wireless comm systems1

8/19/2019 wireless comm systems1

1/28

WIRELESS COMMUNICATIONS SECURITY

Dr. T.J.Owens CEng MIEE

Email: Thomas.Owens !r"nel.a#."$

Mo%"le O&er&iew

Fundamentals of Cryptography

Block 1: Basic concepts of cryptography

Block 2: Simple Ciphers and Classical Ciphers and AComplexity Measure for Security

Block 3: Modern symmetric key cryptography

Block 4: u!lic key cryptography

Securing the Mobile Phone Network

Block ": #SM $2#% &elecommunications SecurityBlock ': # (S $2)"#% Security

Block *: +ireless Application rotocol $+A % and i,mode

Block -: 3# &elecommunications Security

1

mailto:[email protected]:[email protected]


2/28

Securing laptop Wi-Fi connection to wirednetwork

Block .: +i,/i Security BasicsBlock 10: +

Block 11: er ie of + A and (S5

Block 12: (A678S9 & S9 7 -02)11

Block 13: ;ey Management in + A and (S5

Block 14: &;7 and A S,CCM

Securing hybrid wireless infrastructurenetworks

Block 1": Securing +iMA< net orks

Block 1': Securing con erged +i,/i and 8M&S net orks

2


3/28

'lo#$ (: 'asi# #on#e)*s o+ #r,)*ogra)h,

Objectives

After studying this material you should

• Appreciate that the central issue in dataencryption is the design of datatransformations that are easy, given a specific piece of secret knowledge, but extremely difficult otherwise.

• Recognise that a modern cryptosystemachieves secrecy through an algorithm whichcomputes a code from a key.

• Understand that cryptographic techni ues can protect against eavesdropping and tampering.

• !e able to calculate the Unicity "istance of acipher system and comprehend itssignificance.

•Understand how the one time pad achieves perfect secrecy.

• Appreciate that linear feedback shift registers provide a method for approximating the onetime pad.

3


4/28

'o"n%aries

/igure: Block diagram of a communications system)

/igure: Coding steps in a communications system)

4

SourceCoding

Encryption

SourceDecoding

ChannelCoding

Decryption Channel

Decoding


5/28

Cr,)*ogra)h,

Cryptosystem or cipher system is a method ofhiding the content of messages)

Cryptography is the art of creating and usingcryptosystems)

Cryptanalysis is the art of !reaking cryptosystems)

Cryptology is the study of !oth cryptography andcryptanalysis)

5

Plaintext

AliceBob

Eve

Plaintext


6/28

-e, hrase Ci)her

A B C 6

A t h i s m

B y k e o

C r d a ! c

6 f g l n p= u x >

6


7/28

Features of the E ample Cipher

(. asy encoding and decoding

/. asy to remem!er key)

0. &he use of different alpha!ets for the plaintext andciphertext)

1. ach input sym!ol mapped to t o output sym!ols)

2. (emo al of redundancy in the plain text $?i@ and ? @treated as the same letter and spaces omitted)

3. 7ndependent encoding of plaintext characters

4. Some letters from the keyphrase are discarded)

7


8/28

Da*a Se#"ri*, an% In+orma*ion Theor,

Cr,)*os,s*ems

Aim to transform original data $ plainte t! into anunintelligi!le form $cipherte t % !efore transmitting ito er a communication system)

&his in ol es computing an in erti!le transformation

of a message that is hard to in ert ithout somesecret kno ledge kno n as the key"

ncoding process often calledencryption and thedecoding process decryption )

An unauthorised person attempting to unauthorisedaccess to a communications system is acryptanalyst or ad#ersary )

The $e, m"s* !e *ransmi**e% +rom Ali#e *o 'o!!, a 5se#"re6 #hannel.

Cryptosystems may !e used to assure#ecrecy$%rivacy, Authenticity$&ntegrityand Anonymity$&nvisibility.

8


9/28

A**a#$s on Ci)her s,s*ems

assive wiretapping $ea esdropping%

Active wiretapping $tampering%

e $the cryptanalyst% kno s

• &he encryption algorithm)

• &he plaintext statistics or structure)

• ro!a!ility distri!ution of keys)

• &hecipherte t only attack : e kno sthe encryption algorithm and has someciphertext and some kno ledge of thestatistical structure of the plaintext)

• &heknown plainte t attack ) e kno sthe encryption algorithm and has someplaintext together ith its correspondingciphertext)

• &he chosen plainte t attack ) ekno s the encryption algorithm and isa!le to choose some plaintext andarrange that it is encrypted)

9


10/28

Dis#re*e Ran%om 7aria!les

< denotes the num!er of mouse clicks

x' ()&(* ()&(* ()&(* ()&(* ()&(* ()&(*

denotes the num!er of keystrokes y' *+ *+ *+ *+ *+

e can rite ),( xYxXP ==

$&his denotes the pro!a!ility that < and are e=ualto x%

e cannot rite )( YXP =

$&his ould implies that random aria!le < is thesame as random aria!le %

10

X Y


11/28

ro!a!ili*, Dis*ri!"*ion

&he probability distribution of < is the set of pairs

( )( ) ( )( ){ },,,,, 2211 x p x x p x

∑= ==++n

iin p p p p

121 1.

