Wireless network security and interworking

Proceedings of the IEEE

Volumn 94, Issue 2, 2006, Pages 455-465

  Shin, Minho ^a   Ma, Justin ^b   Mishra, Arunesh ^a   Arbaugh, William A ^a  

^a Institute of Advanced Computer Science   (United States)

^b UNIVERSITY OF CALIFORNIA   (United States)

Author keywords

Communication system security; Computer network security; Data security; Internetworking; Land mobile radio cellular systems; Wireless LAN

Indexed keywords

BANDWIDTH; COMPUTER ARCHITECTURE; INFORMATION TECHNOLOGY; PROBLEM SOLVING; SECURITY OF DATA; WIRELESS TELECOMMUNICATION SYSTEMS;

COMMUNICATION SYSTEM SECURITY; COMPUTER NETWORK SECURITY; INTERNETWORKING; LAND MOBILE RADIO CELLULAR SYSTEMS; WIRELESS LAN;

GATEWAYS (COMPUTER NETWORKS);

EID: 31344448046     PISSN: 00189219     EISSN: None     Source Type: Journal    
DOI: 10.1109/JPROC.2005.862322     Document Type: Conference Paper

References (75)

1. "Bluetooth Specification" 2001 [Online]. Available: http://www.bluetooth.org/spec/
2. 3GPP2 Technical Specifications, Wireless IP Network Standard, P.S0001-B v1.0, Third Generation Partnership Project 2 (3GPP2), Oct. 2002.
3. 3GPP2 Technical Specifications, General Packet Radio Service (GPRS); Service description (Stage 2), TS 23.060 v6.4.0, Third Generation Partnership Project, Jan. 2004.
4. K. Salkintzis et al., "WLAN-GPRS integration for next-generation mobile data networks," IEEE Wireless Commun., vol. 9, no. 5, pp. 112-124, Oct. 2002.
5. J. Ala-Laurila, J. Mikkonen, and J. Rinnemaa, "Wireless LAN access network architecture for mobile operators," IEEE Commun. Mag., vol. 39, no. 11, pp. 82-89, Nov. 2001.
6. Pahlavan K. et al., "Handoff in hybrid mobile data networks," IEEE Pers. Commun., vol. 7, no. 2, pp. 34-47, Apr. 2000.
7. M. Buddhikot, G. Chandranmenon, S. Han, Y. W. Lee, S. Miller, and L. Salgarelli, "Integration of 802.11 and third generation wireless data networks," in Proc. IEEE INFOCOM 2003 vol. 1, pp. 503-512.
8. M. Buddhikot, G. Chandranmenon, S. Han, Y.-W. Lee, S. Miller, and L. Salgarelli, "Design and implementation of a WLAN/CDMA2000 Intel-working architecture," IEEE Commun. Mag., vol. 41, no. 11, pp. 90-100, Nov. 2003.
9. 3GPP2 Technical Specifications, 3GPP system to Wireless Local Area Network (WLAN) interworking; system description, TS 23.234, v6.0.0, Third Generation Partnership Project, Apr. 2004.
10. Draft Amendment to Standard for Telecommunications and Information Exchange Between Systems-LAN/MAN Specific Requirements. Part 11: Wireless Medium Access Control and Physical Layer (PHY) Specifications: Medium Access Control (MAC) Security Enhancements, IEEE Standard 802.11i, May 2003.
11. 3GPP Technical Specifications, Digital cellular telecommunications system (Phase 2+); performance requirements on mobile radio interface, TS 44.013 v5.0.0, R5, Third Generation Partnership Project, Jun. 2002.
12. A. Mishra, M. Shin, J. Nick, L. Petroni, T. C. Clancy, and W. A. Arbaugh, "Pro-active key distribution using neighbor graphs," IEEE Wireless Commun., vol. 11, no. 1, pp. 26-36, Feb. 2004.
13. FCC [Online]. Available: http://wireless.fcc.gov/services/cellular/ operations/fraud.html
14. W. Millan, "Cryptanalysis of the alleged CAVE algorithm," in Proc. Int. Conf. Information Security and Cryptology (ICISC1998) pp. 107-119.
