overview of ieee 802 16 security
play

Overview of IEEE 802.16 Security David Johnston & Jesse Walker - PowerPoint PPT Presentation

May 10, 2023 •693 likes •844 views

Overview of IEEE 802.16 Security David Johnston & Jesse Walker Presented By: Anil Bazaz CS6204, Spring 2005 Intro to IEEE 802.16 Standard for Wireless Metropolitan Area Networks (WMANs) Flavors: IEEE 802.16-2001, 802.16a, 802.16c,

  1. Overview of IEEE 802.16 Security David Johnston & Jesse Walker Presented By: Anil Bazaz CS6204, Spring 2005

  2. Intro to IEEE 802.16 ♦ Standard for Wireless Metropolitan Area Networks (WMANs) ♦ Flavors: IEEE 802.16-2001, 802.16a, 802.16c, 802.16d, 802.16e ♦ Security Based DOCSIS CS6204, Spring 2005

  3. Intro to IEEE 802.16 Reference: http://www.nwfusion.com/news/tech/2001/0903tech.html CS6204, Spring 2005

  4. Threats to Wireless Medium ♦ Anyone can intercept messages ♦ Anyone can write to wireless channel ♦ Anyone can resend valid, already send frames CS6204, Spring 2005

  5. Authorization in 802.16 ♦ Authorization SA: 1. X.509 certificate of SS 2. AK 3. AK identifier 4. AK lifetime 5. Downlink HMAC key 6. KEK 7. Uplink HMAC Key 8. List of Authorized Data SA’s CS6204, Spring 2005

  6. Authorization Protocol ♦ SS � BS: Cert(Manufacturer) ♦ SS � BS: Cert(SS) ♦ BS � SS: RSA-Encrypt(PubKey(SS),AK) | Lifetime | SeqNo | SAID List CS6204, Spring 2005

  7. Authorization Security ♦ No explicit def. for authorization SA ♦ No distinction between two SAs ♦ No BS certificate ♦ No requirements for AK generation ♦ BS contributes all bits in an AK ♦ Assumption that certificates are unique CS6204, Spring 2005

  8. Privacy and Key Management (PKM) ♦ Data SA 1. SAID 2. DES-CBC Mode 3. Two TEKs 4. Two TEK Ids 5. TEK Lifetime 6. TEK IV 7. Data SA Type CS6204, Spring 2005

  9. PKM Protocol ♦ BS � SS: SeqNo | SAID | HMAC(1) ♦ SS � BS: SeqNo | SAID | HMAC(2) ♦ BS � SS: SeqNo | SAID | OldTEK | NewTEK | HMAC(3) CS6204, Spring 2005

  10. PKM Security ♦ No distinction between Data SA’s ♦ TEK Identifier: 2 Bits – A single AK can consume 3360 TEKs – Need 12 Bits to identify TEKs ♦ TEK Expiry Default: Half a day – Used for DES CBC mode - 64bit Data Blocks n/2 blocks – Cipher looses security after 2 – Avg. Throughput: 6.36Mbps/0.5day or 455Kbps/7days ♦ Fails to specify requirements for TEKs CS6204, Spring 2005

  11. Corrections & Suggestions ♦ Use AES with cipher block chaining MAC ♦ EAP ♦ Authorization SA as a first class concept CS6204, Spring 2005

  12. Corrections & Suggestions (Cont.) ♦ Authorization Changes: – SS � BS: Cert (Manufacturer(SS)) – SS � BS: SS Random | Cert(SS) | Capabilities | SAID – BS � SS: SS-Random| RSA- Encrypt(PubKey(SS), pre-AK) | Lifetime | SeqNo | SAIDList | Cert(BS) | Sig (BS) ♦ New AK: HMAC-SHA-1(BS & SS Random data and Mac Addresses; Bit Length) CS6204, Spring 2005