11


12/28

Dis#re*e In+orma*ion So"r#es

A discrete information source emits an endlessstream of sym!ols dra n from an alpha!et

{ }nσ σ σ ,,, 21 =Σ

A discrete memoryless source $6MS% is a source

that emits a stream of statistically independent sym!ols from its alpha!et)

A binary memoryless source has an alpha!et oft o sym!ols

(olling a die 6MS

&ossing a coin !inary 6MS

12


13/28

Un#er*ain*, an% In+orma*ion

$nformation con eyed !y a message or sym!ol ith pro!a!ility p is

I p( ) = − log b p = log b 1 p( )

Entropy is the expected information or

( ) ( ) ∑∑==

−==n

iibii

n

iib p p p I p X H

11

log

B 8nit of information 8nit of ntropy2 Bit $!inary digit% BitsDsym!ol

5at $natural logarithm% 5atsDsym!ol10 Eartley EartleysDsym!ol

13


14/28

Ci)her*e8* onl, Cr,)*anal,sis

Consider the a!o e source and cipher system)

&he cryptanalyst kno s the plaintext sym!olpro!a!ilities $A%9 $B%9 $C%9 and $6% and thepro!a!ility distri!ution of the keys $ $k1% and $k2%are e=ually likely%)

&he cryptanalyst needs to identify the key)

&he cryptanalyst can calculate the pro!a!ilities thatany ciphertext character resulted from a particularplaintext character)

14

A

B

C

D

0.4

0.1

0.3

0.2

A

B

C

D

k1

k2


15/28

/or example9 if ciphertext A is o!ser ed this resultsfrom plaintext character B and k1 or plaintextcharacter A and k2)

So the pro!a!ilities of each of these may !ecalculated as

)2()()1()()2()(

)|2,(

)2()()1()()1()(

)|1,(

k P A P k P B P k P A P

Ak A P

k P A P k P B P k P B P

Ak B P

+=

+=

&his process may !e continued to !uild up a ta!leof conditional pro!a!ilities

15


16/28

laintext9 ;ey

Ciphertext A9 k1 A9 k2 B9 k1 B9 k2 C9 k1 C9 k2 69 k1 69 k2

A 0 0)333 0)''* 0 0 0 0 0

B 0)2" 0 0 0 0 0)*" 0 0

C 0 0 0 0)333 0 0 0)''* 0

6 0 0 0 0 0)42. 0 0 0)"*1

Suppose the follo ing plaintext has !eenenciphered using k2 then

laintext: "("!("A"(!

Ciphertext: "!"(!"A"!(

n seeing the ciphertext the cryptanalyst calculates

the pro!a!ility of the t o possi!le correspondingplaintexts $s1 and s2% using the ta!le as follo s:

&he ciphertext contains one A9 three Bs9 t o Cs andfour 6s)

16


17/28

Calculating the product of the rele ant conditionalpro!a!ilities for each key gi es

Π 1 4423 1057.1429.0667.025.0667.0 −×=×××

Π 2 3423 1066.1571.0333.075.033.0 −×=×××

&hen

914.01066.11057.1

1066.1)|2(

086.01066.11057.1

1057.1)|1(

34

3

21

2

34

4

21

1

=×+×

×=

Π+ΠΠ

=

=×+×

×=

Π+ΠΠ

=

−−

−

−−

−

s s P

s s P

laintexts- "("!("A"(! and the key as k - )

17


18/28

Shannon )ro)ose% *wo meas"res o+ *hese#"ri*, o+ a #i)her s,s*em:

Co&er Time: &his is the time estimated to !reak thesystem ith unlimited access to plaintext andciphertext9 !ut using current computing technology)

Uni#i*, Dis*an#e: &his is the amount of ciphertextre=uired for the key to !e identified uni=uely)

Uni#i*, Dis*an#e

/or a source / ith an alpha!et of siFe Σ andpro!a!ility distri!ution Σ p p p ,,2,1 the entropy is theexpected information:

ibi

ib p p X H log)(1

∑Σ

=

−=

5o let 0 ) denote a random plaintext of length)gi ing ciphertext( ) of length) !y application of keyk x from key set* )

/or any ciphertext the minimum num!er9n9 ofcipher text sym!ols needed !efore only one keycould ha e generated that ciphertext is:

