security solutions in the wireless deployable network system, 6th ... · pdf filethe wireless...
TRANSCRIPT
Defence and Communications SystemsThe EADS Systems House
© EADS 2004 – All rights reserved
Security Solutions in the WIreless DEployable Network System,
6th December 2004
www.widens.org
Defence and Communications Systems
© EADS 2004 – All rights reserved
�WIDENS Presentation
• Ad hoc networks Security
• Attacks on Routing Protocols
• Secure the OLSR Protocol
• Key Infrastructure evaluation
• Work status
Defence and Communications Systems
© EADS 2004 – All rights reserved
WIDENS context
• Submitted in the 6th Framework Program
• WIDENS objectives : to specify and implement an ad hoc network based on WLAN
• Applications : Future Public safety, emergency and disaster situations
• Offered services : voice, data and video with an emphasis on voice � QoS constraints
• Interoperability with existing core networks and present private mobile radio systems (TETRA and TETRAPOL)
Defence and Communications Systems
© EADS 2004 – All rights reserved
WIDENS context
• Support to the joint ETSI/TIA standardization initiative MESA (Mobile Broadband for Emergency and Safety Applications).
• Started on February 2004
Defence and Communications Systems
© EADS 2004 – All rights reserved
The WIDENS system different phases
ConfigurationPhase
OperationalPhase
InterventionAnalysis
Phase
����
����
����
Step 1 : Terminodes Configuration Enforcement
Step 2 : WIDENS System Deployment
Response ActivitiesOptional : Logs & Intervention Analysis
Terminodes Configurations Identification
DeploymentPhase
����
Defence and Communications Systems
© EADS 2004 – All rights reserved
WIDENS Technological choices
• 802.11
• Routing Protocol– OLSR– Implementation: Unik OLSR Daemon
• Linux 2.4.x
• XORP (eXtensible Open Router Platform). www.xorp.org
• IPv4
Defence and Communications Systems
© EADS 2004 – All rights reserved
• WIDENS Project
�Ad hoc networks Security
• Attacks on Routing Protocols
• Secure the OLSR Protocol
• Key Infrastructure evaluation
• Work status
Defence and Communications Systems
© EADS 2004 – All rights reserved
Ad hoc Networks
• No preexisting infrastructure.
• All hosts are mobile.
• Hosts communicate via wireless links (radio channels).
• Hosts cooperate to route packets within the network.
���� Routing is essential
Defence and Communications Systems
© EADS 2004 – All rights reserved
Security services at OSI Layers
Physical
Data Link
Network
Transport
Session
Presentation
ApplicationKey ManagementKey Management
Routing ProtocolRouting Protocol
Voice and DataVoice and Data
RadioRadio
Members authentication
Group authenticationAnd confidentiality
Confidentiality
Defence and Communications Systems
© EADS 2004 – All rights reserved
• WIDENS Project
• Ad hoc networks Security
�Attacks on Routing Protocols
• Secure the OLSR Protocol
• Key Infrastructure evaluation
• Work status
Defence and Communications Systems
© EADS 2004 – All rights reserved
Attacks on ad-hoc routing protocols
• Black Hole: A malicious node advertise itself as having the shortest path.
– DoS attack– Man in the middle– Corrupt packets
• Rushing Attack: An attacker disseminates RREQ quickly throughout the network suppressing any later legitimate RREQ.
– DoS
• Spoofing / Impersonation: The attacker assumes the identity of another node.
– DoS attack– Packet modification, corruption
Defence and Communications Systems
© EADS 2004 – All rights reserved
Attacks on ad-hoc routing protocols
• Routing table overflow: An attacker attempts to create routes to non-existent nodes � prevent new routes to be created
– DoS
• Location disclosure: Reveal locations of nodes or the structure of the network.
• Wormhole: Several malicious nodes colludes to form a tunnel between them. An attacker records packets at one location in thenetwork and tunnels them to a remote attacker who plays the recorded packets.
– DoS (disrupt routing or create routing loop)– Man in the Middle– Unable to find routes longer than 1 or 2 hops
Defence and Communications Systems
© EADS 2004 – All rights reserved
• WIDENS Project
• Ad hoc networks Security
• Attacks on Routing Protocols
�Secure the OLSR Protocol
• Key Infrastructure evaluation
• Work status
Defence and Communications Systems
© EADS 2004 – All rights reserved
WIDENS routing protocol: OLSR
All neighbours retransmit Only MPR retransmit
Defence and Communications Systems
© EADS 2004 – All rights reserved
OLSR security extensions
• Reference: “Securing the OLSR protocol”, Cedric Adjih, Thomas Clausen, Philippe Jacquet, Anis Laouiti, Paul Mühlethaler, Daniele Raffo, INRIA Rocquencourt.
• Based on packet timestamps and packet signatures– Timestamps methods
· Real-time clock + synchronization· Non-volatile timestamp � internal counter· Timestamp exchange protocol � 3-step handshake
– Public key acquisition methods :· Proactive � authorities periodically distribute public keys· Reactive � usage of “key request”/”key reply” messages
Defence and Communications Systems
© EADS 2004 – All rights reserved
SOLSR Analysis
• Packet signature with a pre-shared key
Security impacts:� Group authentication and integrity� If a node is compromised, the whole group is compromised� Key renewal is needed
Processing impacts:� Signature and validation at each hop� Symmetric signature
Network overhead impacts:� Only one signature per packet
Defence and Communications Systems
© EADS 2004 – All rights reserved
SOLSR Analysis
� Asymmetric signature � processing overhead and certificate
storage needed.