  13. Corrections & Suggestions (Cont.) ♦ PKM Changes – BS � SS: SS-Random | BS-Random | SeqNo12 | SAID | HMAC(1) – SS � BS: SS-Random | BS-Random | SeqNo12 | SAID | HMAC(2) – BS � SS: SS-Random | BS-Random | SeqNo12 | SAID | OldTEK | NewTEK | HMAC(3) CS6204, Spring 2005

  14. Conclusion ♦ Paper Identifies Security Issues ♦ Suggests simple corrections ♦ Security Issues are being dealt with by IEEE 802.16d and IEEE 802.16e working groups CS6204, Spring 2005

Recommend

Karim El Defrawy and Gene Tsudik IEEE- ICNP08 10/22/2008 1 Introduction Privacy and

Karim El Defrawy and Gene Tsudik IEEE- ICNP08 10/22/2008 1 Introduction Privacy and

Karim El Defrawy and Gene Tsudik IEEE- ICNP08 10/22/2008 1 Introduction Privacy and Security in MANETs Related Work Overview of Group Signatures PRISM Protocol and Operation Security Analysis and Simulations

613 views • 32 slides
Defense Against the Dark Arts: An overview of adversarial example security research and future

Defense Against the Dark Arts: An overview of adversarial example security research and future

Defense Against the Dark Arts: An overview of adversarial example security research and future research directions Ian Goodfellow, Sta ff Research Scientist, Google Brain 1st IEEE Deep Learning and Security Workshop, May 24, 2018 This document

726 views • 36 slides
Dynamic Session Key Agreement Brian Weis Overview IEEE 802.1AE-2006 (MACsec) IEEE

Dynamic Session Key Agreement Brian Weis Overview IEEE 802.1AE-2006 (MACsec) IEEE

Overview of IEEE 802.1X-REV Dynamic Session Key Agreement Brian Weis Overview IEEE 802.1AE-2006 (MACsec) IEEE 802.1X-REV MACsec Key Agreement MSEC WG IETF76 2 IEEE 802.1AE-2006 Referred to as MACsec for short (or

428 views • 19 slides
Overview and Timing Performance of IEEE Performance of IEEE 802.1AS Geoffrey M. Garner

Overview and Timing Performance of IEEE Performance of IEEE 802.1AS Geoffrey M. Garner

Overview and Timing Performance of IEEE Performance of IEEE 802.1AS Geoffrey M. Garner Consultant Consultant Michael D Johas Teener Michael D. Johas Teener Broadcom Corporation Outline Introduction I t d ti Overview of IEEE

597 views • 24 slides
Data Privacy for IEEE Volunteer Data Managers 2 Overview Changes in Data Privacy IEEE

Data Privacy for IEEE Volunteer Data Managers 2 Overview Changes in Data Privacy IEEE

Data Privacy for IEEE Volunteer Data Managers 2 Overview Changes in Data Privacy IEEE Privacy Policy Terms & Conditions and Subscriptions Consent Structure and Preferences Meetings, Conferences, and Events

926 views • 36 slides
Protocolo IEEE 802.15.4 Sergio Scaglia SASE 2012 - Agosto 2012 IEEE 802.15.4 standard Agenda

Protocolo IEEE 802.15.4 Sergio Scaglia SASE 2012 - Agosto 2012 IEEE 802.15.4 standard Agenda

Protocolo IEEE 802.15.4 Sergio Scaglia SASE 2012 - Agosto 2012 IEEE 802.15.4 standard Agenda Physical Layer for Wireless Overview MAC Layer for Wireless - Overview IEEE 802.15.4 Protocol Overview Hardware implementation

792 views • 62 slides
1 IEEE 802.15.4 PHY IEEE 802.15.4 PHY Features Receiver Energy Detection

1 IEEE 802.15.4 PHY IEEE 802.15.4 PHY Features Receiver Energy Detection

Structure of Presentation Introduction 8 0 2.15.4 and Zigbee IEEE 812.15.4 WPAN IEEE 802.15.4 PHY IEEE 802.15.4 MAC Zigbee Routing Layer Kevin Klues Department of Computer Science and Engineering 2 Introduction Zigbee and

863 views • 6 slides
Security Overview Security Goals The Attack Space Security Mechanisms

