SlideShare una empresa de Scribd logo

Security in bluetooth, cdma and umts

Descargar como PPT, PDF
Ankit Gupta
Ankit Gupta
Educación
1 de 35
SECURITY IN BLUETOOTH, CDMA AND UMTS MOTILAL NEHRU NATIONAL INSTITUTE OF TECHNOLOGY ALLAHABAD
BLUETOOTH  System for short range wireless communication  Wireless data transfer via ACL link  Data rates up to 3 Mb/s  2.4 GHz ISM band (Industrial Scientific Medicine)  Typical communication range is 10-100 meters  Bluetooth SIG (Special Interest Group) developed the technology
SECURITY THREATS  Disclosure Threat  Integrity Threat  Denial of Service (DoS)
ATTACKS  Snarf Attack  Backdoor Attack  BlueBug Attack  BlueJack Attack  Denial of Service Attack  BluePrinting Attack
SECURITY LEVELS AND MODES Security Levels:  Silent  Private  Public Security Modes:  Non Secure  Service Level Enforced Security  Link Level Enforced Security
AUTHENTICATION, AUTHORIZATION , ENCRYPTION  Authentication is the process of proving the identity of one piconet member to another  Authorization determines whether the user is authorized to have access to the services provided  Encryption is the process of encoding the information so that no eavesdropper can read it
SECURITY OPERATIONS
AUTHENTICATION
AUTHORIZATION
ENCRYPTION  Encryption Mode 1  Encryption Mode 2  Encryption Mode 3
ENCRYPTION PROCEDURE
KNOWN VULNERABILITIES  Spoofing through Keys  Spoofing through a Bluetooth Address  PIN Length
COUNTERMEASURES  Know your Environment  Be Invisible  Abstinence is best  Use only long PIN codes (16 case sensitive alphanumerical characters)  Requiring Authentication for every L2CAP request  Using additional security at software level and an additional password to physically protect the Bluetooth devices
COUNTERMEASURES CONTD…  Requiring re authentication always prior to access of a sensitive information / service  To prevent Man-in-the-middle attack, approach is to make it difficult for an attacker to lock onto the frequency used for communication. Making the frequency hopping intervals and patterns reasonably unpredictable might help to prevent an attacker from locking onto the devices signal.
PROPOSED SOLUTION FOR DOS ATTACK  When the pairing message is sent by one device  When the attacker is sending the message with the address, which is already connected to Bluetooth device  When the pairing message sent by more than one device  When the attacker is changing the Bluetooth address of itself with another Bluetooth address
UMTS security
UMTS system architecture (R99) is based on GSM/GPRS
POSSIBLE ATTACKS ON UMTS  Denial of service  Identity catching  Impersonation of the network  Impersonation of the user
3G SECURITY FEATURES  „ Mutual Authentication The mobile user and the serving network authenticate each other  „ Data Integrity Signaling messages between the mobile station and RNC protected by integrity code  Network to Network Security Secure communication between serving networks. IPsec suggested  Secure IMSI (International Mobile Subscriber Identity) Usage The user is assigned a temporary IMSI by the serving network
3G SECURITY FEATURES CONTD…  „ User – Mobile Station Authentication The user and the mobile station share a secret key, PIN  „ Secure Services Protect against misuse of services provided by the home network and the serving network  „ Secure Applications Provide security for applications resident on mobile station
AUTHENTICATION AND KEY AGREEMENT  „ AuC and USIM share  permanent secret key K  Message authentication functions f1, f1*, f2  key generating functions f3, f4, f5  „ AuC has a random number generator  „ AuC has scheme to generate fresh sequence numbers  „ USIM has scheme to verify freshness of received
AUTHENTICATION AND KEY AGREEMENT home 128 bit secret key K is shared between the network and the mobile user Home Network Mobile station
Complete Message flow for successful AKA
Encryption
Integrity Check
NETWORK DOMAIN SECURITY  IPSec  IP traffic between networks can be protected with IPSEC between security gateways  Encapsulating Security Payload (ESP) is used for protection of packets  ESP is always used in tunnel mode  Advance Encryption Standard (AES)
CDMA
CODE DIVISION MULTIPLE ACCESS (CDMA)  Channel access method used by various radio communication technology  Employs spread spectrum technology and a special coding scheme  Attacks are very difficult and rare
DIFFERENCE BETWEEN CDMA, TDMA AND FDMA
TYPES OF CDMA  Frequency Hopping Spread Spectrum CDMA  Direct Sequence Spread Spectrum CDMA
SECURITY  By design, CDMA technology makes eavesdropping very difficult  42-bit PN (Pseudo Random Noise) sequence  64-bit authentication key (A-Key)  Electronic Serial Number (ESN) of the mobile
AUTHENTICATION
AUTHENTICATION MODEL
ENCRYPTION
Thank You!!!!!

