Wireless Security

IFSM430

Masami Hara

May 3, 2002

The wireless network is getting more common in these days.  Instead of present cable networks, the wireless LAN, for example Bluetooth, would be more common near the future.  Here in Japan, younger generation enjoys E-mails and Internet with their cell phones.  Cell phones’ Internet services are NTT DoCoMo’s i-mode, au’s ezweb, and J-phone’s J-SKY.  For wireless PC Internet connection, I use PHS (Personal Handy phone System).  Usually we seek just conveniences without thinking its security very much.  However, are wireless network safe?

 

I-mode

                                                           

NTT docomo’s i-mode is major mobile connection to the Internet in Japan.  From a mobile phone used only for talking to a mobile phone you can actually use, i-mode has changed the fundamentals of mobile phone styles. With an i-mode phone display, you can get information from i-mode Menu Sites (Programs) and Internet sites that are i-mode compatible, and can exchange i-mode mail.  Simple operation, inexpensive charges and available all over Japan.

 

(“I-mode”).

 

 

i-mode Security

 

NTT DoCoMo has embedded Baltimore root digital certificates into its latest mobile devices, the 503i Series. This agreement paves the way for Baltimore to offer digital certificates for I-mode sites and to provide enhanced security for mobile commerce transactions.

Digital certificates provide authentication of users and websites and also activate the SSL (Secure Socket Layer) protocol that provides an encrypted channel for communications. SSL, which is the globally accepted standard for Internet security, has been adopted by DoCoMo to provide secure communications for the highly popular Japanese i-mode system.

Digital certificates and the SSL protocol are key components within a Public Key Infrastructure (PKI).  Baltimore provides wireless PKI systems and products through its Telepathy wireless e-security product range.  In addition, Telepathy provides the core infrastructure required to extend traditional wired Public Key Infrastructure (PKI) to wireless networks.  As it is device and network independent, Baltimore Telepathy can provide client certificates to i-mode devices (“NTT”).

 

 

Baltimore KeyTools Wireless

 

KeyTools Wireless is a high level cryptographic library, which allows wireless application developers to implement standard wireless digital signatures.  KeyTools Wireless is used on the server-side to verify digital signatures, which is crucial for bringing authentication and end-to-end security to m-commerce.

KeyTools Wireless is an essential tool for anyone creating a mobile commerce solution that requires digital signatures to be used for authentication, confidentiality, integrity, and non-repudiation.  WAP 1.2 specifies digital signatures in WML (Wireless Mark-up Language).  This cryptographic library implements that specification and allows content providers to receive signatures sent from a mobile device and verify their validity using a Public Key Infrastructure (PKI).

The KeyTools Wireless library snaps into the core KeyTools Pro components to access the cryptographic functionality, which resides in these core modules.  In this way the KeyTools Wireless component extends the functionality offered by the core API, providing the features required to implement end-to-end wireless security. At the same time, this modular architecture allows the developer to avail of the rich features available at the heart of the KeyTools family, including Digital Certificate handling and security policy management.

The modular product architecture offers a simple 'snap-in' approach, to reduce the learning and development time when application developers need to add new protocols or standards to their applications. Other components, which plug into the KeyTools core, include SSL, S/MIME and XML.

Key Features

KeyTools Wireless is a library of routines that enables WAP developers to process wireless signatures. It’s features are supporting WMLScript signText() as specified in WAP, supporting for Certificate URL’s , verifying digital signatures, and C++ and 100% pure Java.

Features accessed via the KeyTools Pro libraries are that full strength cryptographic functionality, full digital signature handling functionality, support for a wide range of Certificate Authorities, support Directory systems via LDAP (Lightweight Directory Access Protocol), and support for smart cards and hardware security modules (“Keytools”).

 

 

Wireless LAN - Bluetooth

 

Bluetooth is widely used wireless technology today.  Bluetooth is the term used to describe the protocol of a short range (10 meter) frequency-hopping radio link between devices. These devices are then termed Bluetooth - enabled.  Documentation on Bluetooth is split into two sections, the Bluetooth Specification and Bluetooth Profiles.