Security Overview Security Goals The Attack Space Security Mechanisms

CSCE Intro to Computer Systems Security Security Overview Security Goals The Attack Space Security Mechanisms Introduction to Cryptography Authentication Authorization Confidentiality Case Studies Security

472 views • 20 slides
Writing a book on wireless security available online is like writing a book on safe Internet

Writing a book on wireless security available online is like writing a book on safe Internet

Agenda The purpose of this presentation is to: FIRST Technical Colloquium Uppsala, Sweden Give an overview of Wireless technology Highlight the security issues Securing Your associated with IEEE 802.11b Wireless LAN wireless LANs Suggest

413 views • 16 slides
Outline 31st IEEE Symposium on Security & Privacy Introduction TaintScope: A

Outline 31st IEEE Symposium on Security & Privacy Introduction TaintScope: A

Outline 31st IEEE Symposium on Security & Privacy Introduction TaintScope: A Checksum-Aware Background Directed Fuzzing Tool for Automatic Motivation Software Vulnerability Detection TaintScope Intuition Tielei Wang 1 ,

427 views • 5 slides
Verena: End-to-End Integrity Protection for Web Applications IEEE Security & Privacy 2016

Verena: End-to-End Integrity Protection for Web Applications IEEE Security & Privacy 2016

Verena: End-to-End Integrity Protection for Web Applications IEEE Security & Privacy 2016 Nikos Karapanos, Alexandros Filios, Raluca Ada Popa, Srdjan Capkun Information Integrity is Critical for Decision Making EKG, EKG, heart rate,

534 views • 15 slides
Lua Code: Security Overview and Practical Approaches to Static Analysis Andrei Costin

Lua Code: Security Overview and Practical Approaches to Static Analysis Andrei Costin

IEEE SPW: LangSec'17 (San Jose, CA) Lua Code: Security Overview and Practical Approaches to Static Analysis Andrei Costin ancostin@jyu.fi, andrei@firmware.re University of Jyvaskyla, Finland Agenda Introduction Contributions

374 views • 23 slides
IEEE C57 12 38 IEEE C57.12.38 LV bushing cantilever strength analysis Justin Pezzin, P.Eng , g

IEEE C57 12 38 IEEE C57.12.38 LV bushing cantilever strength analysis Justin Pezzin, P.Eng , g

IEEE C57 12 38 IEEE C57.12.38 LV bushing cantilever strength analysis Justin Pezzin, P.Eng , g Carlos Gaytan March 2012 Overview Problem description LV bushing force diagram Review of manufacturer specifications Discussion /

189 views • 14 slides
Mr. Robert Ydens and Bradley Ydens Title: A Basic Overview of RF/EMI Filters and Filtered

Mr. Robert Ydens and Bradley Ydens Title: A Basic Overview of RF/EMI Filters and Filtered

Hoffbeck, Joseph From: emc-or-sw-wa@IEEE.ORG on behalf of David Britton <dlbritt@comcast.net> Sent: Thursday, March 14, 2019 11:10 AM To: PSES-OR-SW-WA@LISTSERV.IEEE.ORG; EMC-OR-SW-WA@LISTSERV.IEEE.ORG Cc: Aaron Cohen; David A.

388 views • 3 slides
An Overview of IEEE Software Engineering Standards and Knowledge Products Paul R. Croll Chair,

An Overview of IEEE Software Engineering Standards and Knowledge Products Paul R. Croll Chair,

An Overview of IEEE Software Engineering Standards and Knowledge Products Paul R. Croll Chair, IEEE SESC Computer Sciences Corporation pcroll@csc.com Objectives G Provide an introduction to The IEEE Software Engineering Standards Committee

481 views • 46 slides
This PIN Can Be Easily Guessed Analyzing the Security of Smartphone Unlock PINs Philipp Markert,

This PIN Can Be Easily Guessed Analyzing the Security of Smartphone Unlock PINs Philipp Markert,

This PIN Can Be Easily Guessed Analyzing the Security of Smartphone Unlock PINs Philipp Markert, Daniel V. Bailey, Maximilian Golla, Markus Drmuth, and Adam J. Aviv May 18, 2020 | 41st IEEE Symposium on Security and Privacy Overview ?!

