Wireless Unification
Theory
William Arbaugh
University of Maryland
College Park
Bureaucracy
 Speakers
please introduce yourself to me
and provide a copy of your slides to the
note taker
 Workshop should be interactive- ask
questions, answer questions
What do you want from the
Workshop?
?
Welcome!
 Program
consists of talks and discussions
 Want to focus on discussions (more to
follow)
 Goal is to identify hard research problems
and potential bureaucratic and
standardization stumbling blocks
Technical Trends






Wireless access is becoming ubiquitous and
broadband in nature
Users are become more mobile
Mobility for data access is changing from
“discrete mobility” to “continous mobility”
Base stations are cheaper with less physical
security
All of the wireless technologies have differing
authentication and access control frameworks!
Interworking
Threat
 Interworking
allows attackers to find the
“path of least resistance” and establish
“man in the middle attacks”

The network with the weakest security will be
the entry point
 Providers
will either not allow networks
with weak security to join (limit
Interworking growth) or allow it which
introduces security problems.
Workshop Goals
 How
do we tie these networks together in
a secure fashion?



Deal with legacy networks?
Deal with future networks?
Vertical/Horizontal roaming?
Technical
 Patch
work of technology
CHAP
EAP
TLS
A5
HLR
PEAP
CAVE
AES-CCM
AKA
VLR
Standardize it?
IEEE
IETF
IRTF
ISO
3GPP
WWRF
How do we do it?
I
have no idea!
 One of the main motivations for this
workshop!
Things to think about
 What
are the research questions?
 What are the problems?



Standardization problems
Technical problems
Policy problems
Technical Overview
 IEEE
802.1x
 EAP
 Roaming
IEEE 802.1x
 Provides
access control and key
distribution method to AP/base station
 Centralized authentication
 Uses EAP
Dual Port Model
LAN
Authenticator System
Port unauthorized
Controlled Port
Client / Supplicant
Uncontrolled Port
Access Point
Access
Server
Trust Relationships
EAP method
Possibly via
RADIUS shared
secret
Note: I am using trust here loosely since only
a security association is established.
Trust Relationships
EAP method
Transitively derived
Possibly via
RADIUS shared
secret
Note: I am using trust here loosely since only
a security association is established.
Trust Relationships
 Note
that the client and the AP/Base
station have no direct trust relationship
 It is derived transitively if and only if the
infrastructure establishes a trust relation
between the AP and the RADIUS server
EAP Session
Supplicant
Authenticator
EAP REQUEST/IDENTITY
Authentication
Server
EAP RESPONSE/IDENTITY (MyID)
EAP REQUEST/OTP, OTP Challenge
EAP RESPONSE/OTP, OTP PW
EAP Success
Port authorized
EAP Authentication
 Authentication
may not be mutual
 Loss of anonymity due to identity request
 What are you authenticating?



User?
Device?
Do we need both?
Roaming Challenges
 What
is equivalent security?
 Hand-off’s between differing physical and
MAC layers in under 30ms?


Soft hand-over easy at layers 2 and below but
more difficult at layer 3 and above
Hard hand-over just plain hard
 Some
authentication methods are
complex, compute intensive, and take too
long
What did I miss?