欢迎来到留学生英语论文网

客服信息

我们支持 澳洲论文代写 Assignment代写、加拿大论文代写 Assignment代写、新西兰论文代写 Assignment代写、美国论文代写 Assignment代写、英国论文代写 Assignment代写、及其他国家的英语文书润色修改代写方案.论文写作指导服务

唯一联系方式Q微:7878393

当前位置:首页 > 论文范文 > Internet

Verification of wireless security protocols

发布时间:2017-04-23
该论文是我们的学员投稿,并非我们专家级的写作水平!如果你有论文作业写作指导需求请联系我们的客服人员

VERIFICATION OF WIRELESS SECURITY PROTOCOLS
Abstract

Cohen and Rosenzweig (2006) postulates that Neighbor discovery (ND) is an indispensable fundamental building block of wireless networking. Given the nature of the wireless networks, the possibility of attack against the ND remains possible: in such cases, packets are usually relayed across the network (creating a wormhole) to misdirect disconnected nodes into false direct communication. These incidences in the end compromise the security protocol and other related applications. Verification is a very vital procedure in the design of many security protocols, it must also be noted that there are some flaws related with the manual verification of the security protocol which is largely affected by human caused errors in logical postulates that have been correctly applied. The verification process can be improved through the use of automated systems; these systems usually incorporate within the proving process, axioms of logic. This paper therefore seeks to address the issue of wireless security protocol verification both for big and small security protocol, it also emphasizes on the adoption of the GNY logic as a technique of verifying the relevant wireless security protocol.

Introduction

The third generation of wireless communication has brought with it more comprehensive security requirements compared to the security requirements of the second generation digital systems. These security protocol requirements demand the use of algorithms and cryptographic protocols (Deibert, Palfrey & Rohozinski, 2008). It is an arguable case that the most sensitive security interface is the one that exists between the user and the network. In order to maintain user privacy and also prevent unauthorized access to the available networking resources then it is unquestionably mandatory to maintain the security of this interface (Boyd & Mathuria, 1998).

Symmetric encryption and integrity mechanism are used to enhance the protection of control information and digitally encoded speech; this is only done after the establishment of a shared secret key between the user and the network. This paper will focus on the specific verification process despite the fact that cryptographic algorithms are an essential aspect of security protocol designs. There are systematic protocols to be followed when establishing symmetric session keys and it is also important to know how to solve the problem of authentication of the entities involved in a described or a given interface.

According to Mehrota (1997), there is a known weakness of the second generation authentication protocol which is reliance on the shared long term keys (which exists between the users and their home networks in order to generate the session keys).The implication of this fact is that it is mandatory for the home authentication centre to be on-line when a call setup is established (made). This can prove to be expensive, reason being, the requirement of an increased degree of availability and reliability of the home authentication center. Currently the third generation systems are in wide use and this could simply mean that the weaknesses of the home authentication centers could increase. In order to prevent this limiting factor of the (second generation) home authentication systems, an asymmetric cryptography, which is also a public key, can then be used since it does not need an online server (Palmer & Sinclair, 2002). The computational limitations of the then handheld devices hindered the implementation of the mentioned solution by the second generation designers. One of the major reasons that have made the asymmetric cryptography of the most preferred choices in the third generation is because of the use of digital signatures in mobile protocols.

This paper will touch on some of the requirements of the mobile protocols in order to determine the advantages of these protocols and ways of verifying them. There are two types of protocols that this paper will focus on: the key transport and key agreement protocols.

Requirements for Mobile protocol

There has been a proposal made by the European ASPeCT project where they proposed the use of public key based protocols for the third generation wireless systems [3].There are six goals that were proposed by Horn and Preneel(1998) and were aimed at authenticating the protocols between the fixed networks and the mobile entities. The requirements include;

Blanchet (2006) argues that the first requirement of the mobile protocol is the mutual authentication of the network and the user.

