Cong Wang,Maode Ma,Lei Zhang

DOI: https://doi.org/10.1109/access.2017.2706738

IF: 3.9

2017-01-01

IEEE Access

Abstract:The IEEE 802.22 standard regulates wireless regional area network (WRAN) operating at the very high frequency and ultrahigh frequency television white space (TVWS) bands. WRAN supports extensible authentication protocol (EAP)-based authentication schemes. However, due to its public key cryptography operations, a full EAP-based authentication scheme is time-consuming, which is unacceptable for the WRAN handover process. In this paper, an efficient EAP-based pre-authentication scheme for inter-WRAN handovers (EPW) in TVWS is proposed. By applying the proposed pre-authentication scheme, the customer premises equipment and the target secondary user base station can accomplish a seamless handover using symmetric key. Through logic derivation by Burrows, Abadi, and Needham logic and formal verification by automated validation of Internet security protocols and applications, we conclude that the proposed EPW scheme can obtain mutual authentication and maintain key secrecy with a high resistance to attack. Additionally, the performance of the EPW scheme has been investigated by simulation experiments. The results show that the EPW scheme provides a lower computation delay than that mandated by the security scheme regulation of the IEEE 802.22 standard.

Gabriel Karl Gegenhuber,Philipp Frenzel,Edgar Weippl

2024-06-24

Abstract:In today's cellular network evolutions, such as 4G and 5G, the IMS (IP Multimedia Subsystem) serves as a crucial component in managing voice calls and handling short messages. Besides accessing the IMS over the traditional radio layer, many operators use Voice over Wi-Fi (VoWiFi) allowing customers to dial into their core network over the public Internet using an (insecure) Wi-Fi connection. To protect against malicious actors on the WiFi or Internet domain, the traffic is sent over a series of IPsec tunnels, ensuring confidentiality and integrity. Similar to other encrypted protocols (e.g. TLS), the client and server use a handshake protocol (i.e., IKEv2) to communicate their supported security configurations and to agree upon the used parameters (e.g., keys or an encryption algorithm) for the ongoing session. This however opens the door for security vulnerabilities introduced by misconfiguration. We want to analyze security configurations within commercial VoWiFi deployments, both on the client and server side, spotting deprecated configurations that undermine communication security.

Networking and Internet Architecture,Cryptography and Security

Seokseong Jeon,Chansu Yu,Young-Joo Suh

DOI: https://doi.org/10.48550/arXiv.1711.02293

2017-11-29

Abstract:This paper presents a novel pre-shared key (PSK) agreement scheme to establish a secure connection between a Wi-Fi client and access point (AP) without prior knowledge of a password. The standard IEEE 802.11 security method, Robust Security Network Association, widely known as Wi-Fi Protected Access (WPA) and WPA2, derives a shared cryptographic key if and only if a user provides an identical password which an AP possesses, causing ofinconvenience of obtaining and entering the password. In this paper, a proposed scheme, Secure Open AP (SOAP), adopts two public key algorithms, the elliptic curve Diffie-Hellman key exchange algorithm (ECDH) and digital signature algorithm (ECDSA) to establish a secure connection between a client and an AP without having prior knowledge of a password. Implementation and experiment results demonstrate the viability of the proposed scheme.

Networking and Internet Architecture,Cryptography and Security

CQ Li,S Li,D Zhang,G Chen

DOI: https://doi.org/10.1049/ip-vis:20045234

2006-01-01

IEE Proceedings - Vision Image and Signal Processing

Abstract:A voice-over-Internet protocol technique with a new hierarchical data security protection (HDSP) scheme using a secret chaotic bit sequence has been recently proposed. Some insecure properties of the HDSP scheme are pointed out and then used to develop known/chosen-plaintext attacks. The main findings are: given n known plaintexts, about (100 - (50/2(n)))% of secret chaotic bits can be uniquely determined; given only one specially-chosen plaintext, all secret chaotic bits can be uniquely derived; and the secret key can be derived with practically small computational complexity when only one plaintext is known (or chosen). These facts reveal that HDSP is very weak against known/chosen-plaintext attacks. Experiments are given to show the feasibility of the proposed attacks. It is also found that the security of HDSP against the brute-force attack is not practically strong. Some countermeasures are discussed for enhancing the security of HDSP and several basic principles are suggested for the design of a secure encryption scheme.

