IWD2243 Wireless & Mobile Security

1. IWD2243Wireless & Mobile Security Chapter 4 : Security in Wireless Ad Hoc Network Prepared by : Zuraidy Adnan, FITM UNISEL

2. 4.1 Introduction • Ad Hoc – On the fly, as needed basis. • Ad Hoc Wireless Net – Ad Hoc that use wireless medium for communication. • Mobile Ad Hoc Net (MANET) – nodes that forming ad hoc net are mobile. • See figure 19.1 : Examples of ad hoc network, page 446. • Classification for ad-hoc network :- • Geographical coverage – PAN, LAN, WAN • Capable acting as routers • 2 limitation, 1. No dedicated routing devices, 2. Net topology change rapidly and unpredictable. Prepared by : Zuraidy Adnan, FITM UNISEL

3. 4.1 Introduction • 2 groups of ad-hoc network – 1. Single hop ad-hoc networks and 2. Multihop ad hoc network. • Single hop – Node do not act as routers and therefore communication is possible only between nodes which are within each other RF range. Example, PAN, Bluetooth. • Multihop – node act as router and route the traffic of other nodes. Example, LAN & WAN. Prepared by : Zuraidy Adnan, FITM UNISEL

4. 4.2 Bluetooth • Wireless ad hoc networking technology • Operates in unlicensed 2.4 GHz freq range • Geographical coverage limited to personal area network (PAN) • Point to point & Point to multipoint links • Supports synchronous and asynchronous traffic • Concentrates on single hop network • Freq hopping spread spectrum (FHSS) with Gaussian freq shift keying (GFSK) modulation at physical layer Prepared by : Zuraidy Adnan, FITM UNISEL

5. 4.2 Bluetooth • Low power and low cost given important consideration • Adopted as the IEEE 802.15.1 standard for physical layer (PHY) and media access control (MAC) layers. • Bluetooth basics • See figure 19.2 : Bluetooth networks, page 449 • Each piconet has 1 master and up to 7 slaves • Slave communicate with master, if 2 slave want to communicate each other, master should relay the traffic • Piconet = BSS, Master = AP, Slave = Station (STA) • Bluetooth device may participate in more than 1 piconet simultaneously Prepared by : Zuraidy Adnan, FITM UNISEL

6. 4.2 Bluetooth • Bluetooth basics (cont.) • See figure 19.3 : Piconets and scatternets in bluetooth • Scatternets theoretically possible, rare in commercial deployment • Security modes • Define layer 1 & 2 of OSI stack to achieve comm in single hop ad hoc net • To ease interoperability problem, Bluetooth SIG defined application profiles. • Profile defines an unambiguous description of the comm interface between 2 bluetooth devices or one particular service or application Prepared by : Zuraidy Adnan, FITM UNISEL

7. 4.2 Bluetooth • Security modes (cont.) • See figure 19.4 : Profiles in Bluetooth, page 451 • Each service / app select appropriate profile depending on its needs – each profiles define different security modes. • Fundamental profile – Generic Access Profile (GAP) • GAP define 3 basic security mode :- • Security mode 1 – unsecured mode in bluetooth. • Security mode 2 – Lies between mode 1 & 2, left the decision to security policy manager. • Security mode 3 – Always on security mode, always initiate authentication procedure. • See Table 19.1 : Security features of Bluetooth connection. Prepared by : Zuraidy Adnan, FITM UNISEL

8. 4.2 Bluetooth • Key Establishment • Most complex part in bluetooth security • Key hierarchy varies depends on whether unicast or broadcast connection • Pass key • See figure 19.5 : Bluetooth key hierarchy, page 454 • Basically shared secret between 2 communication devices • Two types :- Variable PKEY, Fixed PKEY • Variable PKEY – PKEY that can be chosen at the time of pairing • “Pairing” – process by which 2 bluetooth devices establish a shared secret that they can used for securing communication. • 128 bits • PKEY – shared secret between 2 comm endpoints that ensures the link key is known ONLY to the 2 comm endpoints. Prepared by : Zuraidy Adnan, FITM UNISEL