Recomendados

WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and ProtectionChandrak Trivedi
 
WLAN SECURITY BY SAIKIRAN PANJALA
WLAN SECURITY BY SAIKIRAN PANJALAWLAN SECURITY BY SAIKIRAN PANJALA
WLAN SECURITY BY SAIKIRAN PANJALASaikiran Panjala
 
Cellular wireless network security
Cellular wireless network securityCellular wireless network security
Cellular wireless network securityAnkit Anand
 
Bluetooth network-security-seminar-report
Bluetooth network-security-seminar-reportBluetooth network-security-seminar-report
Bluetooth network-security-seminar-reportROHIT SAGAR
 
Wlan networking and security
Wlan networking and securityWlan networking and security
Wlan networking and securityakki_hearts
 
Wireless security
Wireless securityWireless security
Wireless securityparipec
 
Wireless Security
Wireless SecurityWireless Security
Wireless SecurityVignesh Suresh
 
Ch20 Wireless Security
Ch20 Wireless SecurityCh20 Wireless Security
Ch20 Wireless Securityphanleson
 

Recomendados

WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and ProtectionChandrak Trivedi
 
WLAN SECURITY BY SAIKIRAN PANJALA
WLAN SECURITY BY SAIKIRAN PANJALAWLAN SECURITY BY SAIKIRAN PANJALA
WLAN SECURITY BY SAIKIRAN PANJALASaikiran Panjala
 
Cellular wireless network security
Cellular wireless network securityCellular wireless network security
Cellular wireless network securityAnkit Anand
 
Bluetooth network-security-seminar-report
Bluetooth network-security-seminar-reportBluetooth network-security-seminar-report
Bluetooth network-security-seminar-reportROHIT SAGAR
 
Wlan networking and security
Wlan networking and securityWlan networking and security
Wlan networking and securityakki_hearts
 
Wireless security
Wireless securityWireless security
Wireless securityparipec
 
Wireless Security
Wireless SecurityWireless Security
Wireless SecurityVignesh Suresh
 
Ch20 Wireless Security
Ch20 Wireless SecurityCh20 Wireless Security
Ch20 Wireless Securityphanleson
 
Wifi Security
Wifi SecurityWifi Security
Wifi SecurityAgris Ameriks
 
Windows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best PracticesWindows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best PracticesJohn Rhoton
 
Security in wireless cellular network
Security in wireless cellular networkSecurity in wireless cellular network
Security in wireless cellular networkAwais Mansoor Chohan
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsAirTight Networks
 
Wifi hacking
Wifi hackingWifi hacking
Wifi hackingHarshit Varshney
 
Wireless Hacking
Wireless HackingWireless Hacking
Wireless HackingVIKAS SINGH BHADOURIA
 
Security & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudySecurity & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudyMohammad Mahmud Kabir
 
BLUETOOTH SECURITY
BLUETOOTH SECURITYBLUETOOTH SECURITY
BLUETOOTH SECURITYJay Nagar
 
Presentation
PresentationPresentation
Presentationdarshpreet kaur
 
Telecom Security
Telecom SecurityTelecom Security
Telecom SecurityPriyanka Aash
 
Wireless network security
Wireless network security Wireless network security
Wireless network security Aurobindo Nayak
 
Widyatama Lecture Applied Networking IV Week06 Mobile Security 2
Widyatama Lecture Applied Networking IV Week06 Mobile Security 2Widyatama Lecture Applied Networking IV Week06 Mobile Security 2
Widyatama Lecture Applied Networking IV Week06 Mobile Security 2Djadja Sardjana
 
GSM Security 101 by Sushil Singh and Dheeraj Verma
GSM Security 101 by Sushil Singh and Dheeraj VermaGSM Security 101 by Sushil Singh and Dheeraj Verma
GSM Security 101 by Sushil Singh and Dheeraj VermaOWASP Delhi
 
