nato unclassified 1 military/nato applications of wireless lans dr. davras yavuz nato c3 agency...
TRANSCRIPT
NATO UNCLASSIFIED1
Military/NATO Applications of Wireless LANsMilitary/NATO Applications of Wireless LANs
Dr. Davras YavuzDr. Davras Yavuz
NATO C3 Agency (Formerly SHAPE Technical Center)NATO C3 Agency (Formerly SHAPE Technical Center)
CISD Division, Applied CIS Technology BranchCISD Division, Applied CIS Technology Branch
Dr. Davras YavuzDr. Davras Yavuz
NATO C3 Agency (Formerly SHAPE Technical Center)NATO C3 Agency (Formerly SHAPE Technical Center)
CISD Division, Applied CIS Technology BranchCISD Division, Applied CIS Technology Branch
Den Haag, Netherlands Tel: 31 70 374 3044, Fax: 374 3049Den Haag, Netherlands Tel: 31 70 374 3044, Fax: 374 [email protected]@nc3a.nato.int
Den Haag, Netherlands Tel: 31 70 374 3044, Fax: 374 3049Den Haag, Netherlands Tel: 31 70 374 3044, Fax: 374 [email protected]@nc3a.nato.int
www.nc3a.nato.int - This paper at www.nc3a.info/Briefingswww.nc3a.nato.int - This paper at www.nc3a.info/Briefingswww.nc3a.nato.int - This paper at www.nc3a.info/Briefingswww.nc3a.nato.int - This paper at www.nc3a.info/Briefings
NATO UNCLASSIFIED2
NATO C3 AgencyNATO C3 AgencyNATO C3 AgencyNATO C3 Agency
The Hague, NL (Former STC) The Hague, NL (Former STC) Brussels, BE (NACISA)Brussels, BE (NACISA)
~ 530 Staff from ~ all NATO nations~ 530 Staff from ~ all NATO nations(~ 340 NL, ~190 BE )(~ 340 NL, ~190 BE )
NATO UNCLASSIFIED3
Slide TitleSlide Title
NATO UNCLASSIFIED4
Slide TitleSlide Title
NATO UNCLASSIFIED5
Slide TitleSlide Title
• NC3A photos info• NC3A photos info
NATO UNCLASSIFIED6
IntroductionIntroductionIntroductionIntroduction
• Until late 1980s mobile/deployable/tactical operations were Until late 1980s mobile/deployable/tactical operations were national responsibilities - NATO involvement was smallnational responsibilities - NATO involvement was small
• NATO provided primarily strategic & high level command co-NATO provided primarily strategic & high level command co-ordination/connectivityordination/connectivity
• In last decade deployed, Combined Joint Task Force (CJTF) In last decade deployed, Combined Joint Task Force (CJTF) operations (multi NATO and PfP nations) have become operations (multi NATO and PfP nations) have become highly significanthighly significant• May 2002 Exercise Combined Endeavor (Baumholder Germany) May 2002 Exercise Combined Endeavor (Baumholder Germany)
had 40 nations participatinghad 40 nations participating• Hence mobile/deployable operations support is now an Hence mobile/deployable operations support is now an
important part of our taskingimportant part of our tasking• Mobile/Deployable SATCOM, Wireless comms for HQs, PCS Mobile/Deployable SATCOM, Wireless comms for HQs, PCS
(e.g. GSM), PMR (e.g. TETRA), DTAB, DVB, …(e.g. GSM), PMR (e.g. TETRA), DTAB, DVB, …– Wireless LANWireless LAN activities form an important component of these activities form an important component of these
• Until late 1980s mobile/deployable/tactical operations were Until late 1980s mobile/deployable/tactical operations were national responsibilities - NATO involvement was smallnational responsibilities - NATO involvement was small
• NATO provided primarily strategic & high level command co-NATO provided primarily strategic & high level command co-ordination/connectivityordination/connectivity
• In last decade deployed, Combined Joint Task Force (CJTF) In last decade deployed, Combined Joint Task Force (CJTF) operations (multi NATO and PfP nations) have become operations (multi NATO and PfP nations) have become highly significanthighly significant• May 2002 Exercise Combined Endeavor (Baumholder Germany) May 2002 Exercise Combined Endeavor (Baumholder Germany)
had 40 nations participatinghad 40 nations participating• Hence mobile/deployable operations support is now an Hence mobile/deployable operations support is now an
important part of our taskingimportant part of our tasking• Mobile/Deployable SATCOM, Wireless comms for HQs, PCS Mobile/Deployable SATCOM, Wireless comms for HQs, PCS
