![Page 1: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/1.jpg)
UCLouvain - BelgiumIP Networking Lab - http://inl.info.ucl.ac.be
Damien LEROY
BELNET Security Conference - April 30th, 2009
Using tunnels and three party authentication to
improve roaming security
Supported by the Walloon Region
![Page 2: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/2.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labContent
(I) Introduction to WiFi Roaming
(II) Remote authentication : risks for the visited network
(III) Security risks for the mobile user
(IV) Solutions based on VPN
(V) ALAWN project
2
![Page 3: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/3.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labContent
(I) Introduction to WiFi Roaming
(II) Remote authentication : risks for the visited network
(III) Security risks for the mobile user
(IV) Solutions based on VPN
(V) ALAWN project
3
![Page 4: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/4.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
F
“WiFi Roaming”
4
HInternet
![Page 5: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/5.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
F
“WiFi Roaming”
4
HInternet
![Page 6: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/6.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
F
“WiFi Roaming”
4
HInternet
![Page 7: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/7.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labScenario 1 : Open WiFi Access
5
H
F
Internet
![Page 8: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/8.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labScenario 1 : Open WiFi Access
5
H
F
Internet
![Page 9: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/9.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labScenario 1 : Open WiFi Access
6
F
HInternet
ILLEGAL ACTIVITIES
![Page 10: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/10.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
F
Scenario 1 : Open WiFi Access
7
HInternet
?
!!!!!!
!!!!!!
![Page 11: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/11.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labScenario 2 : Temporary credentials
8
H
F
Internet
Auth.
server
tempusername+
![Page 12: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/12.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labScenario 3 : Remote authentication
9
H
F
Internet
user: smith@H-Networkpasswd : in H
Auth.
server
Auth.
server
![Page 13: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/13.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labScenario 3 : Remote authentication
9
H
F
Internet
user: smith@H-Networkpasswd : in H
Auth.
server
Auth.
server
Auth.
server
![Page 14: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/14.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labContent
(I) Introduction to WiFi Roaming
(II) Remote authentication : risks for the visited network
(III) Security risks for the mobile user
(IV) Solutions based on VPN
(V) ALAWN project
10
![Page 15: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/15.jpg)
Authenticated Wireless Roaming via Tunnels: Making Mobile Guests Feel at Home
M. Manulis, D. Leroy, F.K., O.B., JJ.Q.UCL Belgium, March 2009
IP networking labThe Eduroam Project
eduroamEurope
eduroamAPAN
CSC
CSC
UNINETT
SUNET
UNI!C
EENet
LANET
LITNET
TERENA
SURFnetUKERNA
HEAnet
BELNETRESTENA
RENATER
FCCN
DFN
GARR
ARNES
CESNET
ACOnet
PIONIER
SWITCH
CARNet
BREN
HUNGARNET
RoEduNet
GRNET
RHnet
European Root
RedIRIS
CYNET
AARNet
NCHCUESTC
APAN Root
NRENs that have joined
NRENs that are in the process of joining
PolyU
NII
![Page 16: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/16.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
Authentication within Eduroam
12
Stockholms universitet
Internet
SU SUuser: [email protected]
RADIUS
server
SwedishAuthority
BelgianAuthority
IEEE802.1XTTLS+PAP
RADIUS
server
RADIUS
serverRADIUS
server
![Page 17: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/17.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
Roaming with Eduroam
13
Stockholms universitet
Internet
user: [email protected] SU
RADIUS
server
RADIUS
server
![Page 18: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/18.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
Roaming with Eduroam
13
Stockholms universitet
Internet
http://www.swedbank.se/
user: [email protected] SU
RADIUS
server
RADIUS
server
![Page 19: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/19.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
Roaming with Eduroam
13
Stockholms universitet
Internet
user: [email protected] SU
RADIUS
server
RADIUS
server
![Page 20: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/20.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
User abuse : Access to illegal data
14
Stockholms universitet
Internet
SU SU
Auth.
server
Auth.
server
user: [email protected]
ILLEGAL ACTIVITIES
![Page 21: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/21.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
Auth.
server
User abuse : Access to illegal data
15
Stockholms universitet
Internet
!!!!!!
!!!!!!
