Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Security and the Convergence of Wireless Standards Dr Philip Nobles

advertisement 
Security and the Convergence
of Wireless Standards
Dr Philip Nobles
P.Nobles@cranfield.ac.uk
01793 785218
Dr P Nobles
Mobile services evolution
2G
2.5G
Billions of text
messages
3
0
2
%
10
0
8
0
6
0
4
0
2
0
0
5
2
0
1
5
1
0
5
0
9
9
0
0
0
1
0
2
0
3
2.5G / 3G/WiFi
GPRS
handsets
GPRS
users
200
2
200
3
200
4
0
4
Colour content
Music
P2P
SMS
voicemai
l
2002/3
SMS
MMS
Application
s
Games
Roaming
2003/4
3G / HSDPA
Video-messaging
Business email
2004/5
G
DI
IT
AL
Video
Integrated
messaging
Consumer email
Shared content
Multiplayer
gaming
Mobile Internet
service
CRM/SAP
solutions
2005/6
CO
T
E
NT
N
Mobile TV
High quality
mobile video
Location based
services
Mobile broadband
Rich multimedia
Public service
applications
2006/7
courtesy of Mike Short (VP R&D O2)
Dr P Nobles
Wireless and mobile standards
• GSM
• 3G
• IEEE802.11 (WiFi)
• HiperLAN
• Bluetooth (?)
• WiMAX
Dr P Nobles
Security failures
• Security by obscurity doesn't work
• “A very common cause of (security) protocol
failure is that the environment changes, so that
assumptions that were originally true no longer
hold”
Ross Anderson, “Security Engineering”
Dr P Nobles
A security challenge 1980
• How do we prevent students bringing
programmable calculators into exams?
Dr P Nobles
A security challenge 2006
• How do we prevent students wearing wireless
computers in exams?
thanks to Prof Fred Piper
Dr P Nobles
GSM security
• April 1998 – University of California at Berkeley
researchers crack A5 algorithm to allow cloning
• COMP128 algorithm stored on SIM
• 2001 - Wireless application protocol (WAP)
gateway vulnerability
• Sept 2003 – Israeli researchers crack A5 and
(potentially) intercept encrypted calls
• 2005 - Spoof base stations to buy for <£10 000
Dr P Nobles
00
01
LE
AP
W
8
PA
Ci
0
sc
2.
11
o
g
80 EA
2. P-F
11
AS
ir
T
at
ifi
ed
W
PA
2
99
Ci
sc
o
80
2.
11
80 WE
2. P
11
b
cr
ac
ke
02
Ci
sc
o
LE
AP
cr
ac
ke
d
d
no
EA rt
P
vu
ln
s
Ai
rs
W
EP
WiFi security timeline
03
04
• Recent surveys found >50% of WLANs still with no
security
Dr P Nobles
802.11 Bloodhound
shmoo.com
Dr P Nobles
WiFi hotspots
• 3868 public UK hotspots
• http://www.wi-fihotspotlist.com/browse/intl/2000018/
Dr P Nobles
“Evil Twin” research in the media
Dr P Nobles
Mobile-wireless convergence
• 3G-WiFi interworking
• Authentication
• Trust when roaming
• Bluetooth
• viruses (Caribe) and trojans
Dr P Nobles
Fixed-wireless convergence
• Next generation networking (NGN)
• IP multimedia subsystem (IMS)
• VoIP and the Session initiation protocol (SIP)
Dr P Nobles
Example SIP INVITE message
INVITE sip:grenache@10.0.1.12:8394 SIP/2.0
Via: SIP/2.0/UDP
62.173.51.169:5060;branch=z9hG4bK83066;branched=FALS
E;forward-point="62.173.51.167:5060"
Record-Route: <sip:62.173.51.169:5060;lr>
Route: <sip:62.173.51.167:5060;lr>
Route: <sip:10.10.0.1:5060;lr>
Via: SIP/2.0/TLS 10.10.1.90:1042;received=62.173.51.167
Record-Route: <sip:cgpnat@62.173.51.167:1042;transport=tls;lr>
Contact:
<sip:thom@communigate.com:1042;maddr=10.10.1.90;trans
port=tls>
Max-Forwards: 69
From: "thom@communigate.com"
<sip:thom@communigate.com>;tag=8c7804f4318f4d44aae9e
31498585a9b;epid=3d0c47842d
To: <sip:grenache@communigate.com>
Call-ID: 2ddafe312aa44260b5b73477f5277515
CSeq: 1 INVITE
User-Agent: RTC/1.3
Content-Type: application/sdp
Content-Length: 776
v=0
o=- 0 0 IN IP4 10.10.1.90
s=session
c=IN IP4 62.173.51.169
b=CT:1000
t=0 0
a=mediagateway:mail.communigate.com:init528C89C32AFE52
m=audio 60000 RTP/AVP 0 3 4 5 6 8 97 101 111 112
c=IN IP4 62.173.51.169
k=base64:fchmooU0VjyhMvgu7AodbsyPOgG/6VzNKWRPa
AsEVZA
a=rtpmap:0 PCMU/8000
a=rtpmap:3 GSM/8000
a=rtpmap:4 G723/8000
a=rtpmap:5 DVI4/8000
a=rtpmap:6 DVI4/16000
a=rtpmap:8 PCMA/8000
a=rtpmap:97 red/8000
a=rtpmap:101 telephone-event/8000
a=rtpmap:112 G7221/16000
a=encryption:optional
a=fmtp:111 bitrate=16000
a=fmtp:112 bitrate=24000
a=fmtp:101 0-16
m=video 60002 RTP/AVP 31 34
c=IN IP4 64.173.55.169
k=base64:D65D88jUiVKj32chZ0brYuYYtkyLVOgW8+1zcP
H/5rQ
a=rtpmap:31 H261/90000
a=rtpmap:34 H263/90000
a=encryption:optional
courtesy of Thom O'Connor (CommuniGate)
Dr P Nobles
The digital citizen
• Podcasting
• RSS syndication
• Citizen reporting
• Scoopt, Spy Media
• Center for Citizen's Media
Dr P Nobles
Content-mobile convergence
• imode
• Mobile TV
• Content clients on mobiles
Dr P Nobles
In summary
Dr P Nobles
Questions?
Dr P Nobles
WiMAX
• Wireless metropolitan area network
• Broadband wireless access
• 10+ miles range
• IEEE802.16 and ETSI HiperMAN
• Point-to-multipoint
• <10GHz up to 66GHz
• 268Mbps
• Quality of service (QoS)
• “Wireless ISPs”
Dr P Nobles
Related documents
Scalar second
Scalar second
Download
advertisement