18


19/28

)(lg)( X H

K H n−Σ

≥

&he unicity distance is gi en !y the e=uality of thisexpression) /or k e=uipro!a!le keys this is

)(lglg

X H

k

n −Σ=

19


20/28

In+ini*e Uni#i*, Dis*an#e

7f the unicity distance is infinite then e ould ha ea perfectly secure system)

+e ha e t o choices:

1) Make the denominator Fero9 Σ= lg)( X H )

&his is only true if the message is randomlygenerated or is perfectly compressed9 neitherof hich is possi!le)

2) Make the numerator infinite9 ∞=)( K H )&his ould seem to re=uire a key of infinitesiFe)

Eo e er9 for a message ofn sym!ols e onlyneed n randomly generated sym!ols of the key

Σ= lg)( n K H )

&hen the unicity distance is greater thann and

e need more ciphertext characters than the na aila!le to !reak the cipher)

&his is the !asis of a pro a!ly un!reaka!lecipher)

er+e#* Se#re#,

20


21/28

&his gi es perfect secrecy if: K C M ==

ie &he num!er of keys e=uals the num!er ofmessages)

A E8# amount of key data re=uired)

21


22/28

The One Time a%

1he only cipher that provides perfect secrecy

+ach key is used only once

Mixer CipherTextPlainText

Random

Sequence

&he one time pad is so called !ecause the senderat one time had a pad of paper upon each page of hich there is a truly random se=uence of sym!ols)

A page is destroyed after use so that each key isused only once)

&he mixing function can !e as simple as additionmodulo 2)

22


23/28

A))ro8ima*ing *he One Time a%

& is impractical !ecause e cannotmathematically generate truly random se=uences)

seudorandom se=uences9 or pseudonoise9 used)

Im)lemen*a*ion Using Shi+* Regis*ers

+e can approximate a one,time pad !y generatingan extremely long psuedorandom se=uence $oflength 10010 or more% and then com!ining theelements of this se=uence ith plaintext sym!ols ina ery simple ay)

&he psuedorandom se=uence generator in astream cipher consists of memory9 hich holds itscurrent state9 and a next state function9 hichcomputes a ne state at each step)

&he output of the se=uence generator is some

function of its state)

23


24/28

7n the follo ing illustrations the arro s go !oth ays

!et een the State !ox and the 5ext State /unction!ox !ecause the next state is a function of thecurrent state)

A closely related cipher system is the cipherfeed!ack $C/B% configuration here the ciphertextis fed !ack into the keystream se=uence generator)

&hus the ciphertext in a message depends on allthe preceding ciphertext in the message)

&his can pro ide message authentication Gpre enting an ad ersary tampering ith a messageundetected)

24


25/28

Mixer CipherTextPlainText inchunks o f afew bits

Next StateFunction

StateKey

Initial

State

SelectFunction

Keystream

Mixer CipherTextPlainText inchunks o f afew bits

Next StateFunction

StateKey

Initial

State

SelectFunction

Keystream

Stream Ci !er Ci !er "ee#$a%& 'o#e

+ireless technologies use stream ciphers !ecause they approximate the one,time pad and!ecause they only re=uire an encryption card not an encryption and a decryption card)

25


26/28

'inar, Linear 9ee%!a#$ Shi+* Regis*ers

Binary /S(s are used to generate ery longse=uences of pseudorandom num!ers)

Binary inear /eed!ack Shift (egister

&he shift register is a se=uence of !its $if it is n,!itslong9 it is called an n,!it shift register%)

ach time a ne !it is needed9 all !its in the shift

register are shifted 1 to the right)

&he ne left,most !it is computed as a function ofthe other !its in the register) &he output of the shiftregister is 1 !it9 often the least significant !it)

The Se#"ri*, o+ L9SRs

26

Sn-1

Sn-2

S1

S0

+ + + +

Appropriate connections made here to generate se=uence


27/28

/S(s are not secure !ecause of their linearity)

nly n2 consecuti e !its from the register arere=uired to attack an /S( ith n stages re=uires)

&o o!tain the state and feed!ack coefficients of theregister re=uires only one matrix in ersion since eare sol ing n2 linear e=uations)

27


28/28

Nonlinear Me*ho%s

Com!ine the output of t o or more registers non,linearly)

Many nonlinear com!inations of /S(s ha e !eenproposed !ut all ha e some eaknesses making

them insecure)

&he idea of a nonlinear /S( has more merit9ho e er9 and the /B mode of the 6 S !lockcipher to !e seen in !lock 4 is essentially anonlinear /S()

Bluetooth deploys a stream cipher !uilt using anonlinear com!ination of /S(s)

Date post:	07-Jul-2018
Category:	Documents
Upload:	abdulsahib
View:	228 times
Download:	0 times

wireless comm systems1

Documents