Wireless Security: Challenges and Solutions


These days, companies and individuals have started to use wireless devices for important communications such as personalized email, mobile commerce activities, corporate data transmission etc. Apart from voice communication, data communication is also being done through  mobile devices. This is possible due to very high advancement happened in wireless technology industry.

At the same time, as wireless platforms mature, grow in popularity and store valuable information, hackers are also stepping their evil efforts on these new gadgets. As any other medium of communication and commerce, wireless has not been spared of insidious attacks. The wireless industry has been hit particularly hard by the illegal use of resources and the violation of privacy and access to confidential data.   One major reason for this insecurity is due to the fact that these tiny, Internet access-capable and intelligent devices were not designed at the beginning with security aspect as a top priority. 

 Wireless security also, as with wireline security, boils down to protecting information and preventing unauthorized system access. The challenge here is to implement security in small-footprint devices with low processing power and small memory capacities and that use unreliable, low bandwidth wireless networks. Here we are to see the major wireless technologies and how they are implementing security aspect. In the recent past, wireless security has been an important area of product research and development.

Wireless Technologies and Security Flaws

LAN Standard - The  IEEE 802.11 wireless LAN standard is rapidly gaining popularity. This technology's security mechanism is the wired equivalent privacy (WEP) protocol. Encrypting data with WEP protects the wireless link between clients and access points. Wireless network administrators provide a WEP-algorithm-based key for each authorized user, thereby denying access to anyone without an assigned key. 

 Flaws in the WEP algorithms used in these networks can open the wireless intranets to frauds of various types. If access to intranets using wireless VPNs is not guarded adequately at the handset level using access passwords and other security mechanisms, technical frauds like cloning or handset thefts can leave corporate networks vulnerable. 

Wireless Application Protocol (WAP) - WAP-compliant devices can access the Internet resources. WAP specifies the Wireless Transport Layer Security (WTLS) protocol, which is similar to the Internet's transport layer security protocol. WTLS provides authentication, data integrity, and privacy services within wireless technologies' limited processing power, memory capacity and bandwidth. WTLS generally uses RSA-based cryptography and it can also use elliptic-curve cryptography (ECC), which provides a high level of security while demanding fewer computing  and memory resources than other encryption approaches. 

Many e-commerce and corporate sites use SSL-based security. Therefore, a transmission to such a site from a WAP phone must first pass through a gateway that converts the encryption formatting from WTLS to SSL. During the conversion process, the message is very briefly unencrypted and hence interception by hackers is possible.

Types of Wireless Attacks

Wireless attacks can be divided into two categories: technical and subscription attacks. 

Technical attacks include cloning and hacking. Using scanning equipments, the mobile serial numbers and/or equipment numbers of one mobile handset can be stolen and programmed into another handset. SIM cloning involves making replicas of SIM cards, which hold user subscription information. Other types of attack involve hacking into the carrier's systems to access and manipulate subscription records.

With better authentication and encryption techniques being employed in digital networks, technical frauds like cloning and hacking are becoming relatively difficult to commit. However, newer technical developments such as Local Number Portability (LNP) and advanced roaming capabilities in the next-generation networks will open up newer opportunities for committing technical attack.

Compared to technical attack, subscription attack is more prevalent and is growing. False or stolen identities are used to acquire subscriptions that can never be properly billed to the defrauder. Technical developments like roaming are making the task of fraud avoidance even more difficult. In many instances, a fraud is committed with an intention to use the phone while roaming in a different network. In such instances, it is difficult to detect the improper activity in time to apprehend the offender.

Wireless Security Techniques

 Authentication keys are assigned to the handset or the SIM card. Only the mobile network authentication center and the mobile know about the key. Authentication is performed during call setup by exchanging secret data generated randomly using these keys.

