a.
Physical
Layer issues
i.
Coverage
ii.
Harshness
of Radio Channel
b.
Signals
leak outside desired perimeters
i.
Eavesdropping
ii.
Ease
of attaching to network
c.
Mac
layer issues
i.
Shared
broadcast medium
ii.
Performance
The problem of 3G UMTS security
which are mentioned above also the exist into the LTE because 4G LTE is the
advanced form of 3G and the these are also stated in LTE.
b)
State one major security aspect that exists in LTE but
not in UMTS.
There are some
important security aspects or elements exist in LTE which are not in the UMTS. The
key security aspects are as follows;
·
Re
use of UMTS authentication and key agreement (AKA)
·
Greater
protection for backhaul
·
Integrated
interworking security for legacy and non 3GPP network
c)
In LTE we have 5 domain security, if a valid KeNB is
compromised, then which domain security is in danger? What about KASME?
The USIM and Authentication Centre
(AuC) in the key hierarchical system share secret information (key k) in
advance similarly as the key shared in the network.
·
Mutual
authentication between the network and user executed by using Authentication
and Key Management (AKA), keys are generated for integrity protection (key IK)
and encryption (key CK) and respectively keys are passed from USIM to mobile
equipment (ME) and AuC to HSS.
·
Key
generation function used to generate KASME by ME and HSS from the key pair CK,
IK based on the ID of the visited network. HSS in the network side ensures that
KASME can be used by the visited network by building the correspondence of
KASME key. To serve as essential data on the key hierarchy KASME is exchanged
from the HSS to MME of the visited network.
·
Keys
KNASenc and KNASint for NAS protocol encryption and integrity protection
between the MME and the UE are generated from KASME.
·
MME
generates KeNB key when the UE is associated to the network and passes key to
the eNB. The KUPsec key for user plane encryption, the KRRCenc and KRRCint keys
for Radio Resource Control (RRC) encryption and integrity protection are
generated from the KeNB.
d)
List 2 possible threats that exist in both LTE and UMTS
·
Tracking
identity, privacy or the devices using both network protocols is the common
threat to both LTE and UMTS.
·
Jamming
as well as freezing the handset or the network equipment
·
Manipulation
control plane or the user plane data
e)
Provide some mitigation to the threats that you mentioned
in (c)
To mitigate the
threats in the network, some techniques may be applied to prevent from those
attacks such as using the encryption for sending and receiving data. Access
control should be considered as well as backing up the data.
Question 3
(a)
Bluetooth
uses a Challenge-Response mechanism for authentication. Draw a brief illustration of the
authentication process like the ones that we’ve mentioned for other wireless systems
(b)
Describe
the weakness in Bluetooth security with 30 words or fewer (no point for too
many words)
The Bluetooth
security has some key weaknesses listed in this document.
·
No
integrity checks
·
Not
prevention of reply attacks
·
Man,
in the middle attacks
·
Sometime:
default = no security
·
Radio
jamming attacks
·
Buffer
overflow attacks
(c)
List
all the security features that are supported by 802.15.4 (Zigbee)
·
Confidentiality
·
Replay
Protection
·
Access
control and message integrity
Question 4
In the given authentication processes, it is shown that the location
of the home agent is pointing A, B is the location of the corresponding node
(CN) and C is the location of MN. The mobile node which is actually a user of
the device requests the corresponding node for authentication. CN generates key
and sends it to the C and its request will be transferred to the home agent that
authenticates.
Question 5
a)
What are the possible security threats/attacks on VANET?
Vehicles
are the nodes in VANET with mobility. So, it does not fix the infrastructure
but it serves both safe as well as non-safe applications in the wireless
network medium. Because of this problem or weakness, it is very vulnerable and is
a great opportunity for several types of threats and attacks in VANET. The
possible attacks are listed below.
·
Attacks
on Confidentiality
·
Privacy
·
Attacks
on integrity
·
Attacks
on availability
·
Replay
Attack
·
Position
faking
·
GPS
Spoofing
·
Wormhole
attack
·
Blackhole
attack
·
Broadcast
tempering
b)
What security services will be provided?
Some
important security services are provided to VANET to increase security as well
as prevent threats and attacks that may be harmful to vehicles. An authentication
service is provided that prevents any unexpected entrance or activity in VANET.
In some scenarios, confidentiality service is also provided to prevent the
attacks as well as to prevent data leak of the user.
c)
What security mechanisms will you provide to achieve
the services?
The default
security mechanism will be provided to achieve the security services in VANET. The
reason for selecting the default mechanism and framework is that the threat and
vulnerabilities still in VANET and they need to be more developmental
techniques and work, so it is decided to select the default mechanism.