supported by the party authentication to improve roaming
TRANSCRIPT
UCLouvain - BelgiumIP Networking Lab - http://inl.info.ucl.ac.be
Damien LEROY
BELNET Security Conference - April 30th, 2009
Using tunnels and three party authentication to
improve roaming security
Supported by the Walloon Region
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labContent
(I) Introduction to WiFi Roaming
(II) Remote authentication : risks for the visited network
(III) Security risks for the mobile user
(IV) Solutions based on VPN
(V) ALAWN project
2
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labContent
(I) Introduction to WiFi Roaming
(II) Remote authentication : risks for the visited network
(III) Security risks for the mobile user
(IV) Solutions based on VPN
(V) ALAWN project
3
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
F
“WiFi Roaming”
4
HInternet
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
F
“WiFi Roaming”
4
HInternet
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
F
“WiFi Roaming”
4
HInternet
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labScenario 1 : Open WiFi Access
5
H
F
Internet
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labScenario 1 : Open WiFi Access
5
H
F
Internet
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labScenario 1 : Open WiFi Access
6
F
HInternet
ILLEGAL ACTIVITIES
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
F
Scenario 1 : Open WiFi Access
7
HInternet
?
!!!!!!
!!!!!!
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labScenario 2 : Temporary credentials
8
H
F
Internet
Auth.
server
tempusername+
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labScenario 3 : Remote authentication
9
H
F
Internet
user: smith@H-Networkpasswd : in H
Auth.
server
Auth.
server
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labScenario 3 : Remote authentication
9
H
F
Internet
user: smith@H-Networkpasswd : in H
Auth.
server
Auth.
server
Auth.
server
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labContent
(I) Introduction to WiFi Roaming
(II) Remote authentication : risks for the visited network
(III) Security risks for the mobile user
(IV) Solutions based on VPN
(V) ALAWN project
10
Authenticated Wireless Roaming via Tunnels: Making Mobile Guests Feel at Home
M. Manulis, D. Leroy, F.K., O.B., JJ.Q.UCL Belgium, March 2009
IP networking labThe Eduroam Project
eduroamEurope
eduroamAPAN
CSC
CSC
UNINETT
SUNET
UNI!C
EENet
LANET
LITNET
TERENA
SURFnetUKERNA
HEAnet
BELNETRESTENA
RENATER
FCCN
DFN
GARR
ARNES
CESNET
ACOnet
PIONIER
SWITCH
CARNet
BREN
HUNGARNET
RoEduNet
GRNET
RHnet
European Root
RedIRIS
CYNET
AARNet
NCHCUESTC
APAN Root
NRENs that have joined
NRENs that are in the process of joining
PolyU
NII
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
Authentication within Eduroam
12
Stockholms universitet
Internet
SU SUuser: [email protected]
RADIUS
server
SwedishAuthority
BelgianAuthority
IEEE802.1XTTLS+PAP
RADIUS
server
RADIUS
serverRADIUS
server
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
Roaming with Eduroam
13
Stockholms universitet
Internet
user: [email protected] SU
RADIUS
server
RADIUS
server
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
Roaming with Eduroam
13
Stockholms universitet
Internet
http://www.swedbank.se/
user: [email protected] SU
RADIUS
server
RADIUS
server
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
Roaming with Eduroam
13
Stockholms universitet
Internet
user: [email protected] SU
RADIUS
server
RADIUS
server
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
User abuse : Access to illegal data
14
Stockholms universitet
Internet
SU SU
Auth.
server
Auth.
server
user: [email protected]
ILLEGAL ACTIVITIES
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
Auth.
server
User abuse : Access to illegal data
15
Stockholms universitet
Internet
!!!!!!
!!!!!!
SU SU
Auth.
server
SwedishAuthority
Auth.
server
BelgianAuthority
Auth.
server
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
Auth.
server
User abuse : Attack on the Internet
16
Stockholms universitet
InternetSPAM
SPAM
SPAM
SPAM
SPAM
SU SU
user: [email protected]
Auth.
server
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Score each mail based on :
How do spam filters work ?