SU SU
Auth.
server
SwedishAuthority
Auth.
server
BelgianAuthority
Auth.
server
![Page 22: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/22.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
Auth.
server
User abuse : Attack on the Internet
16
Stockholms universitet
InternetSPAM
SPAM
SPAM
SPAM
SPAM
SU SU
user: [email protected]
Auth.
server
![Page 23: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/23.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Score each mail based on :
How do spam filters work ?
๏ Content : “viagra”, “diploma”, “free videos”, ...
๏ “Packaging” :Large images, lots of receivers, ...
๏ Well known spam-sender (often attacked hosts)Based on shared databases
17
![Page 24: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/24.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Score each mail based on :
How do spam filters work ?
๏ Content : “viagra”, “diploma”, “free videos”, ...
๏ “Packaging” :Large images, lots of receivers, ...
๏ Well known spam-sender (often attacked hosts)Based on shared databases
17
high score -> mark as spam
![Page 25: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/25.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Score each mail based on :
How do spam filters work ?
๏ Content : “viagra”, “diploma”, “free videos”, ...
๏ “Packaging” :Large images, lots of receivers, ...
๏ Well known spam-sender (often attacked hosts)Based on shared databases
17
high score -> mark as spam
![Page 26: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/26.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
How are these databases built up?
How do spam filters work ?
๏ Based on previous “mass spam” activities
๏ Based on IP addresses of senders
๏ Open databases
18
![Page 27: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/27.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
Auth.
server
User abuse : Attack on the Internet
19
Stockholms universitet
InternetSPAM
SPAM
SPAM
SPAM
SPAM
SU SU
user: [email protected]
Auth.
server
![Page 28: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/28.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
Auth.
server
User abuse : Attack on the Internet
19
Stockholms universitet
InternetSPAM
SPAM
SPAM
SPAM
SPAM
SU SU
user: [email protected]
Auth.
server
In PYZOR database : add 130.104.*.* (=UCL)
![Page 29: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/29.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
Auth.
server
User abuse : Attack on the Internet
20
Stockholms universitet
Internet
PYZOR database : ...130.104.*.* (=UCL)...
UCLUCL
UCL
UCL
SU SU
Auth.
server
![Page 30: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/30.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labAccess control based on IP
๏ Some services (e.g., website) have their access control based on source IP.
‣ Digital libraries
‣ Intranet
‣ ...
๏ The mobile user will have access to these services ! (more complex filtering could be added)
21
![Page 31: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/31.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Summary
Security risks for visited network
22
Open WiFi Temp. cred. Remote auth.
User authentication
Administrative cost
Ease of use (for user)
Blacklisting based on IP
Access based on IP
Attack on the infrastruct.
![Page 32: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/32.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labContent
(I) Introduction to WiFi Roaming
(II) Remote authentication : risks for the visited network
(III) Security risks for the mobile user
(IV) Solutions based on VPN
(V) ALAWN project
23
![Page 33: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/33.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
F
H
Stealing credentials
24
Internet
user: [email protected]
RADIUS
server
3rd partyAuthority
IEEE802.1XTTLS+PAP
RADIUS
server
RADIUS
server
![Page 34: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/34.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
F
H
Pharming
25
Internet
http://www.google.com
SU SU
http://www.google.com
![Page 35: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/35.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
F
H
Sniffing
26
Internet
SU SU
RADIUS
server
![Page 36: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/36.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
F
H
Fake Access Point
27
Internet
SU SU
user: [email protected]
RADIUS
server
IEEE802.1XTTLS+PAP
RADIUS
server
SSID:EDUROAM
![Page 37: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/37.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
F
H
Fake Access Point
27
Internet
SU SU
user: [email protected]
RADIUS
server
IEEE802.1XTTLS+PAP
RADIUS
server
SSID:EDUROAM
![Page 38: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/38.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
F
H
Fake Access Point
27
Internet
SU SU
user: [email protected]
RADIUS
server
IEEE802.1XTTLS+PAP
RADIUS
server
SSID:EDUROAM
It is able to :• steal cred.• do pharming• sniff traffic
![Page 39: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/39.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labSecurity risks for F and M
28
Open WiFi Temp. cred. Remote auth.
User authenticationAdministrative cost for F
Ease of use (for user)Blacklisting based on IP
Access based on IPAttack on the infrastruct.