355 views • 18 slides
Security Overview Security Goals The Attack Space Security Mechanisms

Security Overview Security Goals The Attack Space Security Mechanisms

CPSC 410/611 Operating Systems Security Security Overview Security Goals The Attack Space Security Mechanisms Introduction to Cryptography Authentication Authorization Confidentiality Case Studies

419 views • 19 slides
Software In-Security Buffer overflows Overview Web Application security Malware OS

Software In-Security Buffer overflows Overview Web Application security Malware OS

Lecture overview Table of contents: Introduction to SW security Software In-Security Buffer overflows Overview Web Application security Malware OS security topics Code scanning Emmanuel Benoist Taught by Ulrich

479 views • 13 slides
Secure Design: A Better Bug Repellent Christoph Kern, IEEE SecDev '17 Security Defects

Secure Design: A Better Bug Repellent Christoph Kern, IEEE SecDev '17 Security Defects

Secure Design: A Better Bug Repellent Christoph Kern, IEEE SecDev '17 Security Defects Implementation Bugs Shallow & Localized Patchable Straightforward & Testable Image credit: Vaniato/Shutterstock.com Design Flaws Deep &

414 views • 28 slides
4. Web Security - Measuring and Analyzing Search Engine Poisoning of Linguistic Collisions,

4. Web Security - Measuring and Analyzing Search Engine Poisoning of Linguistic Collisions,

All papers can be found by Google Scholar. For those papers accepted by S&P 2019, you can download them from this website: https://www.ieee- security.org/TC/SP2019/program-papers.html The below papers are published in the top security

290 views • 5 slides
Marco Ghiglieri Web 2.0 Security & Privacy 2014 Workshop In conjunction with the IEEE

Marco Ghiglieri Web 2.0 Security & Privacy 2014 Workshop In conjunction with the IEEE

I Know What You Watched Last Sunday A New Survey of Privacy in HbbTV May 18, 2014 Marco Ghiglieri Web 2.0 Security & Privacy 2014 Workshop In conjunction with the IEEE Symposium on Security and Privacy May 18, 2014 | I Know What You

287 views • 26 slides
Caradoc: a Pragmatic Approach to PDF Parsing and Validation IEEE Security & Privacy LangSec

Caradoc: a Pragmatic Approach to PDF Parsing and Validation IEEE Security & Privacy LangSec

Caradoc: a Pragmatic Approach to PDF Parsing and Validation IEEE Security & Privacy LangSec Workshop 2016 Guillaume Endignoux Olivier Levillain Jean-Yves Migeon cole Polytechnique, France EPFL, Switzerland ANSSI, France Thursday 26 th

842 views • 35 slides
ISO/IEC TS 18661 OVERVIEW 23 rd IEEE Symposium on Computer Arithmetic ARITH23 July 13, 2016

ISO/IEC TS 18661 OVERVIEW 23 rd IEEE Symposium on Computer Arithmetic ARITH23 July 13, 2016

ISO/IEC TS 18661 OVERVIEW 23 rd IEEE Symposium on Computer Arithmetic ARITH23 July 13, 2016 Jim Thomas jaswthomas@sbcglobal.net Davis, CA USA ISO/IEC Technical Specification 18661 C extensions to support IEEE 754-2008 Floating-point and

733 views • 30 slides
Heap Models For Exploit Systems IEEE Security and Privacy LangSec Workshop 2015 Julien Vanegue

Heap Models For Exploit Systems IEEE Security and Privacy LangSec Workshop 2015 Julien Vanegue

Heap Models For Exploit Systems IEEE Security and Privacy LangSec Workshop 2015 Julien Vanegue Bloomberg L.P. New York, USA. May 24, 2015 Big picture : The Automated Exploitation Grand Challenge A Security Exploit is a program taking

451 views • 23 slides

More recommend