(e.g. GSM), PMR (e.g. TETRA), DTAB, DVB, …(e.g. GSM), PMR (e.g. TETRA), DTAB, DVB, …– Wireless LANWireless LAN activities form an important component of these activities form an important component of these
NATO UNCLASSIFIED
Mobile/Tactical Comms DivergenceMobile/Tactical Comms Divergence
NATO UNCLASSIFIED
• Fixed communicationsFixed communications• Fiber-optic/photonic revolution: Essentially unlimited capacity is now possible/available if/when a cable can be installed
• Mobile/Tactical communications• No technological revolution similar to photonic foreseen• Radio propagation will be the limiting factor
–Mainstay will be radio: Tactical LOS tens/hundreds of Kbps, BLOS (rough terrain and/or long distances) few Kbps
–Star-wars scenarios : Moving laser beams ???• LEO satellites will provide some 100s of Kbps at a cost
• Divergence will continue • Input into the five senses : appx 100 Shannon/Entropy bps
–For transmission redundancy : x 10 = 1 Kbps
• Fixed communicationsFixed communications• Fiber-optic/photonic revolution: Essentially unlimited capacity is now possible/available if/when a cable can be installed
• Mobile/Tactical communications• No technological revolution similar to photonic foreseen• Radio propagation will be the limiting factor
–Mainstay will be radio: Tactical LOS tens/hundreds of Kbps, BLOS (rough terrain and/or long distances) few Kbps
–Star-wars scenarios : Moving laser beams ???• LEO satellites will provide some 100s of Kbps at a cost
• Divergence will continue • Input into the five senses : appx 100 Shannon/Entropy bps
–For transmission redundancy : x 10 = 1 Kbps
Therefore: we must treat mobile/tactical comms differentlyTherefore: we must treat mobile/tactical comms differently
NATO UNCLASSIFIED8
Commercial & MilitaryCommercial & MilitaryWireless LAN (WLAN) requirementsWireless LAN (WLAN) requirements
Commercial & MilitaryCommercial & MilitaryWireless LAN (WLAN) requirementsWireless LAN (WLAN) requirements
• Commercial/Corporate requirementsCommercial/Corporate requirements• Higher throughputs Higher throughputs
– Larger populations of users (rapid office space reconfiguration/move, Larger populations of users (rapid office space reconfiguration/move, no wire/fiber infrastructure, “hot desk” policies, …,)no wire/fiber infrastructure, “hot desk” policies, …,)
– Applications require increasing capacities/digital info exchangeApplications require increasing capacities/digital info exchange• Security with acceptable riskSecurity with acceptable risk• Low cost, ease of setup/upgrade, … etc.Low cost, ease of setup/upgrade, … etc.
• Military (NATO) requirementsMilitary (NATO) requirements• Two typesTwo types
1 - Large, essentially static headquarter requirements very similar to - Large, essentially static headquarter requirements very similar to commercial/corporate requirements (as above) - in some cases much commercial/corporate requirements (as above) - in some cases much higher levels of securityhigher levels of security
2 - Rapidly deployed headquarters and on-the-move connectivity for - Rapidly deployed headquarters and on-the-move connectivity for relatively short messages with “some” securityrelatively short messages with “some” security
- Tactical information generally needs to be protected for short periodsTactical information generally needs to be protected for short periods
• Commercial/Corporate requirementsCommercial/Corporate requirements• Higher throughputs Higher throughputs
– Larger populations of users (rapid office space reconfiguration/move, Larger populations of users (rapid office space reconfiguration/move, no wire/fiber infrastructure, “hot desk” policies, …,)no wire/fiber infrastructure, “hot desk” policies, …,)
– Applications require increasing capacities/digital info exchangeApplications require increasing capacities/digital info exchange• Security with acceptable riskSecurity with acceptable risk• Low cost, ease of setup/upgrade, … etc.Low cost, ease of setup/upgrade, … etc.