Wireless lan security
Wireless lan securityWireless lan security
Wireless lan securityAnkit Anand
 
Wlan security
Wlan securityWlan security
Wlan securityUpasona Roy
 
Wireless Security
Wireless SecurityWireless Security
Wireless SecuritysiDz
 
Wireless Lan Security
Wireless Lan SecurityWireless Lan Security
Wireless Lan SecuritySANDEEPONSLIDESHARE
 
An IDS for Secure Visible Light Communication on Android Devices
An IDS for Secure Visible Light Communication on Android DevicesAn IDS for Secure Visible Light Communication on Android Devices
An IDS for Secure Visible Light Communication on Android DevicesBen Graham
 
Wlan security
Wlan securityWlan security
Wlan securitySajan Sahu
 
Wireless Security Needs For Enterprises
Wireless Security Needs For EnterprisesWireless Security Needs For Enterprises
Wireless Security Needs For Enterprisesshrutisreddy
 
Wifi-Securite.com
Wifi-Securite.comWifi-Securite.com
Wifi-Securite.comWifiSecurite
 
Présentation wifi sécurisé
Présentation wifi sécuriséPrésentation wifi sécurisé
Présentation wifi sécuriséAline INIZAN PAYEN
 

Más contenido relacionado

La actualidad más candente

Windows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best PracticesWindows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best PracticesJohn Rhoton
 
Security in wireless cellular network
Security in wireless cellular networkSecurity in wireless cellular network
Security in wireless cellular networkAwais Mansoor Chohan
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsAirTight Networks
 
Security & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudySecurity & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudyMohammad Mahmud Kabir
 
BLUETOOTH SECURITY
BLUETOOTH SECURITYBLUETOOTH SECURITY
BLUETOOTH SECURITYJay Nagar
 
Wireless network security
Wireless network security Wireless network security
Wireless network security Aurobindo Nayak
 
Widyatama Lecture Applied Networking IV Week06 Mobile Security 2
Widyatama Lecture Applied Networking IV Week06 Mobile Security 2Widyatama Lecture Applied Networking IV Week06 Mobile Security 2
Widyatama Lecture Applied Networking IV Week06 Mobile Security 2Djadja Sardjana
 
GSM Security 101 by Sushil Singh and Dheeraj Verma
GSM Security 101 by Sushil Singh and Dheeraj VermaGSM Security 101 by Sushil Singh and Dheeraj Verma
GSM Security 101 by Sushil Singh and Dheeraj VermaOWASP Delhi
 
Wireless lan security
Wireless lan securityWireless lan security
Wireless lan securityAnkit Anand
 
Wireless Security
Wireless SecurityWireless Security
Wireless SecuritysiDz
 
An IDS for Secure Visible Light Communication on Android Devices
An IDS for Secure Visible Light Communication on Android DevicesAn IDS for Secure Visible Light Communication on Android Devices
An IDS for Secure Visible Light Communication on Android DevicesBen Graham
 
Wireless Security Needs For Enterprises
Wireless Security Needs For EnterprisesWireless Security Needs For Enterprises
Wireless Security Needs For Enterprisesshrutisreddy
 

La actualidad más candente (20)

Wifi Security
Wifi SecurityWifi Security
Wifi Security
 
Windows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best PracticesWindows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best Practices
 
Security in wireless cellular network
Security in wireless cellular networkSecurity in wireless cellular network
Security in wireless cellular network
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and Solutions
 
Wifi hacking
Wifi hackingWifi hacking
Wifi hacking
 
Wireless Hacking
Wireless HackingWireless Hacking
Wireless Hacking
 
Security & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudySecurity & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case Study
 
BLUETOOTH SECURITY
BLUETOOTH SECURITYBLUETOOTH SECURITY
BLUETOOTH SECURITY
 
Presentation
PresentationPresentation
Presentation
 
Telecom Security
Telecom SecurityTelecom Security
Telecom Security
 
Wireless network security
Wireless network security Wireless network security
Wireless network security
 
Widyatama Lecture Applied Networking IV Week06 Mobile Security 2
Widyatama Lecture Applied Networking IV Week06 Mobile Security 2Widyatama Lecture Applied Networking IV Week06 Mobile Security 2
Widyatama Lecture Applied Networking IV Week06 Mobile Security 2
 