15. B. Schneier, J. Kelsey, and D. Wagner, "Cryptanalysis of the cellular message encryption algorithm," in Proc. Crypto'97 pp. 526-537.
16. D. Wagner, B. Schneier, and J. Kelsey, "Cryptanalysis of ORYX," in Proc. 5th Annu. Workshop Selected Areas in Glyptography (WSK) 1998, pp. 296-305.
17. L. Pesonen, GSM interception [Online], Available: http://www. dia.unisa.it/professori/ads/corso-security/www/CORSO-9900/ a5%/Netsec/netsec. html
18. G. Rose, "Authentication and security in mobile phones," presented at the Australian Unix User's Group Conf. (AUUG99), Melbourne, Australia.
19. P. Ekdahl and T. Johansson, "Another attack on A5/1," presented at the IEEE Int. Symp. Information Theory (ISIT) 2001, Washington, DC.
20. C. Smith, Ed. et al., 3G Wireless Networks. New York: McGraw-Hill Telecom, 2002.
21. M. Johnson, "Revenue assurance, fraud and security in 3G telecom services," J. Econom. Crime Mgmt. vol. 1, no. 2, Fall, 2002 [Online]. Available: http://www.jecm.org/02_fall_art3.pdf
22. G. Koien, "An introduction to access security in UMTS," IEEE Wireless Commun, vol. 11, no. 1, pp. 8-18, Feb. 2004.
23. 3GPP Technical Specifications, 3G security; security architecture (Release 6), 3GPP TS 33.102 v6.0.0, Third Generation Partnership Project, Sep. 2003.
24. 3GPP Technical Specifications, Technical specification group terminals; UlCC-terminal interface; physical and logical characteristics (Release 6), 3GPP TS 31.101 v6.2.0, Third Generation Partnership Project, Jun. 2003.
25. 3GPP Technical Specifications, Technical specification group services and system aspects; personalization of Mobile Equipment (ME); mobile functionality specification (Release 5), 3GPP TS 22.022 v5.0.0, Third Generation Partnership Project, Sep. 2002.
26. 3GPP Technical Specifications, Technical specification group terminals; security mechanisms for the (U)SIM application toolkit; Stage 2 (Release 5), 3GPP TS 23.048 v5.8.0, Third Generation Partnership Project, Dec. 2003.
27. 3GPP Technical Specifications, 3G security; network domain security; MAP application layer security (Release 5), 3GPP TS 33.200 v5.1.0, Third Generation Partnership Project, Dec. 2002.
28. 3GPP2 Technical Specifications, 3gpp2 s.s0055 version 1.0, Enhanced Cryptographic Algorithms, 3GPP2, Jan. 2002.
29. 3GPP Technical Specifications, 3G security; specification of the 3GPP confidentiality and integrity algorithms; document 1: f8 and f9 specification (Release 5), 3GPP TS 35.201 v5.0.0, Third Generation Partnership Project, Jun. 2002.
30. 3GPP Technical Specifications, 3G security; specification of the 3GPP confidentiality and integrity algorithms; document 2; KASUMI specification (Release 5), 3GPP TS 35.202 v5.0.0, Third Generation Partnership Project, Jun. 2002.
31. 3GPP2 Technical Specifications, 3gpp2 s.s0078 version 1.0, common security algorithms, 3GPP2, Dec. 2002.
32. G. Koien and G. Rose, "Access security in CDMA2000, including a comparison with UMTS access security," IEEE Wireless Commun., vol. 11, no. 1, pp. 19-25, Feb. 2004.
33. Secure Hash Standard, FIPS Pub. 180-1, National Institute of Standards and Technology (N1ST), May 1993.
34. Advanced Encryption Standard, FIPS Pub. 197, National Institute of Standards and Technology (NIST), Nov. 2001.
35. Lucent Orinoco, "User's guide for the ORiNOCO Manager's Suite," Nov. 2000.