F maliciousFake access point
![Page 40: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/40.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labContent
(I) Introduction to WiFi Roaming
(II) Remote authentication : risks for the visited network
(III) Security risks for the mobile user
(IV) Solutions based on VPN
(V) ALAWN project
29
![Page 41: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/41.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
VPN
30
Stockholms universitet
Internet
SU SU
For the user : via username/pwd (or certificate)
For the home network : via certificate or no auth (cert must be distributed !)
VPN server
authentication
![Page 42: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/42.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
VPN
30
Stockholms universitet
Internet
SU SU
For the user : via username/pwd (or certificate)
For the home network : via certificate or no auth (cert must be distributed !)
VPN server
authentication
![Page 43: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/43.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
VPN
31
Stockholms universitet
Internet
SU SU
VPN server
http://ww
w.sw
edbank.se/
![Page 44: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/44.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
VPN
31
Stockholms universitet
Internet
SU SU
VPN server
http://www.swedbank.se/
http://ww
w.sw
edbank.se/
![Page 45: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/45.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Yes because :
VPN, a solution for previous issues ?
๏ The requests are sent with the IP address of the home network
๏ If M sends spam over the Internet, only his home network is blamed
๏ It protects the user from a malicious visited network
32
![Page 46: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/46.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Yes but :
VPN, a solution for previous issues ?
๏ Only authentication between H and M :
‣ F does not authenticate / know M and H
‣ M does not always check H auth (F can do pharming)
๏ On user’s demand
‣ If M wants to meet some security goals
‣ F cannot force M to create VPN to H
33
![Page 47: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/47.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
The previous table, updated
VPN, a solution for previous issues ?
34
Remote auth. VPN
User authentication (by F)Administrative cost for F
Ease of use (for user)Blacklisting based on IP
Access based on IPAttack on the infrastruct.
F maliciousFake access point
![Page 48: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/48.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
How ?
Combining IEEE802.1X and VPN
๏ Firewall of F blocks everything
๏ User connects with his credentials for IEEE802.1X
๏ F opens the VPN port as destination port, only from this user, and to its home network (inferred from IEEE802.1X)
35
![Page 49: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/49.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Using both IEEE802.1X and VPN to reach security goals is possible. But :
Combining IEEE802.1X and VPN
๏ Need both infrastructures
๏ Once the user is authenticated, how the tunnel is forced to H ?
‣ Filtering based on IEEE8021.X decision ?
๏ Two init phases can take some time (few seconds) to succeed
36
![Page 50: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/50.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labContent
(I) Introduction to WiFi Roaming
(II) Remote authentication : risks for the visited network
(III) Security risks for the mobile user
(IV) Solutions based on VPN
(V) ALAWN project
37
![Page 51: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/51.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Some words about the project
The ALAWN project
๏ A Walloon Region project
๏ In collaboration with :
‣ CRID (Research Centre on IT and Law - FUNDP - Namur)
‣ Crypto Group - UCL
‣ IP Networking Lab - UCL
38
![Page 52: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/52.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
The proposal - Step 1
39
Stockholms universitet
Internet
SU SU
RADIUS
server
RADIUS
server
RADIUS
server
RADIUS
server
3-party
crypto authentication
& key exchange
![Page 53: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/53.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
The proposal - Step 2
40
Stockholms universitet
Internet
SU SU
RADIUS
server
RADIUS
server
RADIUS
server
RADIUS
server
![Page 54: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/54.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
The proposal - Step 2
40
Stockholms universitet
Internet
SU SU
RADIUS
server
RADIUS
server
RADIUS
server
RADIUS
server
![Page 55: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/55.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
The proposal
41
Stockholms universitet
Internet
SU SU
http://www.swedbank.se/
http
://www.sw
edban
k.se/
RADIUS
server
![Page 56: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/56.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Goals for the protocol
Remote Auth. and Key Exchange (RAKE)
๏ Authentication between M, H and F
๏ Key exchange
๏ (Negotiation of session parameters)
42
![Page 57: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/57.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Authentication
S
Security Goals
43
H
FM
![Page 58: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/58.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Authentication
S
Security Goals
๏ H must authenticate M as one of the registered mobile devices
๏ M must authenticate H as its home network
43
H
FM
![Page 59: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/59.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Authentication
S
Security Goals
๏ H must authenticate M as one of the registered mobile devices
๏ M must authenticate H as its home network
43
H
FM
๏ F must authenticate H as a roaming partner
๏ H must authenticate F as a roaming partner
![Page 60: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/60.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Authentication
S
Security Goals
๏ H must authenticate M as one of the registered mobile devices
๏ M must authenticate H as its home network
43
H
FM
๏ F must authenticate H as a roaming partner
๏ H must authenticate F as a roaming partner
๏ F trusts H to correctly authenticate M
๏ M trusts H to correctly authenticate F
![Page 61: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/61.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Key establishment
S
Security Goals
44
H
FM
๏ Protection of communication between M, H and F
➡ KT (tunnel key)
๏ End-to-end protection
➡ KM,H (end-to-end key)
KM,H; KT
KM,H; KT
KT
![Page 62: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/62.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
KT, the key shared between H-F-M
What are the keys used for ?