This requirement is among the most sought after requirements, due to the fact that the second generation network systems lacked the network side authentication. Even though this is a universally accepted requirement, it risks the possibility of being redundant after the goals have been achieved. It is important to note that the definition of the entity authentication differ from country to country.

The second requirement is An agreement between a given user and the selected network (this is the secret session key with the authentication key).The common or the known standard requirement for the establishment of all key protocols is that both the users must agree on a mutual implicit key (this means that they must both agree on the other entities that may be privy to the session key)

The third requirement is the mutual key confirmation

The underlying principle of this principle is that the other entities must not at any one time posses the same key session.

Another fact about this requirement is that its definition is not universally accepted. There is an interesting argument on this subject, which is, whether the other entities should be those that have already been identified (Menezes, Oorshot & Vanstone, 1997).

Mutual Key control

The mutual key control can also be referred to as the mutual of key freshness; this means that the user must ensure that the particular key session is fresh to prevent ant possible attack as a result of previously compromised key sessions. It could also refer to the inability of one party being unable to force the selection of a specific key session.

The fifth requirement is the Non-repudiation of origin for relevant user data.

This requirement is usually given by using digital signatures. The main purpose of this requirement is to promote or confirm a certain degree of commitment by the users to buying products from a Value added service provides (VASP).

Another requirement is the confidentiality of the relevant data.

This is a very crucial aspect of the mobile protocol requirement; it especially applies to the mobile setting. It encompasses the user identities; it therefore prohibits the use of clear text in sending of the user certificates via the radio interface.

The issue of limited power of the mobile handset is key in the design or the verification process of the wireless security protocol. This factor of limited size has generated a suggestion from Horn and Preneel (1998), where they argue that the computational and the storage requirements should be shifted from the mobile devices to the network side.

Goals of the protocols

The following are the goals that are realized by conducting a comprehensive protocol run.

The first goal is to ensure a mutual authentication of the user and the service provider, definition of entity authentication is the process where a group or party is assured (by getting a corroborative evidence) of the particulars or the identity of the other party engaged in the protocol, this is only if the second party participates actively (Horn & Preneel, 1998). The second goal is to create an agreement between the user and the service provider to the creation of a key session.

The third goal is the verification of the implicit key, this is also known as the implicit key authentication, which refers to the property of assuring one party that the second party has the possession of a given a particular key (Menezes, Oorshot & Vanstone, 1997).Fourth, mutual assurance of key freshness, as previously discussed, it is the assurance to the party (user) that the key was generated during the present running time of the key establishment protocol. Fifth, mutual key control; is a situation where the key is got from the joint information. In the mutual key control both the parties are unable to control the value of the key. Sixth, the non- repudiation of origin is usually meant to protect the user against the possibility of the originator incorrectly denying having created the content of the message in question or even the originator denying sending a particular message. The other aims include the confidentiality of the user's personal information (this emphasizes on the accessing of the users personal information), the exchanging of certified keys (specifically public) and finally it aims at initializing the mechanism of payment (McLeod & Jordan, 2002).

Types of key protocols

There are two types of key protocols namely the key agreement and the key transport. The key transport can be described as the one that results when a single entity within the protocol selects the session key unilaterally, and then sends an encrypted message to another entity (within the protocol).It is interesting to note that in a key agreement protocol, both the user and the service provider contribute to the session key.Diffie-Hellman key exchange is a protocol that acts as a base for many key agreement protocols (Diffie & Hellman, 1976). Most of the current proposals that are being made with respect to the establishment of key agreement protocol heavily lean towards the Diffie-Hellman model.

There are many questions that are testing the credibility of the cryptographic requirements of the wireless network security protocol. A good example of a situation supporting this argument, is when the authentication of the relevant parties project sufficient assurance in a case where they are not expected to utilize old session keys, this would therefore prompt the question as to whether the key freshness is required.