GSM Security 101 by Sushil Singh and Dheeraj Verma
GSM Security 101 by Sushil Singh and Dheeraj VermaGSM Security 101 by Sushil Singh and Dheeraj Verma
GSM Security 101 by Sushil Singh and Dheeraj Verma
 
Wireless lan security
Wireless lan securityWireless lan security
Wireless lan security
 
Wlan security
Wlan securityWlan security
Wlan security
 
Wireless Security
Wireless SecurityWireless Security
Wireless Security
 
Wireless Lan Security
Wireless Lan SecurityWireless Lan Security
Wireless Lan Security
 
An IDS for Secure Visible Light Communication on Android Devices
An IDS for Secure Visible Light Communication on Android DevicesAn IDS for Secure Visible Light Communication on Android Devices
An IDS for Secure Visible Light Communication on Android Devices
 
Wlan security
Wlan securityWlan security
Wlan security
 
Wireless Security Needs For Enterprises
Wireless Security Needs For EnterprisesWireless Security Needs For Enterprises
Wireless Security Needs For Enterprises
 

Destacado

Sécurité réseau wifi - clusir drôme ardèche - mars 2012
Sécurité réseau wifi - clusir drôme ardèche - mars 2012Sécurité réseau wifi - clusir drôme ardèche - mars 2012
Sécurité réseau wifi - clusir drôme ardèche - mars 2012Le Moulin Digital
 
34 Robertson La Robotique Pour La RééDucation
34 Robertson La Robotique Pour La RééDucation34 Robertson La Robotique Pour La RééDucation
34 Robertson La Robotique Pour La RééDucationguest9b25cb
 
MediMoov : plateforme de Physio-Gaming
MediMoov : plateforme de Physio-GamingMediMoov : plateforme de Physio-Gaming
MediMoov : plateforme de Physio-Gamingmarionflo
 
TOPFORM68 une cellule d'expertise de remise en forme
TOPFORM68 une cellule d'expertise de remise en formeTOPFORM68 une cellule d'expertise de remise en forme
TOPFORM68 une cellule d'expertise de remise en formeTOPFORMPRO
 
Lanzatech: le pari technologique d'ArcelorMittal
Lanzatech: le pari technologique d'ArcelorMittalLanzatech: le pari technologique d'ArcelorMittal
Lanzatech: le pari technologique d'ArcelorMittalLuxemburger Wort
 
Billetterie en ligne : Une solution miracle pour le spectacle vivant ? - SOCI...
Billetterie en ligne : Une solution miracle pour le spectacle vivant ? - SOCI...Billetterie en ligne : Une solution miracle pour le spectacle vivant ? - SOCI...
Billetterie en ligne : Une solution miracle pour le spectacle vivant ? - SOCI...socialunit
 
bluetooth-security
bluetooth-securitybluetooth-security
bluetooth-securityAnand Dhana
 
Sécurité des réseaux sans fil WIFI
Sécurité des réseaux sans fil WIFISécurité des réseaux sans fil WIFI
Sécurité des réseaux sans fil WIFISoukaina Boujadi
 
Conception et développement d’un Système de réservation en ligne
Conception et développement d’un Système de réservation en ligneConception et développement d’un Système de réservation en ligne
Conception et développement d’un Système de réservation en ligneAydi Nébil
 
Techniques de programmation avancée LabVIEW : gestion des données de la local...
Techniques de programmation avancée LabVIEW : gestion des données de la local...Techniques de programmation avancée LabVIEW : gestion des données de la local...
Techniques de programmation avancée LabVIEW : gestion des données de la local...Luc Desruelle
 
LOGICIEL RHUMATO, Cabinet Médical Rhumatologue
LOGICIEL RHUMATO, Cabinet Médical RhumatologueLOGICIEL RHUMATO, Cabinet Médical Rhumatologue
LOGICIEL RHUMATO, Cabinet Médical RhumatologueZoubida Alaoui Mdaghri
 

Destacado (20)

Wifi-Securite.com
Wifi-Securite.comWifi-Securite.com
Wifi-Securite.com
 
Présentation wifi sécurisé
Présentation wifi sécuriséPrésentation wifi sécurisé
Présentation wifi sécurisé
 
Sécurité réseau wifi - clusir drôme ardèche - mars 2012
Sécurité réseau wifi - clusir drôme ardèche - mars 2012Sécurité réseau wifi - clusir drôme ardèche - mars 2012
Sécurité réseau wifi - clusir drôme ardèche - mars 2012
 