๏ Content : “viagra”, “diploma”, “free videos”, ...
๏ “Packaging” :Large images, lots of receivers, ...
๏ Well known spam-sender (often attacked hosts)Based on shared databases
17
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Score each mail based on :
How do spam filters work ?
๏ Content : “viagra”, “diploma”, “free videos”, ...
๏ “Packaging” :Large images, lots of receivers, ...
๏ Well known spam-sender (often attacked hosts)Based on shared databases
17
high score -> mark as spam
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Score each mail based on :
How do spam filters work ?
๏ Content : “viagra”, “diploma”, “free videos”, ...
๏ “Packaging” :Large images, lots of receivers, ...
๏ Well known spam-sender (often attacked hosts)Based on shared databases
17
high score -> mark as spam
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
How are these databases built up?
How do spam filters work ?
๏ Based on previous “mass spam” activities
๏ Based on IP addresses of senders
๏ Open databases
18
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
Auth.
server
User abuse : Attack on the Internet
19
Stockholms universitet
InternetSPAM
SPAM
SPAM
SPAM
SPAM
SU SU
user: [email protected]
Auth.
server
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
Auth.
server
User abuse : Attack on the Internet
19
Stockholms universitet
InternetSPAM
SPAM
SPAM
SPAM
SPAM
SU SU
user: [email protected]
Auth.
server
In PYZOR database : add 130.104.*.* (=UCL)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
Auth.
server
User abuse : Attack on the Internet
20
Stockholms universitet
Internet
PYZOR database : ...130.104.*.* (=UCL)...
UCLUCL
UCL
UCL
SU SU
Auth.
server
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labAccess control based on IP
๏ Some services (e.g., website) have their access control based on source IP.
‣ Digital libraries
‣ Intranet
‣ ...
๏ The mobile user will have access to these services ! (more complex filtering could be added)
21
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Summary
Security risks for visited network
22
Open WiFi Temp. cred. Remote auth.
User authentication
Administrative cost
Ease of use (for user)
Blacklisting based on IP
Access based on IP
Attack on the infrastruct.
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labContent
(I) Introduction to WiFi Roaming
(II) Remote authentication : risks for the visited network
(III) Security risks for the mobile user
(IV) Solutions based on VPN
(V) ALAWN project
23
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
F
H
Stealing credentials
24
Internet
user: [email protected]
RADIUS
server
3rd partyAuthority
IEEE802.1XTTLS+PAP
RADIUS
server
RADIUS
server
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
F
H
Pharming
25
Internet
http://www.google.com
SU SU
http://www.google.com
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
F
H
Sniffing
26
Internet
SU SU
RADIUS
server
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
F
H
Fake Access Point
27
Internet
SU SU
user: [email protected]
RADIUS
server
IEEE802.1XTTLS+PAP
RADIUS
server
SSID:EDUROAM
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
F
H
Fake Access Point
27
Internet
SU SU
user: [email protected]
RADIUS
server
IEEE802.1XTTLS+PAP
RADIUS
server
SSID:EDUROAM
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
F
H
Fake Access Point
27
Internet
SU SU
user: [email protected]
RADIUS
server
IEEE802.1XTTLS+PAP
RADIUS
server
SSID:EDUROAM
It is able to :• steal cred.• do pharming• sniff traffic
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labSecurity risks for F and M
28
Open WiFi Temp. cred. Remote auth.
User authenticationAdministrative cost for F
Ease of use (for user)Blacklisting based on IP
Access based on IPAttack on the infrastruct.
F maliciousFake access point
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labContent
(I) Introduction to WiFi Roaming
(II) Remote authentication : risks for the visited network
(III) Security risks for the mobile user
(IV) Solutions based on VPN
(V) ALAWN project
29
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
VPN
30
Stockholms universitet
Internet
SU SU
For the user : via username/pwd (or certificate)
For the home network : via certificate or no auth (cert must be distributed !)