The key agreement protocol has a guiding principle for the key input data, this is the random property. There is the incorporation of random numbers in the computation of key values ensures that the key generated remains fresh. There is an important aspect of the freshness of key, it is highly dependant on the freshness of the cryptographic message (this is meant for the entity authentication).So the result of the freshness of the key input data is the cryptographic message (Mitchell, 2003). There is evidence that most proposed protocols are mostly adopting the key agreement as opposed to the key transport protocol.

The Diffie-Hellman model (1976) of the key agreement has shown its weakness in terms of its potential extravagant properties which are higher compared to the key transport protocol, this result is largely due the asymmetrical relationship that exist between the users and the service providers.

GNY logic

The concept of GNY logic was bought about by the need to conduct thorough analysis in coming up with wireless security related protocols. This would ensure that whatever solution arrived at is practical and effective; it would also create room for comparison between the proposed solutions. This section of the paper will focus on the verification of the wireless security protocol using the GNY logic. This technique will therefore systematically analyze the wireless security protocol and finally present the conclusions while at the same time making explicit any assumption made by a given wireless security protocol. An important and advantageous aspect of this technique is that assumptions about redundancies being present on encrypted messages are not automatic as opposed to the BAN technique. The BYN logic also ignores the assumption that the principle can always indicate whether a message was not at some point originated by self.

The main aim of this technique is to draw a clear boundary between reasoning about the physical world and other possible beliefs. This technique does indeed allow for the analysis of a wider range of protocols. A deeper understanding of the meaning of a protocol is necessary; and it can be described as a distributed algorithm, the role of the protocol is to determine or select the type of messages that are to be sent (this is as function of the internal states.
A protocol run is also known as a session. There are two sets within each principle in each session. The two sets are mainly; the belief set (contains the current beliefs of the principal).

The Needham-Schroeder Protocol

This protocol has been pivotal in the design of many existing and even published protocols. This protocol aims to provide the two principles of P and Q with shared secrecy (Needham & Schroeder, 1978), the secret is then used as the session key. The authentication server S shares common secrets with all the potential participants. In conclusion P and Q posses the key and each party have belief in the key, they also believe in the fact that the other party posses the key and equally believe in it and hence they trust each other. Five as opposed to seven messages can be obtained from the Yahalom Protocol

References

Blanchet, M (2006). Migrating to IPv6: a practical guide to implementing IPv6 in mobile and fixed networks. Michigan: John Wiley

Boyd, C., & Mathuria, A. (1998). “Key Establishment Protocols for Secure Mobile Communications: A Selective Survey", Information Security and Privacy, LNCS 1438, Springer-Verlag, pp.344-355.

Cohen, D.J & Rosenzweig, R. (2006). Digital history: a guide to gathering, preserving, and presenting the past on the Web. Penn: University of Pennsylvania

Deibert, R., Palfrey, J.G. & Rohozinski, R. (2008). Access denied: the practice and policy of global Internet filtering Mass: MIT Press

Diffie, W., Hellman, M. (1976). New Directions in Cryptography. IEEE Transaction On Information Theory, vol.22, pp.644-654.

Horn, G., & Preneel, B. (1998). Authentication and Payment in Future Mobile Systems", Proceedings of ESORICS'98. New York: Springer-Verlag.

McLeod, R., & Jordan, E. (2002). Systems Development: A Project Management Approach. Carlifornia: Wiley

Mehrota, A. (1997). GSM System Engineering. Berlin: Artech House.

Menezes, A., Oorshot, P., & Vanstone, S. (1997). Handbook of Applied Cryptography. London: CRC Press, 1997.

Mitchell, J.C. (2003). Concepts in Programming Languages. Cambridge: CUP.

Needham, R.M., & Schroeder, M.D. (1978). Using Encryption for Authentication in Large

Networks of Computer, Communication of the ACM, vol.21, No, pp.993-999.

Palmer, M.J & Sinclair, R.B. (2002). Guide to designing and implementing local and wide area networks. Michigan: Course Technology. Pp 417-612

上一篇:Potential Health Problems Of Online Games Use 下一篇:RemHardware Practice and Networks