384 kbps
802.11b
10 Mbps
802.11g
56 Mbps
802.16
70 Mbps
Broadband technology starts about here
“Securing WiMAX converged networks: threats and solutions”
UNIVERSITY OF PATRAS
Department of Electrical & Computer Engineering
Wireless Telecommunications Laboratory
M. Tsagkaropoulos [email protected]
Converged Network Concept
Internet
Management
Control Signalling
SGSN
GGSN
UMTS/
WCDMA
IP Network
AAA
Server
Farm
Policing
AP
WiMAX
Application
AP
WLAN
“Securing WiMAX converged networks: threats and solutions”
UNIVERSITY OF PATRAS
Department of Electrical & Computer Engineering
Wireless Telecommunications Laboratory
M. Tsagkaropoulos [email protected]
What is WiMAX ?
• WiMAX - Worldwide Interoperability for Microwave Access
• WiMAX: broadband wireless network based on IEEE 802.16 standard,
which ensures compatibility and interoperability between broadband
wireless access (BWA) equipment.
– Efficient range of up to 48km.
– Provides wireless last-mile broadband access in the Metropolitan Area Network
(MAN).
– Performance comparable to traditional cable, DSL, or T1 offerings
– Enables non line-of-sight performance - broadband network access widely
available without the expense of stringing wires.
• WiMAX Key points:
 High speed of broadband service
 Wireless rather than wired access
 Broad Coverage
“Securing WiMAX converged networks: threats and solutions”
UNIVERSITY OF PATRAS
Department of Electrical & Computer Engineering
Wireless Telecommunications Laboratory
M. Tsagkaropoulos [email protected]
Security Architecture of WiMAX (1)
• IEEE 802.16 specifies the PHY Layer and MAC Layer
for BWA
• MAC Layer sublayers:
– Service Specific Convergence Sublayer : maps higher level
data services to MAC layer service flows and connections.
– MAC Common Part Sublayer : rules and mechanisms for
system access, bandwidth allocation, connection
management and QoS decisions for transmission scheduling.
– Security Sublayer : provides:
• privacy, authentication, and confidentiality
• protects against unauthorized access to data transport services
“Securing WiMAX converged networks: threats and solutions”
UNIVERSITY OF PATRAS
Department of Electrical & Computer Engineering
Wireless Telecommunications Laboratory
M. Tsagkaropoulos [email protected]
Security Sublayer
“Securing WiMAX converged networks: threats and solutions”
UNIVERSITY OF PATRAS
Department of Electrical & Computer Engineering
Wireless Telecommunications Laboratory
M. Tsagkaropoulos [email protected]
Security Architecture of WiMAX (2)
• The security architecture of WiMAX is based
on two component protocols :
– an encapsulation protocol: defines a set of supported
cryptographic suites and the rules for applying those
algorithms.
– a key management protocol (PKM) : synchronize
keying data between Subscriber Station (SS) and Base
Station (BS); the BS enforces conditional access to network
services.
“Securing WiMAX converged networks: threats and solutions”
UNIVERSITY OF PATRAS
Department of Electrical & Computer Engineering
Wireless Telecommunications Laboratory
M. Tsagkaropoulos [email protected]
Security Layer basic components
• Security Associations (SA)
• X.509 certificates
• Privacy Key Management (PKM)
authorization protocol
• Privacy Key Management protocol
• Encryption
“Securing WiMAX converged networks: threats and solutions”
UNIVERSITY OF PATRAS
Department of Electrical & Computer Engineering
Wireless Telecommunications Laboratory
M. Tsagkaropoulos [email protected]
Security Analysis
• Improvements:
– Robust protection in the form of certificate-based
encryption
– X.509-based PKI (public key infrastructure) certificate
authorization
• Base station validates the client’s digital certificate before
permitting access to the physical layer.
– Protection of integrity of data traffic
“Securing WiMAX converged networks: threats and solutions”
UNIVERSITY OF PATRAS
Department of Electrical & Computer Engineering
Wireless Telecommunications Laboratory
M. Tsagkaropoulos [email protected]
Vulnerabilities(1)
• Physical threats
– Jamming :insert noise strong enough to decrease the capacity of the
channel dramatically.
– Scrambling: similar to jamming but it targets to specific frames or
part of frames for short intervals of time.
– Insert malicious data: properly tuned transmitter can write on to the
channel.
Possible solutions
– Increase the power of signals or their bandwidth (spreading
techniques, powerful transmitter or high gain transmission antennas
and high gain receiving antennas)
– Mechanism to authenticate the data received
“Securing WiMAX converged networks: threats and solutions”
UNIVERSITY OF PATRAS
Department of Electrical & Computer Engineering
Wireless Telecommunications Laboratory
M. Tsagkaropoulos [email protected]
Vulnerabilities (2)
• MAC threats
– Lack of mutual authentication between the SS and
the BS
• Eavesdropping of management traffic or user traffic
• Replay Attack: repeat messages
– Denial of service (DoS) attacks
Possible solutions
– Transient information in the message ( timestamp or a serial
number)
– Forward Error Correction mechanisms
– Enhanced authentication mechanisms
“Securing WiMAX converged networks: threats and solutions”
UNIVERSITY OF PATRAS
Department of Electrical & Computer Engineering
Wireless Telecommunications Laboratory
M. Tsagkaropoulos [email protected]
Open Issues
• Mutual authentication of communicating entities
(issue of appropriate certificates)
• Secure encryption scheme of 802.16
• Data encryption that adopts:
confidentiality, data origin authentication,
(connectionless) data integrity, anti-replay service.
“Securing WiMAX converged networks: threats and solutions”
UNIVERSITY OF PATRAS
Department of Electrical & Computer Engineering
Wireless Telecommunications Laboratory
M. Tsagkaropoulos [email protected]
Conclusions
• WiMAX has a potential market:
Basic component of last mile connections in
upcoming NGN Networks
• Successful only if:
Ensured security of end-to-end communications
Advanced security implementation
NEXT STEP
 Review of current security infrastructure
 Mobility schemes that guarantee security and QoS
“Securing WiMAX converged networks: threats and solutions”
UNIVERSITY OF PATRAS
Department of Electrical & Computer Engineering
Wireless Telecommunications Laboratory
M. Tsagkaropoulos [email protected]
Thank you for your attention
UNIVERSITY OF PATRAS
Department of Electrical & Computer Engineering
Wireless Telecommunication Laboratory
Michail Tsagkaropoulos
mailto: [email protected]
http://www.wltl.ee.upatras.gr/multimedia_security
“Securing WiMAX converged networks: threats and solutions”