security solutions in the wireless deployable network system, 6th ... · pdf filethe wireless...

Defence and Communications SystemsThe EADS Systems House

© EADS 2004 – All rights reserved

Security Solutions in the WIreless DEployable Network System,

6th December 2004

www.widens.org

Defence and Communications Systems


�WIDENS Presentation

• Ad hoc networks Security

• Attacks on Routing Protocols

• Secure the OLSR Protocol

• Key Infrastructure evaluation

• Work status



WIDENS context

• Submitted in the 6th Framework Program

• WIDENS objectives : to specify and implement an ad hoc network based on WLAN

• Applications : Future Public safety, emergency and disaster situations

• Offered services : voice, data and video with an emphasis on voice � QoS constraints

• Interoperability with existing core networks and present private mobile radio systems (TETRA and TETRAPOL)



WIDENS context

• Support to the joint ETSI/TIA standardization initiative MESA (Mobile Broadband for Emergency and Safety Applications).

• Started on February 2004



The WIDENS system different phases

ConfigurationPhase

OperationalPhase

InterventionAnalysis

Phase

��

��

��

Step 1 : Terminodes Configuration Enforcement

Step 2 : WIDENS System Deployment

Response ActivitiesOptional : Logs & Intervention Analysis

Terminodes Configurations Identification

DeploymentPhase

��



WIDENS Technological choices

• 802.11

• Routing Protocol– OLSR– Implementation: Unik OLSR Daemon

• Linux 2.4.x

• XORP (eXtensible Open Router Platform). www.xorp.org

• IPv4



• WIDENS Project

�Ad hoc networks Security




• Work status



Ad hoc Networks

• No preexisting infrastructure.

• All hosts are mobile.

• Hosts communicate via wireless links (radio channels).

• Hosts cooperate to route packets within the network.

�� Routing is essential



Security services at OSI Layers

Physical

Data Link

Network

Transport

Session

Presentation

ApplicationKey ManagementKey Management

Routing ProtocolRouting Protocol

Voice and DataVoice and Data

RadioRadio

Members authentication

Group authenticationAnd confidentiality

Confidentiality



• WIDENS Project


�Attacks on Routing Protocols



• Work status



Attacks on ad-hoc routing protocols

• Black Hole: A malicious node advertise itself as having the shortest path.

– DoS attack– Man in the middle– Corrupt packets

• Rushing Attack: An attacker disseminates RREQ quickly throughout the network suppressing any later legitimate RREQ.

– DoS

• Spoofing / Impersonation: The attacker assumes the identity of another node.

– DoS attack– Packet modification, corruption



Attacks on ad-hoc routing protocols

• Routing table overflow: An attacker attempts to create routes to non-existent nodes � prevent new routes to be created

– DoS

• Location disclosure: Reveal locations of nodes or the structure of the network.

• Wormhole: Several malicious nodes colludes to form a tunnel between them. An attacker records packets at one location in thenetwork and tunnels them to a remote attacker who plays the recorded packets.

– DoS (disrupt routing or create routing loop)– Man in the Middle– Unable to find routes longer than 1 or 2 hops



• WIDENS Project



�Secure the OLSR Protocol


• Work status



WIDENS routing protocol: OLSR

All neighbours retransmit Only MPR retransmit



OLSR security extensions

• Reference: “Securing the OLSR protocol”, Cedric Adjih, Thomas Clausen, Philippe Jacquet, Anis Laouiti, Paul Mühlethaler, Daniele Raffo, INRIA Rocquencourt.

• Based on packet timestamps and packet signatures– Timestamps methods

· Real-time clock + synchronization· Non-volatile timestamp � internal counter· Timestamp exchange protocol � 3-step handshake

– Public key acquisition methods :· Proactive � authorities periodically distribute public keys· Reactive � usage of “key request”/”key reply” messages



SOLSR Analysis

• Packet signature with a pre-shared key

Security impacts:� Group authentication and integrity� If a node is compromised, the whole group is compromised� Key renewal is needed

Processing impacts:� Signature and validation at each hop� Symmetric signature

Network overhead impacts:� Only one signature per packet



SOLSR Analysis

� Asymmetric signature � processing overhead and certificate

storage needed.