VPN server
authentication
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
VPN
30
Stockholms universitet
Internet
SU SU
For the user : via username/pwd (or certificate)
For the home network : via certificate or no auth (cert must be distributed !)
VPN server
authentication
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
VPN
31
Stockholms universitet
Internet
SU SU
VPN server
http://ww
w.sw
edbank.se/
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
VPN
31
Stockholms universitet
Internet
SU SU
VPN server
http://www.swedbank.se/
http://ww
w.sw
edbank.se/
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Yes because :
VPN, a solution for previous issues ?
๏ The requests are sent with the IP address of the home network
๏ If M sends spam over the Internet, only his home network is blamed
๏ It protects the user from a malicious visited network
32
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Yes but :
VPN, a solution for previous issues ?
๏ Only authentication between H and M :
‣ F does not authenticate / know M and H
‣ M does not always check H auth (F can do pharming)
๏ On user’s demand
‣ If M wants to meet some security goals
‣ F cannot force M to create VPN to H
33
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
The previous table, updated
VPN, a solution for previous issues ?
34
Remote auth. VPN
User authentication (by F)Administrative cost for F
Ease of use (for user)Blacklisting based on IP
Access based on IPAttack on the infrastruct.
F maliciousFake access point
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
How ?
Combining IEEE802.1X and VPN
๏ Firewall of F blocks everything
๏ User connects with his credentials for IEEE802.1X
๏ F opens the VPN port as destination port, only from this user, and to its home network (inferred from IEEE802.1X)
35
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Using both IEEE802.1X and VPN to reach security goals is possible. But :
Combining IEEE802.1X and VPN
๏ Need both infrastructures
๏ Once the user is authenticated, how the tunnel is forced to H ?
‣ Filtering based on IEEE8021.X decision ?
๏ Two init phases can take some time (few seconds) to succeed
36
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labContent
(I) Introduction to WiFi Roaming
(II) Remote authentication : risks for the visited network
(III) Security risks for the mobile user
(IV) Solutions based on VPN
(V) ALAWN project
37
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Some words about the project
The ALAWN project
๏ A Walloon Region project
๏ In collaboration with :
‣ CRID (Research Centre on IT and Law - FUNDP - Namur)
‣ Crypto Group - UCL
‣ IP Networking Lab - UCL
38
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
The proposal - Step 1
39
Stockholms universitet
Internet
SU SU
RADIUS
server
RADIUS
server
RADIUS
server
RADIUS
server
3-party
crypto authentication
& key exchange
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
The proposal - Step 2
40
Stockholms universitet
Internet
SU SU
RADIUS
server
RADIUS
server
RADIUS
server
RADIUS
server
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
The proposal - Step 2
40
Stockholms universitet
Internet
SU SU
RADIUS
server
RADIUS
server
RADIUS
server
RADIUS
server
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
The proposal
41
Stockholms universitet
Internet
SU SU
http://www.swedbank.se/
http
://www.sw
edban
k.se/
RADIUS
server
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Goals for the protocol
Remote Auth. and Key Exchange (RAKE)
๏ Authentication between M, H and F
๏ Key exchange
๏ (Negotiation of session parameters)
42
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Authentication
S
Security Goals
43
H
FM
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Authentication
S
Security Goals
๏ H must authenticate M as one of the registered mobile devices
๏ M must authenticate H as its home network
43
H
FM
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Authentication
S
Security Goals
๏ H must authenticate M as one of the registered mobile devices
๏ M must authenticate H as its home network
43
H
FM
๏ F must authenticate H as a roaming partner
๏ H must authenticate F as a roaming partner
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Authentication
S
Security Goals
๏ H must authenticate M as one of the registered mobile devices
๏ M must authenticate H as its home network
43
H
FM
๏ F must authenticate H as a roaming partner
๏ H must authenticate F as a roaming partner
๏ F trusts H to correctly authenticate M
๏ M trusts H to correctly authenticate F
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Key establishment
S
Security Goals
44
H
FM
๏ Protection of communication between M, H and F
➡ KT (tunnel key)
๏ End-to-end protection
➡ KM,H (end-to-end key)
KM,H; KT
KM,H; KT
KT
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
KT, the key shared between H-F-M
What are the keys used for ?