๏ To infer the key used for “wireless” communication
๏ To negotiate connection parameters (when it stops, accounting, mobility, ...)
45
![Page 63: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/63.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
KM,H, the key shared between H and M
What are the keys used for ?
๏ For fully-encrypting the communication between M and H
๏ To negotiate connection parameters that should not be known/modified by F, shared between H and M
46
![Page 64: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/64.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Additional constraints
RAKE protocol
๏ RTT should be as low as possible
๏ The mobile device should not do “hard computation”
47
![Page 65: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/65.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labThe protocol in itself (simplified)
48
SU SUAuth.
server
M FAuth.
server
HF|rF
M|rM|H
Internet
F|rF|M|rM
sid=F|rF|M|rM|H|rH
kt=PRFkM(0,sid)X=EncekF(kt)
μH=MACαM(0,sid)
rH|X|μH|σH(∗)kt=DecdkF(X)rH|μH
kt=PRFkM(0,sid)KT =PRFkt(1,sid)KM,H = PRFkM(2,sid)μM=MACαM(1,sid)
μMKT =
PRFkt(1,sid)μM,σF(∗)
KT =PRFkt(1,sid)KM,H = PRFkM(2,sid)
![Page 66: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/66.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labThe protocol in itself
๏ A full security model has be defined
๏ Protocol has been proved
๏ For the ones interested in details : M. Manulis, D. Leroy, F. Koeune, O. Bonaventure and J.-J. Quisquater,
Authenticated Wireless Roaming via Tunnels: Making Mobile Guests Feel at Home, Proceedings of the ACM Symposium on
Information, Computer and Communications Security (ASIACCS 2009),
Sydney, Australia, March 2009
49
![Page 67: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/67.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Additional constraints, results
RAKE protocol
๏ RTT should be as low as possible
๏ The mobile device should not do “hard computation”
50
![Page 68: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/68.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
The proposal
51
Stockholms universitet
Internet
SU SU
RADIUS
server
RADIUS
server
![Page 69: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/69.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
The proposal
51
Stockholms universitet
Internet
SU SU
RADIUS
server
RADIUS
server
![Page 70: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/70.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labWhy using a tunnel ?
๏ Tunnel from F to H is not encrypted, it is only used to permit M to send packet to his home network
๏ Technical interests have been shown at the beginning of the presentation
๏ We showed with CRID that it also has legal advantages : R. Robert, M. Manulis, F. De Villenfagne, D. Leroy, J. Jost, F. Koeune, C. Ker, J.-M. Dinant, Y. Poullet, O. Bonaventure, and J.-J. Quisquater, WiFi Roaming: Legal Implications and Security Constraints, Int. J. of Law and Information Technology 2008 16: 205-241
52
![Page 71: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/71.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labTechnical choices
๏ The RAKE protocol :
‣ Extending IEEE802.1X (EAP)
๏ The tunnel :
‣ Use a L2TP tunnel
๏ Encryption between H and M :
‣ Optional
‣ Using IPSec (ESP)
53
![Page 72: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/72.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labExtending 802.1X for RAKE
๏ IEEE802.1X is now widely used
๏ It uses EAP (the Extensible Authentication Protocol) for authentication
๏ EAP can be easily extended
54
![Page 73: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/73.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
How does IEEE802.1X work ?
Extending 802.1X for RAKE
55
RADIUS
server
physical layer connection PORTBLOCKED
EAP start
EAP-request identity
![Page 74: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/74.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
How does IEEE802.1X work ?
Extending 802.1X for RAKE
55
RADIUS
server
physical layer connection PORTBLOCKED
EAP start
EAP-request identity
EAP-response identity : dleroy
(in RADIUS packet)EAP-response identity : dleroy
![Page 75: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/75.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
How does IEEE802.1X work ?