Tian Xie,Guan-Hua Tu,Bangjie Yin,Chi-Yu Li,Chunyi Peng,Mi Zhang,Hui Liu,Xiaoming Liu

DOI: https://doi.org/10.48550/arXiv.1811.11274

2018-11-29

Abstract:Since 2016, all of four major U.S. operators have rolled out nationwide Wi-Fi calling services. They are projected to surpass VoLTE (Voice over LTE) and other VoIP services in terms of mobile IP voice usage minutes in 2018. They enable mobile users to place cellular calls over Wi-Fi networks based on the 3GPP IMS (IP Multimedia Subsystem) technology. Compared with conventional cellular voice solutions, the major difference lies in that their traffic traverses untrustful Wi-Fi networks and the Internet. This exposure to insecure networks may cause the Wi-Fi calling users to suffer from security threats. Its security mechanisms are similar to the VoLTE, because both of them are supported by the IMS. They include SIM-based security, 3GPP AKA (Authentication and Key Agreement), IPSec (Internet Protocol Security), etc. However, are they sufficient to secure Wi-Fi calling services? Unfortunately, our study yields a negative answer. We conduct the first study of exploring security issues of the operational Wi-Fi calling services in three major U.S. operators' networks using commodity devices. We disclose that current Wi-Fi calling security is not bullet-proof and uncover four vulnerabilities which stem from improper standard designs, device implementation issues and network operation slips. By exploiting the vulnerabilities, together with several state-of-the-art computer visual recognition technologies, we devise two proof-of-concept attacks: user privacy leakage and telephony harassment or denial of voice service (THDoS); both of them can bypass the security defenses deployed on mobile devices and the network infrastructure. We have confirmed their feasibility and simplicity using real-world experiments, as well as assessed their potential damages and proposed recommended solutions.

Cryptography and Security

Piotr Krasnowski,Jerome Lebrun,Bruno Martin

DOI: https://doi.org/10.5281/zenodo.6791340

2022-11-14

Abstract:Motivated by an increasing need for privacy-preserving voice communications, we investigate here the original idea of sending encrypted data and speech in the form of pseudo-speech signals in the audio domain. Being less constrained than military ``Crypto Phones'' and allowing genuine public evaluation, this approach is quite promising for public unsecured voice communication infrastructures, such as 3G cellular network and VoIP.A cornerstone of secure voice communications is the authenticated exchange of cryptographic keys with sole resource the voice channel, and neither Public Key Infrastructure (PKI) nor Certificate Authority (CA). In this paper, we detail our new robust double authentication mechanism based on signatures and Short Authentication Strings (SAS) ensuring strong authentication between the users while mitigating errors caused by unreliable voice channels and also identity protection against passive eavesdroppers. As symbolic model, our protocol has been formally proof-checked for security and fully validated by Tamarin Prover.

Cryptography and Security,Signal Processing

Gabriel Karl Gegenhuber,Philipp Frenzel,Edgar Weippl

DOI: https://doi.org/10.1145/3643832.3661883

2024-05-02

Abstract:In current cellular network generations (4G, 5G) the IMS (IP Multimedia Subsystem) plays an integral role in terminating voice calls and short messages. Many operators use VoWiFi (Voice over Wi-Fi, also Wi-Fi calling) as an alternative network access technology to complement their cellular coverage in areas where no radio signal is available (e.g., rural territories or shielded buildings). In a mobile world where customers regularly traverse national borders, this can be used to avoid expensive international roaming fees while journeying overseas, since VoWiFi calls are usually invoiced at domestic rates. To not lose this revenue stream, some operators block access to the IMS for customers staying abroad.