34 Robertson La Robotique Pour La RééDucation
34 Robertson La Robotique Pour La RééDucation34 Robertson La Robotique Pour La RééDucation
34 Robertson La Robotique Pour La RééDucation
 
MediMoov : plateforme de Physio-Gaming
MediMoov : plateforme de Physio-GamingMediMoov : plateforme de Physio-Gaming
MediMoov : plateforme de Physio-Gaming
 
TOPFORM68 une cellule d'expertise de remise en forme
TOPFORM68 une cellule d'expertise de remise en formeTOPFORM68 une cellule d'expertise de remise en forme
TOPFORM68 une cellule d'expertise de remise en forme
 
Regnault jfk2011
Regnault jfk2011Regnault jfk2011
Regnault jfk2011
 
Sécurité-Wifi
Sécurité-WifiSécurité-Wifi
Sécurité-Wifi
 
Version 01
Version 01Version 01
Version 01
 
Lanzatech: le pari technologique d'ArcelorMittal
Lanzatech: le pari technologique d'ArcelorMittalLanzatech: le pari technologique d'ArcelorMittal
Lanzatech: le pari technologique d'ArcelorMittal
 
Billetterie en ligne : Une solution miracle pour le spectacle vivant ? - SOCI...
Billetterie en ligne : Une solution miracle pour le spectacle vivant ? - SOCI...Billetterie en ligne : Une solution miracle pour le spectacle vivant ? - SOCI...
Billetterie en ligne : Une solution miracle pour le spectacle vivant ? - SOCI...
 
Mon intervention lors du Ciro10
Mon intervention lors du Ciro10Mon intervention lors du Ciro10
Mon intervention lors du Ciro10
 
bluetooth-security
bluetooth-securitybluetooth-security
bluetooth-security
 
Présentation SIH
Présentation SIHPrésentation SIH
Présentation SIH
 
Robotics In STEM Education
Robotics In STEM Education Robotics In STEM Education
Robotics In STEM Education
 
Sécurité des réseaux sans fil WIFI
Sécurité des réseaux sans fil WIFISécurité des réseaux sans fil WIFI
Sécurité des réseaux sans fil WIFI
 
Conception et développement d’un Système de réservation en ligne
Conception et développement d’un Système de réservation en ligneConception et développement d’un Système de réservation en ligne
Conception et développement d’un Système de réservation en ligne
 
Techniques de programmation avancée LabVIEW : gestion des données de la local...
Techniques de programmation avancée LabVIEW : gestion des données de la local...Techniques de programmation avancée LabVIEW : gestion des données de la local...
Techniques de programmation avancée LabVIEW : gestion des données de la local...
 
Laugaudin UFR12
Laugaudin UFR12Laugaudin UFR12
Laugaudin UFR12
 
LOGICIEL RHUMATO, Cabinet Médical Rhumatologue
LOGICIEL RHUMATO, Cabinet Médical RhumatologueLOGICIEL RHUMATO, Cabinet Médical Rhumatologue
LOGICIEL RHUMATO, Cabinet Médical Rhumatologue
 

Similar a Security in bluetooth, cdma and umts

Security in GSM(2G) and UMTS(3G) Networks
Security in GSM(2G) and UMTS(3G) NetworksSecurity in GSM(2G) and UMTS(3G) Networks
Security in GSM(2G) and UMTS(3G) NetworksNaveen Kumar
 
Wireless Communiction Security
Wireless Communiction SecurityWireless Communiction Security
Wireless Communiction SecurityMeet Soni
 
Making networks secure with multi-layer encryption
Making networks secure with multi-layer encryptionMaking networks secure with multi-layer encryption
Making networks secure with multi-layer encryptionADVA
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device SecurityJohn Rhoton
 
124647123-Bluetooth.ppt
124647123-Bluetooth.ppt124647123-Bluetooth.ppt
124647123-Bluetooth.pptMEGHAB26
 
wireless communication security PPT, presentation
wireless communication security PPT, presentationwireless communication security PPT, presentation
wireless communication security PPT, presentationNitesh Dubey
 
Wireless Security and Mobile DevicesChapter 12Princi.docx
Wireless Security and Mobile DevicesChapter 12Princi.docxWireless Security and Mobile DevicesChapter 12Princi.docx
Wireless Security and Mobile DevicesChapter 12Princi.docxadolphoyonker
 
