Professional Documents
Culture Documents
Security Issues in A CDPD Wireless Network: by Yair Frankel, Et. Al
Security Issues in A CDPD Wireless Network: by Yair Frankel, Et. Al
Step
1
Action
Generate r2 Compute KMS M sends its cred. S decrypts Ms cred. S relays Ms cred. H verifies Ms cred. H sends response and updates SHR S encrypts new SHR and sends it to M
MHF
2 3 4 5
Cons
Mutual trust is not established (only assumed) between M, S, and H. Vulnerable to man-in-the-middle attacks.
- A bogus S can spoof air link to obtain Ms credentials.
stores keys of each M and S stores SHRs for each M MHF mutual trust stores keys of H stores SHRs M transitive trust mutual trust MSF stores keys of each H
Trust established directly through authenticated messages. Trust established indirectly through authenticated messages.
Step
1 2
Action
M sends its cred. S relays Ms cred. S sends challenge to H H authenticates M & S H sends resp. to S H sends new chal. to M S authenticates H & M 1
RMH TMH = T MH = AMH(SHM, RMH, NEIS, response) TMH TSH = RSH TSH = ASH(TMH, RSH, NEIM, relay)
Cons
Key management
- H must maintain secret keys for each M and S. - Likewise, each S must maintain keys for each H. - Probably will not scale well in public network (Internet) scenario. - How will the keys be updated if compromised, especially for mobiles? - How are keys maintained across carriers?
Intrusion attempts by a bogus M can not be detected denitively. Possible intrusion attempts by M are not detected until step 2 of protocol.
- Backbone network bandwidth is wasted.
Action
Same as before Same as before H sends resp. to S H sends new chal. to M H sends key to M & S S authenticates H & M 1
MSF
MHF
2
THM THS = accept or deny (a or d) T =A (T , R , NEI , a or d, K ) M MS HS HS HM SH EHS = AHS(THS) KMS
S HM refresh (r) THM = THM = AHM(RMH, SHM, NEIS, r, KMS) EHM = AHM(THM) KMS