Extending 802.1X for RAKE
55
RADIUS
server
physical layer connection PORTBLOCKED
EAP start
EAP-request identity
EAP-response identity : dleroy
(in RADIUS packet)EAP-response identity : dleroy
EAP requests/responses following the EAP method
![Page 76: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/76.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
How does IEEE802.1X work ?
Extending 802.1X for RAKE
55
RADIUS
server
physical layer connection PORTBLOCKED
EAP start
EAP-request identity
EAP-response identity : dleroy
(in RADIUS packet)EAP-response identity : dleroy
EAP requests/responses following the EAP method
EAP-success EAP-success PORTOPEN
![Page 77: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/77.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
How does IEEE802.1X work ?
Extending 802.1X for RAKE
55
RADIUS
server
physical layer connection PORTBLOCKED
EAP start
EAP-request identity
EAP-response identity : dleroy
(in RADIUS packet)EAP-response identity : dleroy
EAP requests/responses following the EAP method
EAP-success EAP-success PORTOPEN
Ethernet or WiFi (keys derived from previous negotiations)
![Page 78: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/78.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
We have implemented it
Extending 802.1X for RAKE
๏ In “Host AP” project (hostapd & wpa_supplicant)
๏ An open-source implementation
๏ hostapd works with most Linux & BSD drivers
๏ wpa_supplicant works with most Linux, BSD & Windows drivers
56
![Page 79: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/79.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labExtending 802.1X for RAKE
๏ In next months, we would like to test it in real situations
๏ With hostap :
‣ On laptop and mobile devices
‣ On access point (on OpenWRT OS)
‣ On basic Linux server
๏ If you want to test the protocol in your network in a few months... please ask us
57
![Page 80: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/80.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
Tunnel between F and H
58
Stockholms universitet
Internet
SU SU
RADIUS
server
RADIUS
server
![Page 81: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/81.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
Tunnel between F and H
58
Stockholms universitet
Internet
SU SU
RADIUS
server
RADIUS
server
![Page 82: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/82.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
A L2TP tunnel
Tunnel between F and H
๏ The AP acts as layer 2 bridge
๏ Advantages:‣ Even the IP address is allocated by H
‣ Do not have to rely on F technical config (e.g., IPv4/v6)
‣ Less security risks for F
‣ Transparent for M (the host and the user)
59
![Page 83: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/83.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labOn Expected Increase of Latencies
๏ For each request, a RTT “H-F” is added
60
‣ City : 30-60ms for residential hosts (3-4ms for well-connected hosts) [LP03]
‣ Country (USA): <150ms [LP03]
‣ Intercontinental : <250ms for 90% residential [DHGS07]
๏ ITU-T recommendations: one-way latency <400ms may be acceptable (e.g., VoIP)
S
![Page 84: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/84.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
Encryption between M and H
61
Stockholms universitet
Internet
SU SU
![Page 85: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/85.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labEncryption between M and H
๏ Kept optional (negotiated)
๏ Using KM,H (only known by M and H)
๏ Encryption method negotiated
‣ more suitable : IPSec ESP in tunnel mode
62
![Page 86: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/86.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labComparison with previous solutions
63
Remote auth. VPN RAKE
User authentication (by F)Administrative cost for F
Ease of use (for user)Blacklisting based on IP
Access based on IPAttack on the infrastruct.
F maliciousFake access point
![Page 87: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/87.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Constraints
Summary on our proposal
✓ The tunnel increases the latency for some destinations
✓ The partnership has to be decided earlier
✓ Need (light) modifications of host, AP or the egress router, and authentication server.
64
![Page 88: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/88.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Advantages
Summary on our proposal
✓ If the user sends spam, the user’s home network is blamed (and blacklisted), not the visited network
✓ Visited network does not care about the user activities
✓ Traffic can be encrypted
65
![Page 89: Supported by the party authentication to improve roaming](https://reader034.vdocuments.net/reader034/viewer/2022052306/6289503afa64e702d05e748e/html5/thumbnails/89.jpg)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Advantages
Summary on our proposal
✓ Tunnel is initiated (and forced) by F and H, not by the user
✓ H does verify F authentication (>< TTLS)
✓ Same services as “at home”
66