๏ To infer the key used for “wireless” communication
๏ To negotiate connection parameters (when it stops, accounting, mobility, ...)
45
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
KM,H, the key shared between H and M
What are the keys used for ?
๏ For fully-encrypting the communication between M and H
๏ To negotiate connection parameters that should not be known/modified by F, shared between H and M
46
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Additional constraints
RAKE protocol
๏ RTT should be as low as possible
๏ The mobile device should not do “hard computation”
47
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labThe protocol in itself (simplified)
48
SU SUAuth.
server
M FAuth.
server
HF|rF
M|rM|H
Internet
F|rF|M|rM
sid=F|rF|M|rM|H|rH
kt=PRFkM(0,sid)X=EncekF(kt)
μH=MACαM(0,sid)
rH|X|μH|σH(∗)kt=DecdkF(X)rH|μH
kt=PRFkM(0,sid)KT =PRFkt(1,sid)KM,H = PRFkM(2,sid)μM=MACαM(1,sid)
μMKT =
PRFkt(1,sid)μM,σF(∗)
KT =PRFkt(1,sid)KM,H = PRFkM(2,sid)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labThe protocol in itself
๏ A full security model has be defined
๏ Protocol has been proved
๏ For the ones interested in details : M. Manulis, D. Leroy, F. Koeune, O. Bonaventure and J.-J. Quisquater,
Authenticated Wireless Roaming via Tunnels: Making Mobile Guests Feel at Home, Proceedings of the ACM Symposium on
Information, Computer and Communications Security (ASIACCS 2009),
Sydney, Australia, March 2009
49
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Additional constraints, results
RAKE protocol
๏ RTT should be as low as possible
๏ The mobile device should not do “hard computation”
50
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
The proposal
51
Stockholms universitet
Internet
SU SU
RADIUS
server
RADIUS
server
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
The proposal
51
Stockholms universitet
Internet
SU SU
RADIUS
server
RADIUS
server
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labWhy using a tunnel ?
๏ Tunnel from F to H is not encrypted, it is only used to permit M to send packet to his home network
๏ Technical interests have been shown at the beginning of the presentation
๏ We showed with CRID that it also has legal advantages : R. Robert, M. Manulis, F. De Villenfagne, D. Leroy, J. Jost, F. Koeune, C. Ker, J.-M. Dinant, Y. Poullet, O. Bonaventure, and J.-J. Quisquater, WiFi Roaming: Legal Implications and Security Constraints, Int. J. of Law and Information Technology 2008 16: 205-241
52
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labTechnical choices
๏ The RAKE protocol :
‣ Extending IEEE802.1X (EAP)
๏ The tunnel :
‣ Use a L2TP tunnel
๏ Encryption between H and M :
‣ Optional
‣ Using IPSec (ESP)
53
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labExtending 802.1X for RAKE
๏ IEEE802.1X is now widely used
๏ It uses EAP (the Extensible Authentication Protocol) for authentication
๏ EAP can be easily extended
54
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
How does IEEE802.1X work ?
Extending 802.1X for RAKE
55
RADIUS
server
physical layer connection PORTBLOCKED
EAP start
EAP-request identity
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
How does IEEE802.1X work ?
Extending 802.1X for RAKE
55
RADIUS
server
physical layer connection PORTBLOCKED
EAP start
EAP-request identity
EAP-response identity : dleroy
(in RADIUS packet)EAP-response identity : dleroy
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
How does IEEE802.1X work ?