• Military (NATO) requirementsMilitary (NATO) requirements• Two typesTwo types
1 - Large, essentially static headquarter requirements very similar to - Large, essentially static headquarter requirements very similar to commercial/corporate requirements (as above) - in some cases much commercial/corporate requirements (as above) - in some cases much higher levels of securityhigher levels of security
2 - Rapidly deployed headquarters and on-the-move connectivity for - Rapidly deployed headquarters and on-the-move connectivity for relatively short messages with “some” securityrelatively short messages with “some” security
- Tactical information generally needs to be protected for short periodsTactical information generally needs to be protected for short periods
NATO UNCLASSIFIED9
We concentrate on the second:We concentrate on the second:
Rapidly deployed headquarters and on-the-move connectivity Rapidly deployed headquarters and on-the-move connectivity
for relatively short messages with “acceptable” securityfor relatively short messages with “acceptable” security- Tactical information is generally highly “perishable” and time Tactical information is generally highly “perishable” and time dependent : needs to be protected for short periodsdependent : needs to be protected for short periods
- Commercial/COTS security “Commercial/COTS security “may bemay be” acceptable ?” acceptable ?- 2 Kbyte text messages sent in a few msecs can typically replace 2 Kbyte text messages sent in a few msecs can typically replace voice messages of many minutesvoice messages of many minutes
- Electronic detection, jamming : Electronic detection, jamming : Microwave ovensMicrowave ovens
Moving WLAN frequency band reduces “microwave-oven jammer” Moving WLAN frequency band reduces “microwave-oven jammer” threat. Moving it to lower frequencies (e.g. MIL UHF band threat. Moving it to lower frequencies (e.g. MIL UHF band
225- 380 Mhz) also provides propagation/penetration advantages225- 380 Mhz) also provides propagation/penetration advantagesespecially in forest (Norway: wet, iced, …) environmentsespecially in forest (Norway: wet, iced, …) environments
We concentrate on the second:We concentrate on the second:
Rapidly deployed headquarters and on-the-move connectivity Rapidly deployed headquarters and on-the-move connectivity
for relatively short messages with “acceptable” securityfor relatively short messages with “acceptable” security- Tactical information is generally highly “perishable” and time Tactical information is generally highly “perishable” and time dependent : needs to be protected for short periodsdependent : needs to be protected for short periods
- Commercial/COTS security “Commercial/COTS security “may bemay be” acceptable ?” acceptable ?- 2 Kbyte text messages sent in a few msecs can typically replace 2 Kbyte text messages sent in a few msecs can typically replace voice messages of many minutesvoice messages of many minutes
- Electronic detection, jamming : Electronic detection, jamming : Microwave ovensMicrowave ovens
Moving WLAN frequency band reduces “microwave-oven jammer” Moving WLAN frequency band reduces “microwave-oven jammer” threat. Moving it to lower frequencies (e.g. MIL UHF band threat. Moving it to lower frequencies (e.g. MIL UHF band
225- 380 Mhz) also provides propagation/penetration advantages225- 380 Mhz) also provides propagation/penetration advantagesespecially in forest (Norway: wet, iced, …) environmentsespecially in forest (Norway: wet, iced, …) environments
NATO UNCLASSIFIED10
2.4 GHz ISM Band Allocations2.4 GHz ISM Band Allocations 2.4 GHz ISM Band Allocations2.4 GHz ISM Band Allocations
USA 2.4000 - 2.4835 GHz (BW 83.5 MHz)USA 2.4000 - 2.4835 GHz (BW 83.5 MHz)
Most of Europe as USAMost of Europe as USA
Japan 2.471 - 2.497 GHz (26 MHz)Japan 2.471 - 2.497 GHz (26 MHz)
France 2.465 - 2.4835 GHz (37 MHz)France 2.465 - 2.4835 GHz (37 MHz)
Spain 2.445 - 2.475 GHz (30 MHz) …...Spain 2.445 - 2.475 GHz (30 MHz) …...
USA 2.4000 - 2.4835 GHz (BW 83.5 MHz)USA 2.4000 - 2.4835 GHz (BW 83.5 MHz)
Most of Europe as USAMost of Europe as USA
Japan 2.471 - 2.497 GHz (26 MHz)Japan 2.471 - 2.497 GHz (26 MHz)
France 2.465 - 2.4835 GHz (37 MHz)France 2.465 - 2.4835 GHz (37 MHz)
Spain 2.445 - 2.475 GHz (30 MHz) …...Spain 2.445 - 2.475 GHz (30 MHz) …...