• The Specification describes how the technology works (i.e. the Bluetooth protocol architecture),
• The Profiles describe how the technology is used  (i.e. how different parts of the specification can be used to fulfill a desired function for a Bluetooth device)

 

Bluetooth is the name given to a new technology using short-range radio links, intended to replace the cable(s) connecting portable and/or fixed electronic devices.  It is envisaged that it will allow for the replacement of the many propriety cables that connect one device to another with one universal radio link.  Its key features are robustness, low complexity, low power, and low cost.  Designed to operate in noisy frequency environments, the Bluetooth radio uses a fast acknowledgement and frequency-hopping scheme to make the link robust.  Bluetooth radio modules operate in the unlicensed ISM band at 2.4GHz, and avoid interference from other signals by hopping to a new frequency after transmitting or receiving a packet.  Compared with other systems in the same frequency band, the Bluetooth radio hops faster and uses shorter packets.  The following pages give more detail about different sections of the protocol, note this tutorial is completely up to date with the latest version of the Bluetooth Specification.

 

 

Bluetooth Security

 

Security Settings

In the Bluetooth Generic Access Profile (GAP) the bedrock on which all other profiles are based), three Security modes are defined.  Security Mode 1 is non-secure, Security Mode 2, service level enforced security, and Security Mode 3, link level enforced security.  In Security mode 1, a device will not initiate any security - this is the non-secure mode.  The essential difference between Security Mode 2 and Security Mode 3 is that in Security Mode 2 the Bluetooth device initiates security procedures after the channel is established (at the higher layers), while in Security Mode 3 the Bluetooth device initiates security procedures before the channel is established (at the lower layers).

Link Level Security Parameters

There are four entities used to setup/maintain the security at the link level.  (1) The Bluetooth device address (BD_ADDR), which is a 48-bit address that is unique for each Bluetooth device and defined and allocated by the IEEE.  (2) Private link key, which is a 128-bit random number used for authentication purposes.  (3) Private encryption key, 8-128 bits in length that is used for encryption.  (4) A Random number (RAND), which is a frequently changing 128-bit random or pseudo-random number that is made by the Bluetooth device itself.  These are used in the following security mechanisms

 

Key Management

There are several kinds of keys in the Bluetooth system to ensure secure transmission.  The most important key of these is the link key, which is used between two Bluetooth devices for authentication purposes.  Using the link key, an encryption key can be derived.  This secures the data of the packet and is regenerated for all new transmissions.  Finally, although not a key there is the PIN code, which can be used to help identify devices to each other.

 

Link Key

There are four types of link keys possible.  All the link keys are 128-bit random numbers and are either temporary or semi-permanent. (1) Unit key, KA, is derived at the installation of the Bluetooth device from a unit A.  (2) Combination key, KAB, is derived from two units A and B.  This key is generated for each pair of devices and is used when more security is needed.  (3) The Master key, Kmaster, is used when the master device wants to transmit to several devices at ones.  It over rides the current link key only for one session.  (4) The initialization key, Kinit, is used in the initialization process.  This key protects initialization parameters when they are transmitted.

 

Encryption Key

Encryption key is derived from the current link key.  Each time encryption is needed the encryption key will be automatically changed.  The reason for separating the authentication key and encryption key is to facilitate the use of a shorter encryption key without weakening the strength of the authentication procedure. 

 

PIN code

This is a user selected or fixed number, normally 4 digits in length, but it can be anything between 1 to 16 octets.  The user can change it when it wants to and this adds security to the system.  The PIN can be used entering it into one device (fixed PIN), but it is safer to enter it to both units.

 

Key Generation and Initialization

The exchange of the keys takes place during an initialization phase, which has to be carried out separately for each two units that want to implement authentication and encryption.  First, generation of an initialization key.  Second, Authentication.  Third, Generation of link key.  Forth, Link key exchange.  Fifth, Generating of encryption key in each unit.  After this procedure, the link is either built or aborted.