Networking and Internet Architecture,Cryptography and Security

Guomin Yang,Duncan S. Wong,Xiaotie Deng

DOI: https://doi.org/10.1109/TWC.2007.06020042

IF: 10.4

2007-01-01

IEEE Transactions on Wireless Communications

Abstract:User privacy is a notable security issue in wireless communications. It concerns about user identities from being exposed and user movements and whereabouts from being tracked. The concern of user privacy is particularly signified in systems which support roaming when users are able to hop across networks administered by different operators. In this paper, we propose a novel construction approach of anonymous and authenticated key exchange protocols for a roaming user and a visiting server to establish a random session key in such a way that the visiting server authenticates the user's home server without knowing exactly who the user is. A network eavesdropper cannot find out the user's identity either (user anonymity). In addition, visited servers cannot track the roaming user's movements and whereabouts even they collude with each other (user untraceability). Our construction approach is generic and built upon provably secure two-party key establishment protocols. Merits of our generic protocol construction include eliminating alias synchronization between the user and the home server, supporting joint key control, and not relying on any special security assumptions on the communication channel between the visiting server and the user's home server. Our protocol can also be implemented efficiently. By piggybacking some message flows, the number of message flows between the roaming user and the visiting server is only three. As of independent interest, we describe a new practical attack called deposit-case attack and show that some previously proposed protocols are vulnerable to this attack.

David Samuel Bhatti,Salbia Sidrat,Shahzad Saleem,Annas Wasim Malik,BeomKyu Suh,Ki-Il Kim,Kyu-Chul Lee

DOI: https://doi.org/10.1371/journal.pone.0293626

IF: 3.7

2024-01-25

PLoS ONE

Abstract:The rapid replacement of PSTN with VOIP networks indicates the definitive phase-out of the PBX/PABX with smartphone-based VOIP technology that uses WLAN connectivity for local communication; however, security remains a key issue, regardless of the communication coverage area. Session initiation protocol (SIP) is one of the most widely adopted VOIP connection establishment protocols but requires added security. On the Internet, different security protocols, such as HTTPS (SSL/TLS), IPSec, and S/MIME, are used to protect SIP communication. These protocols require sophisticated infrastructure and some pose a significant overhead that may deteriorate SIP performance. In this article, we propose the following: i) avoid using Internet bandwidth and complex Internet protocols for local communication within an organization, but harness WLAN connectivity, ii) use multi-threaded or multicore computer systems to handle concurrent calls instead of installing hardware-based SIP servers, and iii) run each thread in a separate core. Cryptography is a key tool for securely transmitting confidential data for long- and short-range communication, and the Diffie-Hellman (DH) protocol has consistently been a popular choice for secret key exchanges. Primarily, used for symmetric key sharing, it has been proven effective in generating public/private key pairs, sharing public keys securely over public channels, and subsequently deriving shared secret keys from private/public keys. This key exchange scheme was proposed to safeguard VOIP communication within WLANs, which rely on the SIP for messaging and multimedia communication. For ensuring an efficient implementation of SIP, the system was rigorously analyzed using the M/M/1 and M/M/c queuing models. We analyze the behavior of SIP servers with queuing models with and without end-to-end security and increase users’ trust in SIP security by providing a transparent sense of end-to-end security as they create and manage their private and public keys instead of relying on the underlying SIP technology. This research implements instant messaging, voice conversation, and secret key generation over DH while implementing and observing the role of multi-threading in multiqueue systems that serve incoming calls. By increasing the number of threads from one to two, the SIP response time improved from 20.23809 to 0.08070 min at an arrival rate of 4250 calls/day and a service rate of three calls/min. Similarly, by adding one to seven threads, the queue length was reduced by four calls/min. Implementing secure media streaming and reliable AES-based signaling for session confidentiality and integrity introduces a minor 8-ms tradeoff in SIP service performance. However, the advantages of implementing added security outweigh this limitation.

