Fast and authenticated vertical handovers in heterogeneous ppt

17
Sarbjeet Singh NITTTR-CHD 802.11R

description

Fast and authenticated - vertical handovers in heterogeneous networks by 802.11r

Transcript of Fast and authenticated vertical handovers in heterogeneous ppt

Page 1: Fast and authenticated   vertical handovers in heterogeneous ppt

Sarbjeet Singh

NITTTR-CHD

802.11R

Page 2: Fast and authenticated   vertical handovers in heterogeneous ppt

With increase in WLAN , fast roaming services with uninterrupted services had become great issue in IEEE802.11.

vertical handovers had made possible for user to transfer itself to other technology service without disturbances in ongoing process.

Its is known that security problems in GSM authentication when it comes to high speed moving users, because of there frequent change of cell sites.

Handover could be horizontal or vertical and per user requirement. MIH (media independent handover) though provide vertical handover but on other hand 802.11 r had provided us fast and secure connection oriented handover from one access point to another with in same mobility domain.

Thus feature of security and authentication is integrated with handover for user security.

Page 3: Fast and authenticated   vertical handovers in heterogeneous ppt

Introduction.Concept of handovers and approaches

MIH(Media Independent Handover) Concept and procedure

Fast and Seamless Handover Mechanism in 802.11r.

RSNA establishment Handover Procedure

Authentication. Summary.

Page 4: Fast and authenticated   vertical handovers in heterogeneous ppt

Movement of mobile in different regions.(near far problem)

Capacity of one BTS is almost full.(call setup/disconnection)

Umbrella approach.

Page 5: Fast and authenticated   vertical handovers in heterogeneous ppt
Page 6: Fast and authenticated   vertical handovers in heterogeneous ppt

During this handover:-main requirement of user becomesQuality of serviceData encryptionAuthentication services

Fast hand over Smooth handover Seamless handover

Page 7: Fast and authenticated   vertical handovers in heterogeneous ppt

Here handover have 3 phases: InitiationDecisionExecution

Media independent handover (IEEE 802.21) provide seamless mobility among different networks.

Initiation Network discovery Network selection Handover negotiation

Decision handover algorithm(MIHF)

Execution Mobility management Handover management

Page 8: Fast and authenticated   vertical handovers in heterogeneous ppt
Page 9: Fast and authenticated   vertical handovers in heterogeneous ppt

IEEE 802.11r-2008 or fast BSS transition (FT) is a standard to permit continuous connectivity aboard wireless devices in motion, with fast and secure handoffs from one base station to another managed in a seamless manner.

PMK: pairwise master key. PTK: pairwise transient key GTK: group temporal key RSNA :robust security network

association. In RSNA establishment few frame

contain information element like:- mobility domain information element(MDIE) and fast BSS transition information element (FTIE).

Page 10: Fast and authenticated   vertical handovers in heterogeneous ppt

It have 3tier key hierarchy which is the key management framework. Hierarchy is as follow:1) 802.1x authenticator2) FT key hierarchy at authenticator (AP) 3) Non-AP STA

R0KH() R0 key holder identifier is set to identity of the co resident NAS client

R1KH(R1 key holder) identifier is set to MAC address of physical link that store PMK-R1.

Page 11: Fast and authenticated   vertical handovers in heterogeneous ppt
Page 12: Fast and authenticated   vertical handovers in heterogeneous ppt
Page 13: Fast and authenticated   vertical handovers in heterogeneous ppt

During handover procedure, mobile station(MS) searches for new healthy signal. Mobile station makes measurements of signal and may take up to 10sec.

sowe see GSM encryption Algorithm A5/2 allows attackers to recover the encryption key by taking only few millisecond of encrypted traffic.

GSM is much prone to man-in-middle attacks. So to overcome we use A5/3 algorithm, this algorithm is costly because of its conversion formula.

Page 14: Fast and authenticated   vertical handovers in heterogeneous ppt

If an attacker records the UMTS communication and breaks the GSM encryption key after the handover to GSM, he can reverse engineer at least parts of the UMTS keys.