 

Device Authentication

The Bluetooth authentication scheme is essentially a challenge-response strategy, where a 2-move protocol is used to check whether the other party knows a shared identical secret key (a symmetric key).  Basically, the protocol checks that both devices have the same key, and if they do authentication is successful.  Also during the authentication procedure, an ACO value (Authenticated Ciphering Offset) is generated and stored in both devices.  This ACO value is used (in a round-about way) to generate the encryption key later on.

 

The Authentication scheme works as three steps.  (1) The verifier sends the claimant a random number to be authenticated.  (2) Both verifer+claimant use the authentication function E1 with the RAND (random number), the claimants BD_ADDR and the current link key to get a response.  (4) The claimant sends the response to the verifier, who then makes sure the responses match.

Packet Encryption

The Bluetooth encryption system systematically encrypts the payload of each packet.  This is done with a stream cipher E0, which is re-synchronized for every payload.  The E0 stream cipher consists of three elements:  (1) Encryption mode 1, nothing is encrypted.  (2) Encryption mode 2, point-to-multipoint (broadcast) traffic is not encrypted, but point-to-point addressed traffic is encrypted with the master key.  (3) Encryption mode 3, all traffic is encrypted with the master key.

 

Security Mode 2 Settings

Two possibilities exist for Device’s access to services: trusted device and untrusted device.  The trusted device has unrestricted access to all services.  The untrusted device does not have fixed relationships and its access to services is limited.  For services, three security levels are defined:  (1) Services that require authorization and authentication. Automatic access is only granted to trusted devices.  Other devices need a manual authorization.  (2) Services that require authentication only, Authorization is not necessary.  (3) Services those are open to all devices.  Neither Authorization nor authentication is required, no access approval is required before service access is granted.

 

Security Implementation within the Architecture

    Authentication : Who is it?   is the process of verifying who is at the other end of the link.

     Authorization : What is it allowed to do ?  is the process of deciding if device X is allowed to have access to service Y.  Authorization always includes authentication.

 

The three Device level trust levels are handled:  (1) Trusted Device: The device has been previous.  The two key security concepts within Bluetooth are sly authenticated, a link key is stored, and the device is marked as "trusted" in the Device Database.  (2) Untrusted Device: The device has been previously authenticated, a link key is stored, but the device is not marked as "trusted" in the Device Database.  (3) Unknown Device: No security information is available for this device.  This is also an untrusted device.  This information is stored in the Device database table maintained in the security manager

 

The security level of a service is defined by three attributes:  (1) Authorization Required: Access is only granted automatically to trusted devices (i.e., devices marked as such in the device database) or untrusted devices after an authorization procedure.  (2) Authorization always requires authentication to verify that the remote device is the right one.  (2) Authentication Required: Before connecting to the application, the remote device must be authenticated.  (3) Encryption Required: The link must be changed to encrypted mode, before access to the service is possible.  This information is stored in the service database of the security manager.

 

Known Problems

The major problem is likely to be a partial user one.  The atypical 4-digit PIN code is used in combination with other variables to generate the Link Key and Encryption Key.  One way to solve this would to use the option of the longer 16-octet PIN code, or a key exchange system.

 

Another problem arises with the use of the Link key. Authentication and encryption are based on the assumption that the link key is the participants' shared secret.

1. Assume that devices A and B use A's unit key as their link key.
2. Later on, or at the same time, device C may communicate with device A and use A's unit key as the link key.
3. B uses A's Link key to decrypt the communication between A & C

 

 The Bluetooth Device Address is unique to each and every Bluetooth device. However due to its uniqueness it introduces another problem.  Once this ID is associated with a person, individuals can be traced and their activities easily logged, thus privacy is violated.

 

Realistic Bluetooth Security Expectations & the Future

All of these problems might lead one to believe that Bluetooth security is highly suspect, however one major factors: The nature of the data being transmitted across the Bluetooth link is often not taken into account

They need to improve existing security or implement new versions.  Both are being pursued:  (1) Improving Existing Security: Users requiring stalwart protection are encouraged to use stronger security mechanisms available in network transport protocols and application programs.  I.e. to use Security Mode 2 (Service Security), the security protocols on adopted protocols, such as PPP, and security application designed to improve general or specific security.  (2) Implement New Security: There is no getting away from the fact that no matter how more secured transmission can be made in the application level, Bluetooth still has the fundamental problems as featured above.  If the Bluetooth SIG is pushing Bluetooth towards 2 and 10Mbit speeds, evidently in opposition to 802.11, then it must also be working on security comparable to 802.11, rather than being exposed as a 'poor man's' version of WLAN (McDaid).