multidisciplinary sciences

Chi-Yu Li,Guan-Hua Tu,chunyi peng,zengwen yuan,yuanjie li,songwu lu,xinbing wang

DOI: https://doi.org/10.1145/2810103.2813618

2015-01-01

Abstract:VoLTE (Voice-over-LTE) is the designated voice solution to the LTE mobile network, and its worldwide deployment is underway. It reshapes call services from the traditional circuit-switched telecom telephony to the packet-switched Internet VoIP. In this work, we conduct the first study on VoLTE security before its full rollout. We discover several vulnerabilities in both its control-plane and data-plane functions, which can be exploited to disrupt both data and voice in operational networks. In particular, we find that the adversary can easily gain free data access, shut down continuing data access, or subdue an ongoing call, etc. We validate these proof-of-concept attacks using commodity smartphones (rooted and unrooted) in two Tier-1 US mobile carriers. Our analysis reveals that, the problems stem from both the device and the network. The device OS and chipset fail to prohibit non-VoLTE apps from accessing and injecting packets into VoLTE control and data planes. The network infrastructure also lacks proper access control and runtime check.

Thomas Lodge,Sameh Zakhary,Derek McAuley

DOI: https://doi.org/10.48550/arXiv.2203.13540

2022-03-25

Cryptography and Security

Abstract:A common approach to securing end-to-end connectivity between devices on the Internet is to utilise a cloud-based intermediary. With this reliance upon a third-party comes a set of security and privacy concerns that are difficult to mitigate. A promising new protocol, Wireguard, dispenses with the middleman to provide secure peer-to-peer communication. However, support for initial key exchange falls outside Wireguard's scope, making it potentially vulnerable to insecure out-of-band key exchange. The design of secure and usable key exchange methods is challenging, not least in domestic spaces, as they're often characterised by technically naive users in multi-occupancy environments, making them susceptible to insider and passer-by attacks (i.e.: theft, observation attacks, relay and impersonation attacks). We describe and present the results from a design ideation study that probes the use of tangible, multi-factor approaches for securing key exchange in domestic spaces. The study suggests that a home's semi-fixed features (e.g.: lamps, shelves, chairs) can be instrumented to support a promising three-factor authentication approach ('what you have, what you know and where you are') to enable key exchange solutions that are i. more secure than commonly used naive approaches and ii. desirable for end users.

Guyue Li,Chen Sun,Junqing Zhang,Eduard Jorswieck,Bin Xiao,Aiqun Hu

DOI: https://doi.org/10.3390/e21050497

2019-05-15

Abstract:The fifth generation (5G) and beyond wireless communications will transform many exciting applications and trigger massive data connections with private, confidential, and sensitive information. The security of wireless communications is conventionally established by cryptographic schemes and protocols in which the secret key distribution is one of the essential primitives. However, traditional cryptography-based key distribution protocols might be challenged in the 5G and beyond communications because of special features such as device-to-device and heterogeneous communications, and ultra-low latency requirements. Channel reciprocity-based key generation (CRKG) is an emerging physical layer-based technique to establish secret keys between devices. This article reviews CRKG when the 5G and beyond networks employ three candidate technologies: duplex modes, massive multiple-input multiple-output (MIMO) and mmWave communications. We identify the opportunities and challenges for CRKG and provide corresponding solutions. To further demonstrate the feasibility of CRKG in practical communication systems, we overview existing prototypes with different IoT protocols and examine their performance in real-world environments. This article shows the feasibility and promising performances of CRKG with the potential to be commercialized.

Zhiwei Cui,Baojiang Cui,Junsong Fu,Renhai Dong

DOI: https://doi.org/10.1155/2022/7395128

IF: 1.968

2022-09-05

Security and Communication Networks

Abstract:With the rapid development of 5G SA (standalone) networks, increasing subscribers are motivated to make calls through 5G. To support voice services critical to mobile users, 5G SA networks adopt two solutions: VoNR (Voice Over New Radio) and EPS (Evolved Packet System) fallback. At this stage, 5G SA networks provide voice services through EPS fallback, which leverages 4G networks to support voice calls for 5G users. This switch between cellular network systems may expose vulnerabilities to adversaries. However, there is a lack of security research on voice services in the 5G SA network. In this paper, we analyze the security of EPS fallback and its closely related IMS from the perspective of the protocol and the practices of the carriers. We uncover two protocol design vulnerabilities and two implementation flaws. In addition, we exploit them to design three attacks: voice DoS, voice monitoring, and SMS spoofing and interception. We validated these vulnerabilities and attacks using SDR (software-defined radio) tools and a set of open-source software in three mobile carriers. Our analysis reveals that the problems stem from both specifications and carrier networks. We finally propose several potential countermeasures to defend these attacks.

