security and the convergence of wireless standards
Post on 12-Sep-2021
3 Views
Preview:
TRANSCRIPT
Dr P Nobles
Security and the Convergenceof Wireless Standards
Dr Philip Nobles
P.Nobles@cranfield.ac.uk01793 785218
Dr P Nobles
Mobile services evolution
2G 2.5G 2.5G / 3G/WiFi 3G / HSDPA
P2PSMS
voicemail
SMSApplication
sRoaming
Colour contentMusicMMS
GamesVideo-messagingBusiness email
VideoIntegratedmessaging
Consumer emailShared content
Multiplayer gaming
Mobile Internet service
CRM/SAP solutions
Mobile TV
High qualitymobile video
Location based services
Mobile broadband
Rich multimedia
Public service applications
2003/4 2004/5 2006/72005/62002/3
D I G I T A L C O N T E N
T0
40
80
100
20
60
%
2002
2004
2003
GPRS handsets
GPRS users
Billions of text messages
05
10
15
20
25
30
99
00
01
02
03
04
courtesy of Mike Short (VP R&D O2)
Dr P Nobles
Wireless and mobile standards
• GSM
• 3G
• IEEE802.11 (WiFi)
• HiperLAN
• Bluetooth (?)
• WiMAX
Dr P Nobles
Security failures
• Security by obscurity doesn't work
• “A very common cause of (security) protocol failure is that the environment changes, so that assumptions that were originally true no longer hold”Ross Anderson, “Security Engineering”
Dr P Nobles
A security challenge 1980
• How do we prevent students bringing programmable calculators into exams?
Dr P Nobles
A security challenge 2006
• How do we prevent students wearing wireless computers in exams?
thanks to Prof Fred Piper
Dr P Nobles
GSM security
• April 1998 – University of California at Berkeley researchers crack A5 algorithm to allow cloning
• COMP128 algorithm stored on SIM
• 2001 - Wireless application protocol (WAP) gateway vulnerability
• Sept 2003 – Israeli researchers crack A5 and (potentially) intercept encrypted calls
• 2005 - Spoof base stations to buy for <£10 000
Dr P Nobles
WiFi security timeline
• Recent surveys found >50% of WLANs still with no security
802.
11 W
EP80
2.11
b
WEP
cra
cked
Airs
nort
EAP
vuln
s99 00 01 02 03 04
Cisc
o LE
APW
PA80
2.11
gCi
sco
LEAP
cra
cked
Cisc
o EA
P-FA
ST
802.
11i r
atifi
edW
PA2
Dr P Nobles
802.11 Bloodhound
shmoo.com
Dr P Nobles
WiFi hotspots
• 3868 public UK hotspots• http://www.wi-fihotspotlist.com/browse/intl/2000018/
Dr P Nobles
“Evil Twin” research in the media
Dr P Nobles
Mobile-wireless convergence
• 3G-WiFi interworking• Authentication• Trust when roaming
• Bluetooth• viruses (Caribe) and trojans
Dr P Nobles
Fixed-wireless convergence
• Next generation networking (NGN)
• IP multimedia subsystem (IMS)
• VoIP and the Session initiation protocol (SIP)
Dr P Nobles
Example SIP INVITE messageINVITE sip:grenache@10.0.1.12:8394 SIP/2.0Via: SIP/2.0/UDP 62.173.51.169:5060;branch=z9hG4bK83066;branched=FALSE;forward-point="62.173.51.167:5060"Record-Route: <sip:62.173.51.169:5060;lr>Route: <sip:62.173.51.167:5060;lr>Route: <sip:10.10.0.1:5060;lr>Via: SIP/2.0/TLS 10.10.1.90:1042;received=62.173.51.167Record-Route: <sip:cgp-nat@62.173.51.167:1042;transport=tls;lr>Contact: <sip:thom@communigate.com:1042;maddr=10.10.1.90;transport=tls>Max-Forwards: 69From: "thom@communigate.com" <sip:thom@communigate.com>;tag=8c7804f4318f4d44aae9e31498585a9b;epid=3d0c47842dTo: <sip:grenache@communigate.com>Call-ID: 2ddafe312aa44260b5b73477f5277515CSeq: 1 INVITEUser-Agent: RTC/1.3Content-Type: application/sdpContent-Length: 776
v=0o=- 0 0 IN IP4 10.10.1.90s=sessionc=IN IP4 62.173.51.169b=CT:1000
t=0 0a=mediagateway:mail.communigate.com:init-528C89C32AFE52m=audio 60000 RTP/AVP 0 3 4 5 6 8 97 101 111 112c=IN IP4 62.173.51.169k=base64:fchmooU0VjyhMvgu7AodbsyPOgG/6VzNKWRPaAsEVZAa=rtpmap:0 PCMU/8000a=rtpmap:3 GSM/8000a=rtpmap:4 G723/8000a=rtpmap:5 DVI4/8000a=rtpmap:6 DVI4/16000a=rtpmap:8 PCMA/8000a=rtpmap:97 red/8000a=rtpmap:101 telephone-event/8000a=rtpmap:112 G7221/16000a=encryption:optionala=fmtp:111 bitrate=16000a=fmtp:112 bitrate=24000a=fmtp:101 0-16m=video 60002 RTP/AVP 31 34c=IN IP4 64.173.55.169k=base64:D65D88jUiVKj32chZ0brYuYYtkyLVOgW8+1zcPH/5rQa=rtpmap:31 H261/90000a=rtpmap:34 H263/90000a=encryption:optional
courtesy of Thom O'Connor (CommuniGate)
Dr P Nobles
The digital citizen
• Podcasting• RSS syndication
• Citizen reporting• Scoopt, Spy Media• Center for Citizen's Media
Dr P Nobles
Content-mobile convergence
• imode
• Mobile TV
• Content clients on mobiles
Dr P Nobles
In summary
Dr P Nobles
Questions?
Dr P Nobles
WiMAX
• Wireless metropolitan area network
• Broadband wireless access
• 10+ miles range
• IEEE802.16 and ETSI HiperMAN
• Point-to-multipoint
• <10GHz up to 66GHz
• 268Mbps
• Quality of service (QoS)
• “Wireless ISPs”
top related