List the problems with 3G (UMTS) security. Are they addressed in LTE?

a.       Physical Layer issues

                                      i.      Coverage

                                    ii.      Harshness of Radio Channel

b.      Signals leak outside desired perimeters

                                      i.      Eavesdropping

                                    ii.      Ease of attaching to network

c.       Mac layer issues

                                      i.      Shared broadcast medium

                                    ii.      Performance

                 The problem of 3G UMTS security which are mentioned above also the exist into the LTE because 4G LTE is the advanced form of 3G and the these are also stated in LTE.

b)     State one major security aspect that exists in LTE but not in UMTS.

There are some important security aspects or elements exist in LTE which are not in the UMTS. The key security aspects are as follows;

·      Re use of UMTS authentication and key agreement (AKA)

·      Greater protection for backhaul

·      Integrated interworking security for legacy and non 3GPP network

c)      In LTE we have 5 domain security, if a valid KeNB is compromised, then which domain security is in danger? What about KASME?

The USIM and Authentication Centre (AuC) in the key hierarchical system share secret information (key k) in advance similarly as the key shared in the network.

·      Mutual authentication between the network and user executed by using Authentication and Key Management (AKA), keys are generated for integrity protection (key IK) and encryption (key CK) and respectively keys are passed from USIM to mobile equipment (ME) and AuC to HSS.

·      Key generation function used to generate KASME by ME and HSS from the key pair CK, IK based on the ID of the visited network. HSS in the network side ensures that KASME can be used by the visited network by building the correspondence of KASME key. To serve as essential data on the key hierarchy KASME is exchanged from the HSS to MME of the visited network.

·      Keys KNASenc and KNASint for NAS protocol encryption and integrity protection between the MME and the UE are generated from KASME.

·      MME generates KeNB key when the UE is associated to the network and passes key to the eNB. The KUPsec key for user plane encryption, the KRRCenc and KRRCint keys for Radio Resource Control (RRC) encryption and integrity protection are generated from the KeNB.

d)     List 2 possible threats that exist in both LTE and UMTS

·      Tracking identity, privacy or the devices using both network protocols is the common threat to both LTE and UMTS.

·      Jamming as well as freezing the handset or the network equipment

·      Manipulation control plane or the user plane data

e)      Provide some mitigation to the threats that you mentioned in (c)

To mitigate the threats in the network, some techniques may be applied to prevent from those attacks such as using the encryption for sending and receiving data. Access control should be considered as well as backing up the data.

Question 3

(a)        Bluetooth uses a Challenge-Response mechanism for authentication. Draw a brief illustration of the authentication process like the ones that we’ve mentioned for other wireless systems

(b)        Describe the weakness in Bluetooth security with 30 words or fewer (no point for too many words)

The Bluetooth security has some key weaknesses listed in this document.

·         No integrity checks

·         Not prevention of reply attacks

·         Man, in the middle attacks

·         Sometime: default = no security

·         Radio jamming attacks

·         Buffer overflow attacks

(c)         List all the security features that are supported by 802.15.4 (Zigbee)

·         Confidentiality

·         Replay Protection

·         Access control and message integrity

Question 4

In the given authentication processes, it is shown that the location of the home agent is pointing A, B is the location of the corresponding node (CN) and C is the location of MN. The mobile node which is actually a user of the device requests the corresponding node for authentication. CN generates key and sends it to the C and its request will be transferred to the home agent that authenticates.

Question 5

a)      What are the possible security threats/attacks on VANET?

Vehicles are the nodes in VANET with mobility. So, it does not fix the infrastructure but it serves both safe as well as non-safe applications in the wireless network medium. Because of this problem or weakness, it is very vulnerable and is a great opportunity for several types of threats and attacks in VANET. The possible attacks are listed below.

·         Attacks on Confidentiality

·         Privacy

·         Attacks on integrity

·         Attacks on availability

·         Replay Attack

·         Position faking

·         GPS Spoofing

·         Wormhole attack

·         Blackhole attack

·         Broadcast tempering

b)     What security services will be provided?

Some important security services are provided to VANET to increase security as well as prevent threats and attacks that may be harmful to vehicles. An authentication service is provided that prevents any unexpected entrance or activity in VANET. In some scenarios, confidentiality service is also provided to prevent the attacks as well as to prevent data leak of the user.

c)      What security mechanisms will you provide to achieve the services?

The default security mechanism will be provided to achieve the security services in VANET. The reason for selecting the default mechanism and framework is that the threat and vulnerabilities still in VANET and they need to be more developmental techniques and work, so it is decided to select the default mechanism.