computer science, information systems,telecommunications

Zishuai Cheng,Mihai Ordean,Flavio Garcia,Baojiang Cui,Dominik Rys

DOI: https://doi.org/10.56553/popets-2023-0053

2023-04-01

Proceedings on Privacy Enhancing Technologies

Abstract:Voice over LTE (VoLTE) and Voice over NR (VoNR), are two similar technologies that have been widely deployed by operators to provide a better calling experience in LTE and 5G networks, respectively. The VoLTE/NR protocols rely on the security features of the underlying LTE/5G network to protect users' privacy such that nobody can monitor calls and learn details about call times, duration, and direction. In this paper, we introduce a new privacy attack which enables adversaries to analyse encrypted LTE/5G traffic and recover any VoLTE/NR call details. We achieve this by implementing a novel mobile-relay adversary which is able to remain undetected by using an improved physical layer parameter guessing procedure. This adversary facilitates the recovery of encrypted configuration messages exchanged between victim devices and the mobile network. We further propose an identity mapping method which enables our mobile-relay adversary to link a victim's network identifiers to the phone number efficiently, requiring a single VoLTE protocol message. We evaluate the real-world performance of our attacks using four modern commercial off-the-shelf phones and two representative, commercial network carriers. We collect over 60 hours of traffic between the phones and the mobile networks and execute 160 VoLTE calls, which we use to successfully identify patterns in the physical layer parameter allocation and in VoLTE traffic, respectively. Our real-world experiments show that our mobile-relay works as expected in all test cases, and the VoLTE activity logs recovered describe the actual communication with 100% accuracy. Finally, we show that we can link network identifiers such as International Mobile Subscriber Identities (IMSI), Subscriber Concealed Identifiers (SUCI) and/or Globally Unique Temporary Identifiers (GUTI) to phone numbers while remaining undetected by the victim.

English Else

Gerhard Wunder,Axel Flinth,Daniel Becker,Benedikt Groß

2024-04-23

Abstract:Secret key generation (SKG) between authenticated devices is a pivotal task for secure communications. Diffie-Hellman (DH) is de-facto standard but not post-quantum secure. In this paper, we shall invent and analyze a new security primitive that is specifically designed for WPAN. For WPAN, wireless channel-based SKG has been proposed but was not widely deployed due to its critical dependence on the channel's entropy which is uncontrollable. We formulate a different approach: We still exploit channel properties but mainly hinge on the reciprocity of the wireless channel and not on the channel's entropy. The radio advantage comes from the use of full duplex communication. We show that in this situation both legitimate parties can agree on a common secret key even without ever probing the channel at all. At the core is a new bisparse blind deconvolution scheme for which we prove correctness and information-theoretic, i.e. perfect, security. We show that, ultimately, a secret key can be extracted and give a lower bound for the number of secret key bits which is then verified by experiments.

Information Theory

Yixin Jiang,Chuang Lin,Xuemin (Sherman) Shen,Minghui Shi

DOI: https://doi.org/10.1109/twc.2006.05063

IF: 10.4

2006-01-01

IEEE Transactions on Wireless Communications

Abstract:Two novel mutual authentication and key exchange protocols with anonymity are proposed for different roaming scenarios in the global mobility network. The new features in the proposed protocols include identity anonymity and one-time session key renewal. Identity anonymity protects mobile users privacy in the roaming network environment. One-time session key progression frequently renews the session key for mobile users and reduces the risk of using a compromised session key to communicate with visited networks. It has demonstrated that the computation complexity of the proposed protocols is similar to the existing ones, while the security has been significantly improved

