Mobile Security Wireless Mesh Network Security Sascha Alexander Jopen
Overview Introduction Wireless Ad-hoc Networks Wireless Mesh Networks Security in Wireless Networks Attacks on Wireless Mesh Networks Countermeasures Key Management Schemes SMOCK Conclusion 2
Wireless Ad-hoc Networks No infrastructure like access points Communication with other nodes only within their transmission range Nodes farther away only reachable through other nodes by multihop routing Every node forwards traffic for other nodes Self-healing due to automatic link-failover in case of sufficiently dense coverage 3
Wireless Mesh Networks Specialized Type of Ad-hoc Network (WMN) Mesh Routers Often connected to mains Moderate to high CPU power Provide router-, gateway- and other services Mostly static locations Mesh Clients Often battery powered Low CPU power and other resource constraints Mobile devices like Notebooks, PDAs, etc. 4
Backbone Configuration Consists of mesh routers only, which may provide gateway features or other services to client networks Internet Connect several conventional (infrastructure) networks WMNs are transparent to their client networks Wireless Mesh Network Conventional routing in client networks with one of the WMN routers as their next hop Corporate Network Cellphone Network 5
Client Configuration Mesh client devices only No gateways to other networks No dedicated routers One, probably very large, ad-hoc network Wireless Mesh Network 6
Hybrid Configuration Wireless Mesh Network Clients Hybrid configurations also possible Internet Combines benefits from both backbone and client configurations Wireless Mesh Network Mesh clients reachable from outside networks Corporate Network Cellphone Network 7
Security No infrastructure Nodes added, moved or removed at any time Frequent topology changes may conceal break-ins Shared medium Eavesdroping, injecting and modifying traffic easily possible Limited physical protection Mobile and small devices Devices scattered over large areas Physical compromise is more likely 8
Security No central management Routing and route discovery done by each node Cooperation and trust relationships often assumed Attackers may broadcast routing information Resource constraints Ideal targets for DoS attacks Makes countermeasures like strong cryptography difficult 9
Selective Forwarding Malicious node drops packets of specific other nodes Droping too many nodes may lead to discovery or route changes Attackers node has to be on the routing path of the nodes to be attacked May be achieved by jamming neighbouring nodes which would normaly forward the desired traffic Selective Forwarding 10
Sinkhole Attack Attract neighbouring nodes to send their data through the attackers node May be achieved by pretending, or actually serving fast and reliable links Attacker has to participate in routing Packet flow of a large area may be influenced Attackers have the opportunity to monitor or alter a large amount of traffic, disrupt services etc. Sinkhole Attack 11
Wormhole Attack Similar effects as sinkhole attack Two nodes required with great distance in between Out-of-band channel like fast, wired connection Tunnel Tunnel exploits routing race conditions to provide fast links No routing needed, only packet capturing and replaying Wormhole Attack 12
Countermeasures Prevention of many attacks by means of authentication, confidentiality and integrity, as well as non-repudiation Usage of cryptographic systems to en/decrypt and sign messages required WMN devices limited in processing power, affecting strength of deployed crypto methods Constraints of WMN devices on storage, therefore limiting amount and size of keys 13
Crypto Systems Symmetric Crypto Systems One shared key for en-/decryption Fast encryption and decryption Pairwise secure channels between n nodes require n (n 1) 2 keys One compromised node renders all keys invalid Key distribution system needed to frequently change the keys Public Key Crypto Systems Public key for encryption, private key for decryption Slower than using symmetric keys Pairwise secure channels between n nodes require n key pairs One compromised node does not affect the others If the keys are not preinstalled, certificate authorities are needed 14
SMOCK Scalable Method Of Cryptographic Key management scheme Reduce number O(n) of keys of traditional public key system to O(log n) Improves storage usage at the cost of processing power and resilience Each node uses set of b private keys out of key pool K, but no node has complete subset of another nodes keys Encryption has to be performed using all public keys corresponding to recipients key set No certificate authority, thus preinstalling keys required 15
SMOCK Design Memory Efficiency Minimize overall number of keys stored on each node priv min K + max K i V i s.t. K i K j, K i K j i j With K the number of (public) keys and K priv i at node i from the set V of deployed nodes Computational Complexity Use as few private keys within each key set as possible priv min max K i V i s.t. K i K j, K i K j i j and K M the number of private keys With M the number of memory slots available for key storage on each node Both memory efficiency and computational complexity perform best with isometric key sets 16
SMOCK Design Resilience Requirement In case of system compromises, on average C k c x, b = k c(x) with b a b x 1 k c x = a a b distinct key sets compromised a V x a, b = C(k c x,b) P C(a,b) V x a, b is the vulnerability metric, which is the percentage of compromised connections for x compromised nodes With P the upper bound of compromised connections for x compromised nodes, a = K the number of public keys and b = K priv i the number of private keys Key Allocation Several algorithms available to optimize above equations, though always trade-offs between storage and resilience exist Finally calculation of a and b for desired parameters possible 17
Secure Communication Each node calculates an ID from its distinct key set All keys are labeled with ascending numbers Let keyid i j the i-th key held by node j Concatenate the keyids keyid 1 j keyid b j Sending this ID to another node allows it for encrypting a packet using the public keys indicated by the ID destined for the corresponding node ID is sent in clear text A node intercepting an ID could not decrypt any traffic due to lack of the required private keys Changing ID leads to the original sender not being able to decrypt the message 18
Conclusion WMNs are a promising technologie due to scalability, large coverage areas and deployment without installing costly infrastructure Their ad-hoc network nature imposes high security risks Many vulnerabilities can be prevented by means of en/decryption and authentication SMOCK is a public key crypto system which allows for large networks while still providing reasonable secure channels 19
Questions Are there any questions? Thank you for your attention. 20
References I. F. Akyildiz, X.Wang, and W.Wang. Wireless mesh networks: a survey. Computer Networks, 47(4):445-487, 2005. A. El-Mousa and A. Suyyagh. Ad hoc networks security challenges. In Systems Signals and Devices (SSD), 2010 7th International Multi-Conference on, pages 1-6, 2010. C. Karlof and D. Wagner. Secure routing in wireless sensor networks: attacks and countermeasures. In Sensor Network Protocols and Applications, 2003. Proceedings of the First IEEE. 2003 IEEE International Workshop on, pages 113-127, May 2003. S. Misra, I.Woungang, and S. C. Misra, editors. Guide to Wireless Ad Hoc Networks (Computer Communications and Networks) - Security in Wireless Ad Hoc Networks, pages 391-425. Springer, 2009. 21