Authentication - A key aspect of security for activities such as mobile commerce and mission-critical corporate communications is the ability to authenticate a message sender's identity . There are several methods to accomplish this using variations of wireless public key infrastructure (PKI) mechanism, which provides a set of technologies that relies on encryption and digital certificates. The certificates are message attachments, issued by a certificate authority, that authenticate a sender's identity and provide encryption keys. PKI works with public-key cryptography, in which a certificate authority uses a single algorithm to create a public and private key pair. The public key encrypts the message, and the private key decrypts it. Senders of digital certificates keep their private key secure but make the public  key available to people with whom they communicate. Anyone with access to the public key can send an encrypted message, but only the certificate sender can decrypt it.

Digital signatures can be used to ensure secure transaction over the wireless environment using wireless Public Key Infrastructure (PKI). The E-Sign act that was enacted in 2000 guarantees legal validity to digital signatures. Digital signatures can now be used to ensure nonrepudiation in a court of law.

The challenge here is to design PKI to work on wireless devices that have very low throughput and computational power and to develop wireless PKI systems that can interact with their wireline counterparts. The wireless PKI (WPKI) protocol offers a slimmed-down version of PKI optimizsed for wireless communications.

Smart Cards - One can store PKI-based authentication information in smart cards that he can insert into a device-mounted reader. Smart cards have been used as subscriber identity module (SIM) cards in global system for mobile communication (GSM) phones and wireless identity modules in WAP-enabled phones. 

Firewalls - Organizations can run Neomar's Enterprise Server (NES), which provides authentication for wireless devices, behind their firewalls. A company configures its secure enterprise router proxy to permit only specified handheld devices to contact the NES. Devices communicate with the server via a dedicated connection that eliminates the need to penetrate and thereby create vulnerabilities in firewalls. A device sends a message through an encrypted tunnel via the service provider to a recipient's NES, where decryption takes place, thereby providing security for a transmission. The process is reversed when the NES initiates a transmission.

A WAP gateway can serve as the single point of entry for an enterprise's wireless systems. Companies can secure and monitor the gateway as they do a traditional firewall.

Virtual Private Networks (VPN) -  VPNs provide security by creating an encrypted tunnel through the public Internet. This reduces costs by eliminating the need for companies to build secure private networks. Basic wireline VPN mechanisms can be used for wireless networks, clients and servers. Once a handheld device's VPN client obtains an IP address by connecting to the Internet, it can authenticate itself to a company's VPN server. The client and server then set up the encrypted tunnel through which they communicate. 

The other viable techniques being employed or developed to tackle the problem of wireless attack  include the following:

 RF Fingerprinting -This technique involves measuring the output of the handset and comparing it against the stored fingerprint of the same mobile, as each handset has a slightly different output frequency profile. Technical frauds like cloning can be prevented using this practice.

 Profiling - This technique is based on profiling the call usage based on such indexes as number of calls made in a given time period, length of calls made, origination and destination of calls, etc. If a particular handset deviates from the expected profile, an administrator is notified to investigate.

  Biometrics - Biometrics uses a person's unique physical characteristics such as fingerprints, thumbprint, facial geometry, or retinal images to identify authorized users. Biometrics also includes measured physical aspects of a user such as voice authentication, which analyzes voice to allow or reject access to the service. It is expected that Biometrics technology could be accurate and inexpensive enough for vendors to embrace it in the future.

Real-time Billing by Prepaid Cards - Billing calls as they happen in real time can help the carrier prevent recurring losses from accumulating over the month. Also, prepaid cards, although not fraud-proof, can help limit the losses to a certain amount only.

 Research Scenario on Wireless Security  

There are several new wireless-security standards under research and development. 


Nowadays users can get the complete wireless-security packages from vendors such as Cisco Systems and 3Com instead of piecing together various technologies to get the security they wanted.

The impending release of Third Generation (3G) network technology, which would standardize TCP/IP on mobile systems, promises to permit strong, end-to-end SSL security, which functions only over IP networks. 

Wireless security faces a number of hurdles, especially the challenge of adapting wireless technologies to work with the mobile world's more constrained resources. In spite of all the developments in fraud avoidance and detection, wireless fraud is expected to rise due to the rate at which wireless adoption in increasing. However, vendors and users alike hope that security will keep pace as other aspects of wireless technology continue to advance.