15.3. Current Security Approaches in Wireless Networks

Unlike wired networks that have some degree of physical security, physical security in wireless networks is impossible to achieve on wireless links (because of their broadcast nature) and, therefore, security attacks on information flow can be widespread (e.g., passive interception of data, active injection of traffic, and overloading the access point with garbage packets). Modification of information is possible because of the nature of the channel and the mobility of nodes. The radio channel is harsh and subject to interference, fading, multipath, and high error rates. As a result, packet losses are common even without security threats. An opponent can make use of these natural impairments to modify information and also render the information unavailable.

Most wireless networks use mild variations of wired security mechanisms. The primary vulnerabilities in the past were fraud and exposure of information and, thus, only confidentiality (privacy of voice calls) and identification (entity authentication) are given importance in second-generation (2G) wireless networks. For this, they employ challenge-response schemes [10]. The key sizes range from 40–128 bits, in many cases being insufficient for good security. The security mechanisms are not designed from the perspective of data integrity or potential attacks like replay or overload. The drawbacks of existing security in wireless networks, ranging from the flaws in encryption algorithms in the Global System for Mobile Communications (GSM), Cellular Digital Packet Data (CDPD), Bluetooth, and IEEE 802.11 to the more obvious protocol flaws, are discussed in many papers (e.g., see Fluhrer et al. [11] for attacks on RC-4 used in CDPD and IEEE 802.11). Third-generation wireless systems and emerging standards address some of these drawbacks. The Kasumi algorithm (for confidentiality) and the Milenage algorithm (for authentication) employed by the third-generation partnership project (3GPP) use larger key sizes (128 bits long) and stronger algorithms [12]. There are also mechanisms for data integrity and message authentication. In CDPD and in 3GPP, two sets of identification information are maintained: the latest update and the previous one in case the latest update is lost due to bad radio conditions [12]. The IEEE 802.11i standard proposes the use of the advanced encryption standard (AES) in one of its many modes of operation (countermode) for WLANs with 802.1X entity authentication for IEEE 802.11 WLANs [13]. Key management makes use of preinstalled master keys (or passwords) that are used with nonces to generate fresh session keys. Research groups have also suggested the use of IPSec at the network layer for all IP traffic on the air. Very little work exists in the evaluation of security of backhaul wireless mesh networks.

Security for sensor networks is still in the research stage. Threats to sensor networks can be at the physical layer (e.g., jamming), eavesdropping of sensed data, attacks against routing of data through multiple hops, corruption of fused or aggregated data by compromised nodes, and so on. The IEEE 802.15.4 low-rate wireless personal area networking standard employs mechanisms similar to IEEE 802.11i (AES countermode and cipher-block chaining message authentication code) for security. However, key distribution and management in sensor networks is not simple (see the case study in Section 15.6.3). The interested reader is referred to Djenouri et al. [14] for a survey of security issues in the superset of ad hoc networks; to Zheng et al. [15] for security in low-rate wireless networks; and to Shi and Perrig [16] for a discussion of design issues for security in sensor networks.