Extending 802.1X for RAKE
55
RADIUS
server
physical layer connection PORTBLOCKED
EAP start
EAP-request identity
EAP-response identity : dleroy
(in RADIUS packet)EAP-response identity : dleroy
EAP requests/responses following the EAP method
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
How does IEEE802.1X work ?
Extending 802.1X for RAKE
55
RADIUS
server
physical layer connection PORTBLOCKED
EAP start
EAP-request identity
EAP-response identity : dleroy
(in RADIUS packet)EAP-response identity : dleroy
EAP requests/responses following the EAP method
EAP-success EAP-success PORTOPEN
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
How does IEEE802.1X work ?
Extending 802.1X for RAKE
55
RADIUS
server
physical layer connection PORTBLOCKED
EAP start
EAP-request identity
EAP-response identity : dleroy
(in RADIUS packet)EAP-response identity : dleroy
EAP requests/responses following the EAP method
EAP-success EAP-success PORTOPEN
Ethernet or WiFi (keys derived from previous negotiations)
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
We have implemented it
Extending 802.1X for RAKE
๏ In “Host AP” project (hostapd & wpa_supplicant)
๏ An open-source implementation
๏ hostapd works with most Linux & BSD drivers
๏ wpa_supplicant works with most Linux, BSD & Windows drivers
56
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labExtending 802.1X for RAKE
๏ In next months, we would like to test it in real situations
๏ With hostap :
‣ On laptop and mobile devices
‣ On access point (on OpenWRT OS)
‣ On basic Linux server
๏ If you want to test the protocol in your network in a few months... please ask us
57
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
Tunnel between F and H
58
Stockholms universitet
Internet
SU SU
RADIUS
server
RADIUS
server
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
Tunnel between F and H
58
Stockholms universitet
Internet
SU SU
RADIUS
server
RADIUS
server
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
A L2TP tunnel
Tunnel between F and H
๏ The AP acts as layer 2 bridge
๏ Advantages:‣ Even the IP address is allocated by H
‣ Do not have to rely on F technical config (e.g., IPv4/v6)
‣ Less security risks for F
‣ Transparent for M (the host and the user)
59
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labOn Expected Increase of Latencies
๏ For each request, a RTT “H-F” is added
60
‣ City : 30-60ms for residential hosts (3-4ms for well-connected hosts) [LP03]
‣ Country (USA): <150ms [LP03]
‣ Intercontinental : <250ms for 90% residential [DHGS07]
๏ ITU-T recommendations: one-way latency <400ms may be acceptable (e.g., VoIP)
S
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
UCL
Encryption between M and H
61
Stockholms universitet
Internet
SU SU
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labEncryption between M and H
๏ Kept optional (negotiated)
๏ Using KM,H (only known by M and H)
๏ Encryption method negotiated
‣ more suitable : IPSec ESP in tunnel mode
62
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking labComparison with previous solutions
63
Remote auth. VPN RAKE
User authentication (by F)Administrative cost for F
Ease of use (for user)Blacklisting based on IP
Access based on IPAttack on the infrastruct.
F maliciousFake access point
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Constraints
Summary on our proposal
✓ The tunnel increases the latency for some destinations
✓ The partnership has to be decided earlier
✓ Need (light) modifications of host, AP or the egress router, and authentication server.
64
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Advantages
Summary on our proposal
✓ If the user sends spam, the user’s home network is blamed (and blacklisted), not the visited network
✓ Visited network does not care about the user activities
✓ Traffic can be encrypted
65
Security of WiFi RoamingBSC 2009
D. LeroyUCL Belgium, Apr 2009
IP networking lab
Advantages
Summary on our proposal
✓ Tunnel is initiated (and forced) by F and H, not by the user
✓ H does verify F authentication (>< TTLS)
✓ Same services as “at home”
66