 

Doubt of Wireless Networks

 

Robert Vamosi doubts of the wireless security.  According to his article “A hacker’s dreamland: wireless networks”, he states that wireless networks could be broadcasting your information, and you should ask any organization you see using a wireless network—including your bank, the airports you visit, and even your tax preparer.  Instead of going through the hassle of installing LAN lines, many companies equip their employees with the latest wireless devices. Then they throw up an access point at the server, and suddenly all their accountants can tap into the company network wirelessly. 

 

By 2005, 50% of the largest 1,000 companies in the U. S.will use wireless LAN technology.  That is up from less than 10% today (Salkever). 

 

 

For Better Security

 

Nowadays, some tech writers state that wireless security is not perfectly reliable.  However, as development of PKI and other key encryption, authentication and authorization processes are becoming complex.  Therefore, the wireless security is being better.  We also have choices for better security.  For example, place wireless access points physically inside buildings, but outside corporate firewalls.  And keep the company VPN behind the firewall.  In addition, you should not use DHCP (Dynamic Host Configuration Protocol) with wireless networks. Having a static network address will slow down the hacker, although he can still get on your network using a sniffer program.  Then again, anyone going to those lengths is clearly demonstrating malice, and that makes it easier to prosecute that individual in a court of law.  This summer Netsec will release Intrusion Detection System (IDS) boxes that will help system administrators identify outside users quickly (Vamosi).

 

Summary

 

NTT DoCoMo’s cell phone Internet system named “I-mode” adopted public key infrastructure.  Public key encryption is more secure than previous symmetric encryption.  In symmetric encryption, a sender and a receiver use the same key.  In public key encryption, a sender and a receiver use different keys.  Therefore, it can maintain better security.  Wireless network is being largely spread instead of wired local area networks.  One of the major technologies for wireless network is Bluetooth.  Bluetooth adopted key management with private link key, private encryption key, and PIN code.  Link keys are unit key, combination key, master key and initialization key that are 128-bit random numbers.  Encryption key is separated from authentication key for shorter encryption without weakening the strength of authentication procedure.  PIN is a user selected or fixed number, normally 4 digits in length.  Bluetooth adopted device authentication and packet encryption, too. 

 

 

Works Cited

 

 

“General Description of Public Personal Handy-phone System.”  PHS MoU Group Apr. 21, 1997.  Online.  Internet.  http://www.phsmou.or.jp (Apr. 5, 2002).

 

“I-mode.”  NTT DoCoMo.  Online.  Internet.  http://www.nttdocomo.co.jp (Apr. 15, 2002).

 

“KeyTools Wireless Introduction.”  Baltimore KeyTools.  Online.  Internet.  http://www.baltimore.com (Apr. 15, 2002)

 

McDaid, Cathal.  “Bluetooth Security.”  Palowireless Feb. 2001.  Online.  Internet.  http://www.palowireless.com (Apr. 15, 2002)

 

“NTT DoCoMo. Selects Baltimore Technologies to Add Security to Its Latest Mobile Devices.”  Business Wire Feb. 20, 2001.  Online.  Internet.  http://www.findarticles.com (Apr. 16, 2002).

 

“PHS Packet Data Service Starts.”  PHS MoU Group Newsletter Sep. 2001.  Online.  Internet.  http://www.phsmou.or.jp (Apr. 16, 2002)

 

Salkever, Alex.  “Wireless-Security Outfits Seize the Day.”  BusinessWeek Online Apr. 6, 2002.  Online.  Internet.  http://story.news.yahoo.com (Apr. 15. 2002).

 

Vamosi, Robert.  “A Hacker’s dreamland: Wireless Networks.”  ZDNet Mar. 27, 2002.  Online.  Internet.  http://zdnet.com.com (Apr. 16, 2002).