36. J. Walker, "Unsafe at any key size: An analysis of the WEP encapsulation," IEEE 802.11 committee, Tech. Rep. 03628E, Mar. 2000 [Online]. Available: http://grouper.ieee.org/groups/802/11/Documents/ DocumentHolder/0-362.zi%p
37. N. Borisov, I. Goldberg, and D. Wagner, "Intercepting mobile communications: The insecurity of 802.11" [Online]. Available: http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html
38. W. A. Arbaugh, N. Shankar, and J. Wang, "Your 802.11 network has no clothes," in Proc. 1st IEEE Int. Conf. Wireless LANs and Home Networks 2001, pp. 131-144.
39. S. Fluhrer, I. Mantin, and A. Shamir, "Weaknesses in the key scheduling algorithm of RC4," in Proc. 8th Annu. Workshop Selected Areas in Cryptography 2001, pp. 1-24.
40. N. Petroni and W. Arbaugh, "The dangers of mitigating security design flaws: a wireless case study," IEEE Security Privacy, vol. 1, no. 1, pp. 28-36, Jan. 2003.
41. R. Housley and W.A. Arbaugh, "WLAN problems and solutions," Comm. ACM, vol. 46, no. 5, pp. 31-34, May 2003.
42. R. Housely, D. Whiting, and N. Ferguson, Counter with cbc-mac (ccm) [submission to NIST] 2002 [Online]. Available: http://csrc. nist.gov/encryption/ modes/proposedmodes/ccm/ccm.pdf,
43. B. Aboba, L. Blunk, J. Vollbrecht, J. Carlson, and H. Levkowetz, "Extensible Authentication Protocol (EAP)," RFC 3748, Jun. 2004.
44. Standards for Local and Metropolitan Area Networks: Standard for Port Based Network Access Control, IEEE Draft P802.1X/D11, Mar. 2001.
45. L. Blunk and J. Vollbrecht, "PPP Extensible Authentication Protocol (EAP)," RFC 2284, Mar. 1998.
46. C. Rigney, S. Willens, A. Rubens, and W. Simpson, "Remote Authentication Dial In User Service (RADIUS)," RFC 2865, Jun. 2000.
47. J. Bellardo and S. Savage, "802.11 denial-of-service attacks: real vulnerabilities and practical solutions," presented at the USENIX Security Symp., Washington, DC, 2003.
48. D. B. Faria and D. R. Cheriton, "DoS and authentication in wireless public access networks," in Proc. 1st ACM Workshop Wireless Security (WiSe'02) pp. 47-56.
49. M. L. Lough, "A taxonomy of computer attacks with applications to wireless," Ph.D thesis, Virginia Polytechnic Institute, Blacksburg, Apr. 2001.
50. R. Baird and M. Lynn, Airjack driver. [Online]. Available: http:// 802.1lninja.net/airjack
51. A. Mishra, N. L. Petroni, and W. A. Arbaugh, "Security issues in IEEE 802.11 wireless local-area networks: a survey," Wireless Commun. Mobile Comput. J. (Invited Paper), vol. 4, no. 8, pp. 821-833, 2004.
52. L. Salgarelli, M. Buddhikot, J. Garay, S. Patel, and S. Miller, "Efficient authentication and key distribution in wireless IP networks," IEEE Wireless Commun., vol. 10, no. 6, pp. 52-61, Dec. 2003.
53. H. Haverinen, "EAP SIM authentication (work in progress)," Internet Draft, IETF, draft-arkko-pppext-eap-sim-03.txt, Feb. 2002.
54. J. Arkko and H. Haverinen, "EAP AKA authentication (work in progress)," Internet Draft, IETF, draft-arkko-pppext-eap-aka-12. txt, Apr. 2004.
55. P. Funk and S. Blake-Wilson, "," EAP tunneled TLS authentication protocol (EAP-TTLS) (work in progress) Internet Draft, IETF, draft-ietf-pppext-eap-ttls-03.txt, Aug. 2003.
56. R. Molva, D. Samfat, and G. Tsudik, "Authentication of mobile users," IEEE Network, vol. 8, no. 2, pp. 26-34, Mar.-Apr. 1994.