Was essentially driven by the initiation of microwave-oven manufacturing/proliferation ~ 3 decades agoWas essentially driven by the initiation of microwave-oven manufacturing/proliferation ~ 3 decades ago
NATO UNCLASSIFIED11
225 - 400 MHz Band225 - 400 MHz Band 225 - 400 MHz Band225 - 400 MHz Band
Harmonized Military Band within NATOHarmonized Military Band within NATO• Radio navigation band 328.600 - 335.400 MHzRadio navigation band 328.600 - 335.400 MHz• 380 - 385 & 390 - 395 recently assigned to 380 - 385 & 390 - 395 recently assigned to
emergency digital land systems (e.g. TETRA)emergency digital land systems (e.g. TETRA)• 385 - 390 & 395 - 400 MIL-TETRA by some nations385 - 390 & 395 - 400 MIL-TETRA by some nations• Many A/G/A & UHF SATCOM assignmentsMany A/G/A & UHF SATCOM assignments
• e.g ~ 3300 A/G/A assignments (each 25 KHz)e.g ~ 3300 A/G/A assignments (each 25 KHz)– HaveQuick & SATURN hopsetsHaveQuick & SATURN hopsets
• Various military radio relay assignmentsVarious military radio relay assignments
Realistically we should consider 225 - 380 MHz as the Realistically we should consider 225 - 380 MHz as the “Military” band available to NATO nations in future“Military” band available to NATO nations in future
Harmonized Military Band within NATOHarmonized Military Band within NATO• Radio navigation band 328.600 - 335.400 MHzRadio navigation band 328.600 - 335.400 MHz• 380 - 385 & 390 - 395 recently assigned to 380 - 385 & 390 - 395 recently assigned to
emergency digital land systems (e.g. TETRA)emergency digital land systems (e.g. TETRA)• 385 - 390 & 395 - 400 MIL-TETRA by some nations385 - 390 & 395 - 400 MIL-TETRA by some nations• Many A/G/A & UHF SATCOM assignmentsMany A/G/A & UHF SATCOM assignments
• e.g ~ 3300 A/G/A assignments (each 25 KHz)e.g ~ 3300 A/G/A assignments (each 25 KHz)– HaveQuick & SATURN hopsetsHaveQuick & SATURN hopsets
• Various military radio relay assignmentsVarious military radio relay assignments
Realistically we should consider 225 - 380 MHz as the Realistically we should consider 225 - 380 MHz as the “Military” band available to NATO nations in future“Military” band available to NATO nations in future
NATO UNCLASSIFIED12
Slide TitleSlide Title
NATO UNCLASSIFIED13
A Maritime ScenarioA Maritime Scenario
• Text• Text
–Text
• Text• Text
–Text
NATO UNCLASSIFIED14
Slide TitleSlide Title
NDRE/FFI (Norway) Trials in 2001NDRE/FFI (Norway) Trials in 2001
NATO UNCLASSIFIED15
Slide TitleSlide Title
Wireless LAN connectionWireless LAN connectionbetween aircraftbetween aircraft
Wireless LAN connectionWireless LAN connectionbetween aircraftbetween aircraft
NATO UNCLASSIFIED16
WAN
IP-ZKP/FE
FA #1
IP-Z
IP-Z
IP-Z
IP-Z
IP-Z
FA #2
FA #N
Key and Access Control Record (ACR)Requests, established over mobile IP links,through FA #1 or FA #2, ...N
Encrypted IP traffic, following key and ACRdelivery (physical link, non roaming)
HA
Physical link between Mobile Node and FAor between FA and WAN
IP CryptoKey-Processor andManagement STN
NATO UNCLASSIFIED17
M obile Node #1
(lab)W AN
NX-1010 IP CRYPTOFront-End
TestServer
NX-1010 IP CRYPTO
Laptop
802.11b Card
NX-1010 IP CRYPTO
Laptop
10B
T
10BT
M obile Node #2
10BT
V.35
V.35
802.11b Card
802.11b Card
satellite
600 ms 2Mbps, V.35
(SX-12)
terrestria
l
200 ms 128 kbps, V.35
(SX-12)
Foreign Agent-A-
Foreign Agent-B-
HomeAgent
IPSec tunnel
UH
F
UH
F
s0 e0
s0e0
UHF
UHF
IP CryptoFront-End Site
Com m . Tower
Com m . Tower
2.4 GHz ISM
ESP tunnel between m obilehosts and crypto front-end
(key d is tribution and SAm anagem ent)
802.11b peer-to-peer U H F link-m obile IP in terface-
(preferred fore ign agent)
ESP tunnel between m obile hosts
802.11b peer-to-peer U H F link-m obile IP in terface-
(back-up fore ign agent)
802.11b peer-to-peer U H F linkbetween m obile nodes
192.168.21.0/24
192.168.22.0/24
192.168.20.0/24
e1 e0
e2
e2
e1
e0
802.11b Card
802.11b Card
802.11b Card
Local D ock ing link (10BT )
Physica l L ink(10BT or V .35)
NX-1010AMAZIN
NX-1010SecurityModule
Combined Mobile-IP, UHF 802.11b and IP encryption Test Setup, v1.0 12.11.01
Link Legends
V35
V35
NATO UNCLASSIFIED18
SecuritySecuritySecuritySecurity
• Wired Equivalent Privacy 802.11 (WEP)Wired Equivalent Privacy 802.11 (WEP)• Can be compromised by recording traffic over the networkCan be compromised by recording traffic over the network