Cyber security tutorial2
Cyber security tutorial2Cyber security tutorial2
Cyber security tutorial2sweta dargad
 
Case study about voip
Case study about voipCase study about voip
Case study about voipelmudthir
 
A Survey on Communication for Smartphone
A Survey on Communication for SmartphoneA Survey on Communication for Smartphone
A Survey on Communication for SmartphoneEditor IJMTER
 
Security in Wireless Sensor Networks Using Broadcasting
Security in Wireless Sensor Networks Using BroadcastingSecurity in Wireless Sensor Networks Using Broadcasting
Security in Wireless Sensor Networks Using BroadcastingIJMER
 
Analysis Of Security In Wireless Network
Analysis Of Security In Wireless NetworkAnalysis Of Security In Wireless Network
Analysis Of Security In Wireless NetworkSteven Wallach
 

Similar a Security in bluetooth, cdma and umts (20)

Security in GSM(2G) and UMTS(3G) Networks
Security in GSM(2G) and UMTS(3G) NetworksSecurity in GSM(2G) and UMTS(3G) Networks
Security in GSM(2G) and UMTS(3G) Networks
 
Cdma Security
Cdma SecurityCdma Security
Cdma Security
 
Mobile security
Mobile securityMobile security
Mobile security
 
B010331019
B010331019B010331019
B010331019
 
Wireless Communiction Security
Wireless Communiction SecurityWireless Communiction Security
Wireless Communiction Security
 
Making networks secure with multi-layer encryption
Making networks secure with multi-layer encryptionMaking networks secure with multi-layer encryption
Making networks secure with multi-layer encryption
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device Security
 
124647123-Bluetooth.ppt
124647123-Bluetooth.ppt124647123-Bluetooth.ppt
124647123-Bluetooth.ppt
 
wireless communication security PPT, presentation
wireless communication security PPT, presentationwireless communication security PPT, presentation
wireless communication security PPT, presentation
 
Wireless Security and Mobile DevicesChapter 12Princi.docx
Wireless Security and Mobile DevicesChapter 12Princi.docxWireless Security and Mobile DevicesChapter 12Princi.docx
Wireless Security and Mobile DevicesChapter 12Princi.docx
 
Cyber security tutorial2
Cyber security tutorial2Cyber security tutorial2
Cyber security tutorial2
 
Case study about voip
Case study about voipCase study about voip
Case study about voip
 
A Survey on Communication for Smartphone
A Survey on Communication for SmartphoneA Survey on Communication for Smartphone
A Survey on Communication for Smartphone
 
Security in Wireless Sensor Networks Using Broadcasting
Security in Wireless Sensor Networks Using BroadcastingSecurity in Wireless Sensor Networks Using Broadcasting
Security in Wireless Sensor Networks Using Broadcasting
 
Accessing remote networks
Accessing remote networksAccessing remote networks
Accessing remote networks
 
Analysis Of Security In Wireless Network
Analysis Of Security In Wireless NetworkAnalysis Of Security In Wireless Network
Analysis Of Security In Wireless Network
 
Security model evaluation of 3 g
Security model evaluation of 3 gSecurity model evaluation of 3 g
Security model evaluation of 3 g
 
Ecommerce final ppt
Ecommerce final pptEcommerce final ppt
Ecommerce final ppt
 
CNS UNIT-VI.pptx
CNS UNIT-VI.pptxCNS UNIT-VI.pptx
CNS UNIT-VI.pptx
 
Ipsecurity
IpsecurityIpsecurity
Ipsecurity
 

Último

Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxRamakrishna Reddy Bijjam
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxCeline George
 
How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17Celine George
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.MaryamAhmad92
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsKarakKing
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17Celine George
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptxMaritesTamaniVerdade
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Jisc
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxJisc
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jisc
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...Amil baba
 
Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxDr. Sarita Anand
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxannathomasp01
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibitjbellavia9
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfNirmal Dwivedi
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxmarlenawright1
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - Englishneillewis46
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxJisc
 

Último (20)

Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 
How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
 
Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptx
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 