� Signature at source and

validation on each hop

� One signature / message

� Several signatures / packet

� Signature and validation on

each hop

� Only 1 signature / packet

Performance

impacts

� Provides Message

authentication and integrity

� Packet header and mutable

fields not signed

� All information signed

� Compromised node can

falsify TC messages

� Node Authentication

� Source IP Anti-spoofing

Security

Impacts

Message SignaturePacket SignatureX 509



SOLSR Improvements

• We are implementing Message Signature with X.509 certificate– Coupled with IDS, it would be easy to exclude misbehaving nodes

• Unik OLSR daemon is the reference implementation– Development of a Security plug-in

• Usage of a certificate cache in order to minimize certificate requests– Mean size of a X.509 certificate: 700 bytes– Storage size needed for 200 X.509 certificate: 140 kb

� Could be implemented in all equipments

• TODO: – Performances to be tested and to be simulated (NS-2)– Optimise Certificate size (ECC and minimal informations)



OLSR attacks risk mitigation

��Location disclosure

��Routing table overflow

��Spoofing

��Rushing

≈≈≈≈��Wormhole

��Black Hole

SOLSROLSRAttacks



• WIDENS Project




�Key Infrastructure evaluation

• Work status



Key Infrastructure evaluation

� Fine grained management of users rights

� Possibility of finding routes with a given level of

confidence

� Model difficult to deploy

X.509v4 / PMI

� Unusual model approach

� Non standard way to

represents certificate

� No global key/name

binding

SPKI

Achieved

Security

Usage &

Configuration

� PKI services always

available

� RSA signature

scheme can be

easily distributed

� Not easy to set

design parameters

� No DSA and

ECDSA signature

schemes

Fully Distributed PKI



Key Infrastructure evaluationW

orks & S

tatus

Processing Tim

e &

Netw

ork Overhead

� Status of RFC2692 and

RFC2693 still

“Experimental”

� Intel project CDSA

� Proof of authorization

required many certificates

� Certificate chain discovery

and reduction processes

are complex.

SPKI

� PMI rely on a traditional

PKI

� A small validity

period increase

network overhead

� ITU-T works on draft

paper of X.509

recommendation

� RFC3281 status:

“Proposed Standard”

� Not standardized

� Complex certificates

chain verifications

� Issuance of

certificates increase

processing time

X.509v4 / PMIFully Distributed PKI



• WIDENS Project





�Work status



Work Status

• For the WIDENS project a global solution will be proposed covering the key infrastructure and the security of the routing protocol.

• Routing– Security extensions to OLSR

• Authentication / Authorisation– Distributed PKI could be used

· Hard to customize and limited to RSA keys.– PMI and SPKI are not adapted to secure the routing protocol.

· SPKI has an unusual approach and is not widely used.· PMI needs a PKI

� Generate too much overhead for routing



Work Status: Remaining work

• Implementation and simulation results.

• Studies about secured group communications– What is a group and how to create it.

· Procedures· Cryptographic elements· Wireless configuration

– How to merge groups · From the same organisation· From different organisations



References

• Optimized Link State Routing. RFC3626, October 2003

• Unik OLSR Daemon: www.olsr.org

• “Securing the OLSR protocol”, Cedric Adjih, Thomas Clausen, Philippe Jacquet, Anis Laouiti, Paul Mühlethaler, Daniele Raffo, INRIA Rocquencourt.

• “Adaptive Security for Multi-layer Ad-hoc Networks“, 2002. JiejunKong, Haiyun Luo, Kaixin Xu, Daniel Lihui Gu, Mario Gerla, SongwuLu, UCLA Computer Science Department.



References

• Providing Robust and Ubiquitous Security Support for Mobile Ad-hoc networks, IEEE ICNP 2001. J. Kong, P. Zerfos, H. Luo, S. Lu, L. Zhang.

• ITU-T RECOMMENDATION X.509 | ISO/IEC 9594-8 : Public-Key and Attribute Certificate Framworks », draft May 2001.

• SDSI-A Simple Distributed Security Infrastructure, http://theory.lcs.mit.edu/~rivest/sdsi10.html, September 1996. R. L. Rivest, B. Lampson.

• Certificate Chain Discovery in SPKI/SDSI, September 2001. D. Clarke, J.-E. Elien, C. Ellison, M. Fredette, A. Marcos, Rivest R. L.

security solutions in the wireless deployable network system, 6th ... · pdf filethe wireless...

Documents