– Requires few days to many hours of recording - higher the data Requires few days to many hours of recording - higher the data rate smaller the recording periodrate smaller the recording period
• Updates being worked onUpdates being worked on
• Rijndael - Advanced Encryption Standard (AES)Rijndael - Advanced Encryption Standard (AES)• Replacement for DESReplacement for DES• NIST competition announced in 1997NIST competition announced in 1997
– Many submissions from Many submissions from 11 countries11 countries – Winner announced Oct 2000 Winner announced Oct 2000
– Rijndael (Vincent Rijmen & Joan Daemen (BE)Rijndael (Vincent Rijmen & Joan Daemen (BE)
• Wired Equivalent Privacy 802.11 (WEP)Wired Equivalent Privacy 802.11 (WEP)• Can be compromised by recording traffic over the networkCan be compromised by recording traffic over the network
– Requires few days to many hours of recording - higher the data Requires few days to many hours of recording - higher the data rate smaller the recording periodrate smaller the recording period
• Updates being worked onUpdates being worked on
• Rijndael - Advanced Encryption Standard (AES)Rijndael - Advanced Encryption Standard (AES)• Replacement for DESReplacement for DES• NIST competition announced in 1997NIST competition announced in 1997
– Many submissions from Many submissions from 11 countries11 countries – Winner announced Oct 2000 Winner announced Oct 2000
– Rijndael (Vincent Rijmen & Joan Daemen (BE)Rijndael (Vincent Rijmen & Joan Daemen (BE)
Does knowing the algorithm make a cipher implementation Does knowing the algorithm make a cipher implementation vulnerable ?vulnerable ?
Does knowing the algorithm make a cipher implementation Does knowing the algorithm make a cipher implementation vulnerable ?vulnerable ?
NATO UNCLASSIFIED19
Slide TitleSlide Title
• Rijndael• Rijndael
NATO UNCLASSIFIED20
Slide TitleSlide Title
• Rijndael• Rijndael
NATO UNCLASSIFIED21
Slide TitleSlide Title
• Rijndael• Rijndael
NATO UNCLASSIFIED22
Slide TitleSlide Title
• Rijndael• Rijndael
NATO UNCLASSIFIED23
ConclusionsConclusionsConclusionsConclusions
• There is a dichotomy between corporate/COTS needs for There is a dichotomy between corporate/COTS needs for WLANs and one important class of military requirementsWLANs and one important class of military requirements• Wireless connectivity for a small (at most few tens) number of Wireless connectivity for a small (at most few tens) number of
users/units on-the-move and for rapid deployment/redeployment users/units on-the-move and for rapid deployment/redeployment in e.g. forest (dense, wet, iced) environmentsin e.g. forest (dense, wet, iced) environments
• 802.11 in the MIL UHF band (225 - 400/380 MHz) is a good 802.11 in the MIL UHF band (225 - 400/380 MHz) is a good solution - spectrum clearance ?solution - spectrum clearance ?
– Removes microwave-jammer threat, longer propagation rangesRemoves microwave-jammer threat, longer propagation ranges
• There is a dichotomy between corporate/COTS needs for There is a dichotomy between corporate/COTS needs for WLANs and one important class of military requirementsWLANs and one important class of military requirements• Wireless connectivity for a small (at most few tens) number of Wireless connectivity for a small (at most few tens) number of
users/units on-the-move and for rapid deployment/redeployment users/units on-the-move and for rapid deployment/redeployment in e.g. forest (dense, wet, iced) environmentsin e.g. forest (dense, wet, iced) environments
• 802.11 in the MIL UHF band (225 - 400/380 MHz) is a good 802.11 in the MIL UHF band (225 - 400/380 MHz) is a good solution - spectrum clearance ?solution - spectrum clearance ?
– Removes microwave-jammer threat, longer propagation rangesRemoves microwave-jammer threat, longer propagation ranges
Small but important marketSmall but important marketSmall but important marketSmall but important market• SecuritySecurity
• Improved WEPImproved WEP
• Rijndael / AESRijndael / AES
• SecuritySecurity
• Improved WEPImproved WEP
• Rijndael / AESRijndael / AES
PPaper & these slides may be found at www.NC3A.info/Briefings/MPRGPPaper & these slides may be found at www.NC3A.info/Briefings/MPRG