Wireless Network Security 14-814 Spring 2012 Patrick Tague Class #2 Wireless Networking Review
Agenda Wireless communications review Types of wireless networks Wireless challenges Application-oriented networks
Issues Wireless network protocols were designed around wired protocols Higher layers were originally the same, until people realized it didn't work well Security mechanisms were (unfortunately) treated quite similarly Layered model doesn't translate well for all desired security properties e.g. How to provide performance guarantees with only best-effort services? Wireless (ad hoc, mesh, sensor, etc.) is fundamentally different from classic networking We must change the way we think about security! Need to address trade-offs between security, efficiency, performance, usability,...
Why is wireless different?...a little background
Wireless Communication Physical layer protocols must handle: Antenna characteristics Interference and noise RF path loss Multi-path Fading Shared medium Source & channel encoding Interleaving / symbol mapping Modulation Signal / pulse shaping Source & channel decoding De-interleaving / symbol mapping Demodulation Channel equalization
Diversity and Redundancy As with many other error/failure scenarios, wireless communications rely heavily on diversity and redundancy Error detection/correction coding: redundancy for random errors, time diversity for error bursts Time/frequency/space/code channel diversity (TDMA/FDMA/SDMA/CDMA) Spread-spectrum: spread signal over wider BW, provide some protection against eavesdropping and jamming Multiple transmit/receive antennas for spatial diversity ( MIMO)
Modulation and Coding Modulation is primary protection against random noise, controls bit/symbol errors Coding protects against random errors (due to noise) and burst errors (due to fading)
Medium Access Control Medium sharing isn't new in wireless, but it's different from wired Ethernet (802.3) has a shared communication bus, access control is based on carrier sensing and collision detection (CSMA/CD) Wireless protocols are similarly designed CSMA/CD can't be used though, since wireless radios are half-duplex* (can't tx/rx at the same time) Wireless medium is shared locally, but not with everyone (hidden and exposed terminal problems) Instead of collision detection, most MAC protocols use collision avoidance mechanisms
802.11 MAC
Wireless Routing Wait...why should routing be different in wireless? Broadcast environment Battery powered devices Wireless interference Multi-hop routing
What kind of wireless networks are we interested in?
Wireless LANs Structure: Local infrastructure / gateway Small scale (home, building, campus) Function: Public or private Internet access (i.e., any IP-based service) using WiFi or similar wireless technology Features: User- or operatorconfigurable for open or tightly controlled access Local coverage, hand-off capabilities in multi-ap environments (CMU) for slow mobility
Metro Area Networks MANs are similar to LANs, only bigger WiMAX-based MAN systems (WiMAX and LTE) are starting to show up across the country Both independent Internet access systems and cellular components are being deployed WiMAX as an alternative to DSL/Cable high-speed internet LTE as the next-generation high-speed mobile data MANs serve as high-speed backhaul for mesh networks WiMAX backhaul can serve WiFi APs/hotspots
Wireless Mesh Networks Mesh networks provide multi-hop wireless connections to a backhaul Mesh routers can be fixed or mobile, serve as multi-hop connectivity for Internet traffic to/from users End users/hosts are typically mobile, hand-off to numerous mesh routers Alternatively, a mobile mesh has hosts/routers only and a few fixed APs
Ad Hoc Networks Ad hoc networks typically manage local or off-line traffic, i.e. no Internet connection Device-to-device, no APs Peer-to-peer data exchange In-network services only No central server No authority No backhaul
Personal Area Networks IEEE 802.15 Short range, few devices, low power, cheap Commonly used for home, personal, office networks Very similar to WLAN (1 server, n clients) (1 master, n slaves), only no back-end Each slave can have multiple masters Bluetooth ZigBee UWB
Sensor Networks Mostly use 802.15.4 / ZigBee, but architecture and topology are different Sensor networks are typically closer to a mesh architecture: multi-hop to one/many APs Intermittent low-rate traffic, mostly sensor readings from nodes back to APs Heavily resource-constrained Designed for life-time
What makes wireless so different from wired?
Broadcast Environment Anyone can talk, anyone nearby can listen We can control connectivity in wired networks, but not in wireless
Network Dynamics Wireless medium is constantly changing (fading) Nodes are free to move around Physical node mobility Logical mobility associating with different networks at different times Loads/demands are dynamic Constant bit-rate (CBR) traffic is rare
Resource Constraints Wireless devices are ideally battery-powered (otherwise, why go wireless) How to balance the trade-off between security, performance, and efficiency? Smaller devices are also limited in computation, storage, communication, etc. Lots of devices on the market have 8-bit processors Storage is cheap and compact, but still limited Short range comms with limited capabilities
Decentralization Systems are becoming less and less centralized But...the cloud? Control is moving out to end nodes, away from large servers Ex: APs and mesh gateways act as local servers, provide access to cloud, but do not rely on it Creates competition among independent systems Think of how many WiFi APs you've seen at once...
Ex: Key Management Key management includes group formation, group enrollment, key establishment, key distribution, key revocation, key update, and group dis-enrollment Challenging? In addition to guarantees on algorithms and keys themselves, need to ensure practicality/efficiency in mobile wireless networks More later...
What do we need all these different networks for anyway?
VANETs VANET = Vehicular ad hoc network Cars talk amongst each other and with roadside infrastructure Applications of interest: Automated driver safety management Passive road quality / condition monitoring In-car entertainment Navigation services Context-aware rec's: This alternate route would be faster, and it would go past your favorite Primanti Bros.
The Smart Grid incorporates hybrid wired/wireless communications into the energy grid Smart Grid Applications of interest: Dynamic pricing Improved efficiency Home energy mgmt.
Home Networks In-home networked systems (Smart Home) Entertainment/media Appliances, etc. Home energy networks The home side of the smart grid, between the smart meter and user Mostly wireless (802.15.4)
Disaster Communications Disaster scenarios have unique comm/network needs, especially if the infrastructure is damaged or down
Next Time Overview of wireless network security Security concerns in wireless communications Threats/vulnerabilities in layered protocols View from 30000ft