Security in bluetooth, cdma and umts

  • 1. SECURITY IN BLUETOOTH, CDMA AND UMTS MOTILAL NEHRU NATIONAL INSTITUTE OF TECHNOLOGY ALLAHABAD
  • 2. BLUETOOTH  System for short range wireless communication  Wireless data transfer via ACL link  Data rates up to 3 Mb/s  2.4 GHz ISM band (Industrial Scientific Medicine)  Typical communication range is 10-100 meters  Bluetooth SIG (Special Interest Group) developed the technology
  • 3. SECURITY THREATS  Disclosure Threat  Integrity Threat  Denial of Service (DoS)
  • 4. ATTACKS  Snarf Attack  Backdoor Attack  BlueBug Attack  BlueJack Attack  Denial of Service Attack  BluePrinting Attack
  • 5. SECURITY LEVELS AND MODES Security Levels:  Silent  Private  Public Security Modes:  Non Secure  Service Level Enforced Security  Link Level Enforced Security
  • 6. AUTHENTICATION, AUTHORIZATION , ENCRYPTION  Authentication is the process of proving the identity of one piconet member to another  Authorization determines whether the user is authorized to have access to the services provided  Encryption is the process of encoding the information so that no eavesdropper can read it
  • 10. ENCRYPTION  Encryption Mode 1  Encryption Mode 2  Encryption Mode 3
  • 12. KNOWN VULNERABILITIES  Spoofing through Keys  Spoofing through a Bluetooth Address  PIN Length
  • 13. COUNTERMEASURES  Know your Environment  Be Invisible  Abstinence is best  Use only long PIN codes (16 case sensitive alphanumerical characters)  Requiring Authentication for every L2CAP request  Using additional security at software level and an additional password to physically protect the Bluetooth devices
  • 14. COUNTERMEASURES CONTD…  Requiring re authentication always prior to access of a sensitive information / service  To prevent Man-in-the-middle attack, approach is to make it difficult for an attacker to lock onto the frequency used for communication. Making the frequency hopping intervals and patterns reasonably unpredictable might help to prevent an attacker from locking onto the devices signal.
  • 15. PROPOSED SOLUTION FOR DOS ATTACK  When the pairing message is sent by one device  When the attacker is sending the message with the address, which is already connected to Bluetooth device  When the pairing message sent by more than one device  When the attacker is changing the Bluetooth address of itself with another Bluetooth address
  • 17. UMTS system architecture (R99) is based on GSM/GPRS
  • 18. POSSIBLE ATTACKS ON UMTS  Denial of service  Identity catching  Impersonation of the network  Impersonation of the user
  • 19. 3G SECURITY FEATURES  „ Mutual Authentication The mobile user and the serving network authenticate each other  „ Data Integrity Signaling messages between the mobile station and RNC protected by integrity code  Network to Network Security Secure communication between serving networks. IPsec suggested  Secure IMSI (International Mobile Subscriber Identity) Usage The user is assigned a temporary IMSI by the serving network
  • 20. 3G SECURITY FEATURES CONTD…  „ User – Mobile Station Authentication The user and the mobile station share a secret key, PIN  „ Secure Services Protect against misuse of services provided by the home network and the serving network  „ Secure Applications Provide security for applications resident on mobile station
  • 21. AUTHENTICATION AND KEY AGREEMENT  „ AuC and USIM share  permanent secret key K  Message authentication functions f1, f1*, f2  key generating functions f3, f4, f5  „ AuC has a random number generator  „ AuC has scheme to generate fresh sequence numbers  „ USIM has scheme to verify freshness of received
  • 22. AUTHENTICATION AND KEY AGREEMENT home 128 bit secret key K is shared between the network and the mobile user Home Network Mobile station
  • 23. Complete Message flow for successful AKA
  • 26. NETWORK DOMAIN SECURITY  IPSec  IP traffic between networks can be protected with IPSEC between security gateways  Encapsulating Security Payload (ESP) is used for protection of packets  ESP is always used in tunnel mode  Advance Encryption Standard (AES)
  • 27. CDMA
  • 28. CODE DIVISION MULTIPLE ACCESS (CDMA)  Channel access method used by various radio communication technology  Employs spread spectrum technology and a special coding scheme  Attacks are very difficult and rare
  • 29. DIFFERENCE BETWEEN CDMA, TDMA AND FDMA
  • 30. TYPES OF CDMA  Frequency Hopping Spread Spectrum CDMA  Direct Sequence Spread Spectrum CDMA
  • 31. SECURITY  By design, CDMA technology makes eavesdropping very difficult  42-bit PN (Pseudo Random Noise) sequence  64-bit authentication key (A-Key)  Electronic Serial Number (ESN) of the mobile