� Signature at source and
validation on each hop
� One signature / message
� Several signatures / packet
� Signature and validation on
each hop
� Only 1 signature / packet
Performance
impacts
� Provides Message
authentication and integrity
� Packet header and mutable
fields not signed
� All information signed
� Compromised node can
falsify TC messages
� Node Authentication
� Source IP Anti-spoofing
Security
Impacts
Message SignaturePacket SignatureX 509
Defence and Communications Systems
© EADS 2004 – All rights reserved
SOLSR Improvements
• We are implementing Message Signature with X.509 certificate– Coupled with IDS, it would be easy to exclude misbehaving nodes
• Unik OLSR daemon is the reference implementation– Development of a Security plug-in
• Usage of a certificate cache in order to minimize certificate requests– Mean size of a X.509 certificate: 700 bytes– Storage size needed for 200 X.509 certificate: 140 kb
� Could be implemented in all equipments
• TODO: – Performances to be tested and to be simulated (NS-2)– Optimise Certificate size (ECC and minimal informations)
Defence and Communications Systems
© EADS 2004 – All rights reserved
OLSR attacks risk mitigation
��������Location disclosure
��������Routing table overflow
��������Spoofing
��������Rushing
≈≈≈≈����Wormhole
��������Black Hole
SOLSROLSRAttacks
Defence and Communications Systems
© EADS 2004 – All rights reserved
• WIDENS Project
• Ad hoc networks Security
• Attacks on Routing Protocols
• Secure the OLSR Protocol
�Key Infrastructure evaluation
• Work status
Defence and Communications Systems
© EADS 2004 – All rights reserved
Key Infrastructure evaluation
� Fine grained management of users rights
� Possibility of finding routes with a given level of
confidence
� Model difficult to deploy
X.509v4 / PMI
� Unusual model approach
� Non standard way to
represents certificate
� No global key/name
binding
SPKI
Achieved
Security
Usage &
Configuration
� PKI services always
available
� RSA signature
scheme can be
easily distributed
� Not easy to set
design parameters
� No DSA and
ECDSA signature
schemes
Fully Distributed PKI
Defence and Communications Systems
© EADS 2004 – All rights reserved
Key Infrastructure evaluationW
orks & S
tatus
Processing Tim
e &
Netw
ork Overhead
� Status of RFC2692 and
RFC2693 still
“Experimental”
� Intel project CDSA
� Proof of authorization
required many certificates
� Certificate chain discovery
and reduction processes
are complex.
SPKI
� PMI rely on a traditional
PKI
� A small validity
period increase
network overhead
� ITU-T works on draft
paper of X.509
recommendation
� RFC3281 status:
“Proposed Standard”
� Not standardized
� Complex certificates
chain verifications
� Issuance of
certificates increase
processing time
X.509v4 / PMIFully Distributed PKI
Defence and Communications Systems
© EADS 2004 – All rights reserved
• WIDENS Project
• Ad hoc networks Security
• Attacks on Routing Protocols
• Secure the OLSR Protocol
• Key Infrastructure evaluation
�Work status
Defence and Communications Systems
© EADS 2004 – All rights reserved
Work Status
• For the WIDENS project a global solution will be proposed covering the key infrastructure and the security of the routing protocol.
• Routing– Security extensions to OLSR
• Authentication / Authorisation– Distributed PKI could be used
· Hard to customize and limited to RSA keys.– PMI and SPKI are not adapted to secure the routing protocol.
· SPKI has an unusual approach and is not widely used.· PMI needs a PKI
� Generate too much overhead for routing
Defence and Communications Systems
© EADS 2004 – All rights reserved
Work Status: Remaining work
• Implementation and simulation results.
• Studies about secured group communications– What is a group and how to create it.
· Procedures· Cryptographic elements· Wireless configuration
– How to merge groups · From the same organisation· From different organisations
Defence and Communications Systems
© EADS 2004 – All rights reserved
References
• Optimized Link State Routing. RFC3626, October 2003
• Unik OLSR Daemon: www.olsr.org
• “Securing the OLSR protocol”, Cedric Adjih, Thomas Clausen, Philippe Jacquet, Anis Laouiti, Paul Mühlethaler, Daniele Raffo, INRIA Rocquencourt.
• “Adaptive Security for Multi-layer Ad-hoc Networks“, 2002. JiejunKong, Haiyun Luo, Kaixin Xu, Daniel Lihui Gu, Mario Gerla, SongwuLu, UCLA Computer Science Department.
Defence and Communications Systems
© EADS 2004 – All rights reserved
References
• Providing Robust and Ubiquitous Security Support for Mobile Ad-hoc networks, IEEE ICNP 2001. J. Kong, P. Zerfos, H. Luo, S. Lu, L. Zhang.
• ITU-T RECOMMENDATION X.509 | ISO/IEC 9594-8 : Public-Key and Attribute Certificate Framworks », draft May 2001.
• SDSI-A Simple Distributed Security Infrastructure, http://theory.lcs.mit.edu/~rivest/sdsi10.html, September 1996. R. L. Rivest, B. Lampson.
• Certificate Chain Discovery in SPKI/SDSI, September 2001. D. Clarke, J.-E. Elien, C. Ellison, M. Fredette, A. Marcos, Rivest R. L.