Jacqueline Brendel,Rune Fiedler,Felix Günther,Christian Janson,Douglas Stebila

DOI: https://doi.org/10.1007/978-3-030-97131-1_1

2022-01-01

Abstract:AbstractThe key exchange protocol that establishes initial shared secrets in the handshake of the Signal end-to-end encrypted messaging protocol has several important characteristics: (1) it runs asynchronously (without both parties needing to be simultaneously online), (2) it provides implicit mutual authentication while retaining deniability (transcripts cannot be used to prove either party participated in the protocol), and (3) it retains security even if some keys are compromised (forward secrecy and beyond). All of these properties emerge from clever use of the highly flexible Diffie–Hellman protocol.While quantum-resistant key encapsulation mechanisms (KEMs) can replace Diffie–Hellman key exchange in some settings, there is no replacement for the Signal handshake solely from KEMs that achieves all three aforementioned properties, in part due to the inherent asymmetry of KEM operations. In this paper, we show how to construct asynchronous deniable key exchange by combining KEMs and designated verifier signature (DVS) schemes, matching the characteristics of Signal. There are several candidates for post-quantum DVS schemes, either direct constructions or via ring signatures. This yields a template for an efficient post-quantum realization of the Signal handshake with the same asynchronicity and security properties as the original Signal protocol.

Hung-Min Sun,Shih-Ying Chang,Yue-Hsun Lin,Shin-Yan Chiou

DOI: https://doi.org/10.1109/isda.2008.330

2008-01-01

Abstract:Mobile WiMAX is the next generation of broadband wireless network. It allows users to roam over the network under vehicular speeds. However, when a mobile station changes from one base station to another, it should be authenticated again. This may lead to delay in communication, especially for real-time applications, such as VoIP and Pay-TV systems. In this paper, we propose two efficient schemes to enhance the performance of authentication during handover in mobile WiMAX. The first scheme adopts, instead of the standard EAP method used in handover authentication, an efficient shared key-based EAP method. The second one, skips the standard EAP method, does the authentication in SA-TEK three-way handshake in PKMv2 process. In addition, the security proofs of our schemes are provided in this paper.

Jorge Infante,Boris Bellalta

DOI: https://doi.org/10.48550/arXiv.1302.2814

2013-02-12

Abstract:The stunning growth of WiFi networks, together with the spreading of mobile telephony and the increasing use of Voice over IP (VoIP) on top of Internet, pose relevant questions on the application of WiFi networks to support VoIP services that could be used as a complement and/or competition to the 2G/3G cellular networks. The paper explores the state of the art on the capability of WiFi networks to support voice services in a user itinerant context, identifying actual and future strengths, weakness, opportunities and threats. First of all, the paper reviews the key aspects on the changing structure of the voice market, dominated by a clear evolution to mobility, itinerancy and increased use of VoIP-based services. The evolution of business models, coverage for WiFi networks (hotspots, municipal networks, cooperative networks and) and user voice service use patterns are also analysed in order to asses the potentialities for complementing or -in some scenarios- substitute the cellular networks.

Networking and Internet Architecture

Anmin Fu,Gongxuan Zhang,Yan Yu,Zhenchao Zhu

DOI: https://doi.org/10.3837/tiis.2014.09.017

2014-01-01

Abstract:Integrated WiMAX and WiFi networks is of great potential for the future due to the wider coverage of WiMAX and the high data transport capacity of WiFi. However, seamless and secure handover (HO) is one of the most challenging issues in this field. In this paper, we present a novel vertical HO authentication scheme with privacy preserving for WiMAX-WiFi heterogeneous networks. Our scheme uses ticket-based and pseudonym-based cryptographic methods to secure HO process and to achieve high efficiency. The formal verification by the AVISPA tool shows that the proposed scheme is secure against various malicious attacks and the simulation result indicates that it outperforms the existing schemes in terms of communication and computation cost.