9. 4.2 Bluetooth • Key Establishment (cont.) • Initialization key • Initialization key (IK or IKinit). • Short lived temporary key that is used (and exist only) during the pairing process when 2 comm devices start comm for the 1st time. • Derived using E22 algorithm and 3 inputs : PKEY, IN_RAND, Lpkey. • PKEY – Pass key, Lpkey – Length of PKEY in bytes, IN_RAND – 128bit random number generated in devices. • See figure 19.6 : Bluetooth authentication, page 456. • Kinit = E22 (PKEY’,IN_RAND, Lpkey’) Prepared by : Zuraidy Adnan, FITM UNISEL

10. 4.2 Bluetooth • Key Establishment (cont.) • Link Key • Link key (LK) – shared secret established between 2 comm devices when pairing sequence ends. • Two types :- unit key, combination key. • Unit key – deprecated • Combination key = link key – derived from either existing link key, or Kinit. • The end of pairing process in bluetooth should lead to the establishment of a link key which the 2 devices can use for securing their communication • 3 sources :- existing link key, use of existing link key to establish new link key, use of Kinit to generate link key. Prepared by : Zuraidy Adnan, FITM UNISEL

11. 4.2 Bluetooth • Key Establishment (cont.) • Encryption key • Link key is used for generating chipering key(CK, or Kc) • Use E3 algorithm • Kc = E3 (K, EN_RAND, COF) • K – link key, EN_RAND – 128bits random number, COF – 96bits chipering offset. • COF = Anthenticationchipering offset (ACO), which derived from authentication process. Prepared by : Zuraidy Adnan, FITM UNISEL

12. 4.2 Bluetooth • Key Establishment (cont.) • Constraint key • Constraint key (Kc’), constraint encryption key. • Export restrictions – hardware which is capable of encrypting above certain key strength is not exportable. • Bluetooth put in key strength constraining mechanism that reduces the 128bit Kc to 128bit Kc’ whose effective key length (strength) can be any value less than 128 bits • Kc’(x) = g2l(x) {Kc[mod g2l(x)]} Prepared by : Zuraidy Adnan, FITM UNISEL

13. 4.2 Bluetooth • Key Establishment (cont.) • Payload key • Payload key (Pk) is actual key that is used to encrypt (decrypt) bluetooth packets. • Pk derived from Kc’ using E0 algorithm • Kp = E0 (Kc’,CK_VAL, BD_ADDR, EN_RAND) • BD_ADDR – 48bits bluetooth add for the device, EN_RAND – 128bits random number, CK_VAL – 26 bits of current clock value. Prepared by : Zuraidy Adnan, FITM UNISEL

14. 4.2 Bluetooth • Key Establishment (cont.) • Broadcast key hierarchy • In braodcast key hierarchy, link key is replaced by the use of a master key (Kmaster). • Derived independently by master without involving any of the slaves • Using E22 algorithm • Kmaster = E22 (LK_RAND1, LK_RAND2,16) • Use overlay key to comm the master key to all slaves in piconet • Koverlay = E22 (K, RAND3, 16) Prepared by : Zuraidy Adnan, FITM UNISEL

15. 4.2 Bluetooth • Key Establishment (cont.) • The Algorithms • Five algorithm used :-E0,E1, E3, E21, and E22. • E0 – stream chiper, and the other 4 use block chiper. • Use same underlying block chiper :- SAFER+ Prepared by : Zuraidy Adnan, FITM UNISEL

16. 4.2 Bluetooth • Authentication • Involve 2 endpoints – the claimant, the verifier • For mutual authentication – both end points take on the role of verifier one at a time. • See figure 19.8 : Bluetooth mutual authentication, page 462. • Confidentiality • See figure 19.9 : Bluetooth encryption, page 464 • See figure 19.10 : Bluetooth packet format, page 464. Prepared by : Zuraidy Adnan, FITM UNISEL

17. 4.2 Bluetooth • Integrity protection • Relies on CRC for integrity • Using linear noncryptographic integrity check mechanism like CRC leaves a lot to be desired as far as integrity protection is concerned. • By choosing CRC, bluetooth fails to provide any real integrity protection, Prepared by : Zuraidy Adnan, FITM UNISEL