57. 3GPP Technical Specifications, 3G Security; Wireless Local Area Network (WLAN) interworking security, TS33.234 v6.1.0, R6, Third Generation Partnership Project, Jun. 2004.
58. A. Palekar, D. Simon, J. Salowey, H. Zhou, G. Zorn, and S. Josefsson, "Protected EAP Protocol (PEAP) version 2 (work in progress)," Internet Draft, IETF, draft-josef-sson-pppext-eap-tls-eap-08.txt, Jul. 2004.
59. N. Asokan, V. Niemi, and K. Nyber, "Man-in-the-middle in tunnelled authentication protocols," in Proc. 11th Cambridge Int. Workshop Security Protocols 2003, pp. 15-24.
60. M. S. Bargh, R. J. Hulsebosch, E. H. Eertink, A. Prasad, H. Wang, and P. Schoo, "Fast authentication methods for handovers between IEEE 802.11 wireless LANs," in Proc. 2nd ACM Int. Workshop Wireless Mobile Applications and Services on WLAN Hotspots (WMASH) 2004, pp. 51-60.
61. H. Kim and H. Afifi, "Improving mobile authentication with new AAA protocols," presented at the IEEE ICC (Int. Conf. Communications), Anchorage, AK, 2003.
62. P. R. Calhoun, G. Zorn, P. Pan, and H. Akhtar, "Diameter framework document (work in progress)," Internet Draft, draft-ietf-aaa-diameter- framework-09.txt, Feb. 2001.
63. H. Kim, W. Ben-Ameur, and H. Afifi, "Toward efficient mobile authentication in wireless inter-domain," presented at the IEEE Applications and Services in Wireless Networks Conf., Berne, Switzerland, 2003.
64. J. Kempf, "Problem description: Reason for performaing context transfers between nodes in an IP access network," RFC 3374, Sep. 2002.
65. H. Wang and A. R. Prasad, "Security context transfer in vertical handover," presented at the IEEE 14th Int. Symp. Personal, Indoor and Mobile Radio Communications (P1MRC 2003), Beijing, China.
66. R. Koodli and C. Perkins, "Fast handover and context relocation in mobile networks," ACM SIGCOMM Comput. Commun. Rev., vol. 31, no. 5, pp. 37-47, Oct. 2001.
67. M. Nakhjiri, C. Perkins, and R. Koodli, Context Transfer Protocol Internet Draft: draft-ietf-seamoby-ctp-01.txt, Mar. 2003.
68. A. Mishra, M. Shin, and W. A. Arbaugh, "Context caching using neighbor graphs for fast handoffs in a wireless network," in Proc. IEEE INFOCOM 2004 pp. 351-361.
69. Trial-Use Recommended Practice for Multi-Vendor Access Point Interoperability via an Inter-Access Point Protocol Across Distribution Systems Supporting IEEE 802.11 Operation, IEEE Standard 802.11f, Jul. 2003.
70. R. Soltwisch, X. Fu, D. Hogrefe, and S. Narayanan, "A method for authentication and key exchange for seamless inter-domain handovers," presented at the Proc. IEEE 14th Int. Conf. Networks (ICON 2004), Singapore.
71. D. Harkins and D. Carrel, "The Internet key exchange (IKE)," IETF, Nov. 1998.
72. J. Kohl and C. Neuman, "The Kerberos Network Authentication Service (V5)," RFC 1510, Sep. 1993.
73. Y. Matsunaga, A. S. Merino, T. Suzuki, and R. H. Katz, "Secure authentication system for public WLAN roaming," in Proc. 1st ACM Int. Workshop Wireless Mobile Applications and Services on WLAN Hotspots (WMASH) 2003, pp. 113-121.
74. B. C. Neuman and T. Ts'o, "Kerberos: An authentication service for computer networks," IEEE Commun., vol. 32, no. 9, pp. 33-38, Sep. 1994.
75. T. Wu, "A real-world analysis of Kerberos password security," presented at the Network and Distributed System Security Symp. (NDSS), San Diego, CA, 2003.