This is possible, because the UMTS encryption (CK) and integrity protection (IK) keys are only converted into a GSM encryption key Kc and vice versa by the following equations:

Κc= c3(CΚ, ΙΚ)= CΚ1⊕ CΚ2 ⊕ ΙΚ1⊕ ΙΚ2 .----(1) CΚ= c4(Κc)= Κc ∥Κc ----- (2) ΙΚ= c5(Κc)= Κc1⊕ Κc2∥Κc∥ Κc1⊕ Κc2. ---- (3)

Where Kc = Kc1∥ Kc2 and Kc1 and Kc2 each consist of 32 bit. CK and IK are split into CK1 and CK2 and IK1 and IK2 respectively, each consisting of 64 bit, so that

CK = CK1 ∥ CK2 and IK = IK1 ∥ IK2.

Page 15: Fast and authenticated   vertical handovers in heterogeneous ppt

IEEE 802.21 MIH protocol defines a set of handover enabling fuction, and introduces a new logical entity called MIHF, which resides between the link layer and network layer.

MIH users are anticipated to make handover and link making decisions based on internal policies, context and information received from MIHF. Mainly MIHF provide information to network selectors or mobility management entities.

For the application, 802.11r provides seamless connectivity with a fast and secure handover from one AP to another within the same mobility domain. This is achieved by deriving all necessary encryption keys prior to a reassociation.

Shortening handover preparation and execution makes it possible to add authentication into the handover process so that it will be checked if the MT that wants to access to the service offered by the new cell, is really the one whose handover was expected or is an unwanted guest.

The time saved can be used to perform at least the authentication challenge and key computation. Anyway the authentication can be finished before the handover is completed.

Page 16: Fast and authenticated   vertical handovers in heterogeneous ppt

[1] George Lapropoulos and Charalabos Skianis, "Optimized Fusion Of Heterogeneous Wireless Network Based on Media Independent Handover Operations," IEEE Wireless Communication , voU7, no. 2, pp. 78-87, Aug. 20 I O.

[2] S.Tamilselvan and C.Tamizhselvan “IEEE 802.21 Media Independent Handover Mechanism for Heterogeneous Networks” Pondicherry Engineering College, 2012

[3] Tu Jun, Zhang Ying-jiang, Ye zhi-Wei, Chen Zhi-lan, Performance Analysis of Vertical Handof in WiFi and WiMAX Heterogeneous Networks," IEEE Wireless Communication, pp. 1- 5, Jan. 2009,

[4] ETSI, “Requirements and Architectures for Interworking between HIPERLAN/3 and 3rd Generation Cellular Systems”, ETSI TR 101 957, Aug. 2001.

[5] J. Manner and M. Kojo, Mobility Related Terminology, IETF RFC 3753, June 2004; http://www.ietf.org/rfc/rfc3753.txt.

[6] Y. Yorozu, M. Hirano, K. Oka, and Y. Tagawa, “Electron spectroscopy studies on magneto-optical media and plastic substrate interface.” IEEE Transl. J. Magn. Japan, vol. 2, pp.740-741, August 1987 [Digests 9th Annual Conf. Magnetics Japan, p.301, 1982].

[7] M. Young, The Technical Writer’s Handbook. Mill Valley, CA: University Science, 1989.

[8] Ahmad Ali Tabassam, Henning Trsek, Stefan Heiss, Jürgen Jasperneite” Fast and Seamless Handover for Secure Mobile Industrial Applications with 802.11r” Ostwestfalen-Lippe University of Applied Sciences,Germany.

[9] 802.11r-2008, IEEE Standard for Information Technology Telecommunications and information exchange between systems Local and metropolitan area networks Specific requirements - Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Spec., Amendment 2: Fast Basic Service Set (BSS) Transition, July 2008.

[10] 3GGP, TS 25.133, Requirements for support of radio resource management (FDD) (Release 6)

[11] K. Kastell, A. Fernandez-Pello, D. Perez, U. Meyer, R. Jakoby,“Performance advantage and use of a location based handover algorithm,” Proceedings of the 60th IEEE Vehicular Technology Conference (VTC), pp. 2876-2883, September 2004.

[12] E. Barkan, E. Biham, and N. Keller, “Instant ciphertextonly cryptanalysis of GSM encrypted Communication,” in Advances in Cryptology – CRYPTO

[13] Kira Kastell and Rolf Jakoby” Fast Handover with Integrated Authentication for Hybrid Networks” Darmstadt, Germany.

Page 17: Fast and authenticated   vertical handovers in heterogeneous ppt