Communications within networks must be kept secure at all times and in all places to avoid disclosing of confidential information to unauthorized entities. The difficulties of keeping a network secure are increased dramatically in wireless communications networks, where use of the air interface makes the task of unauthorized listeners easier, since information exchanged over the air can be easily eavesdropped when encryption is not applied. The importance of securing wireless networks grows with the proliferation of wireless devices (cell phones, laptops, personal digital assistants or PDAs, two-way pagers, etc.) and services (e-mail, text, messaging, video, voice) offered by the wireless network and equipment providers.
Various cryptographic algorithms may be used in order to maintain data in a secure state over network communication channels. Generally, encryption/decryption operations are resource-intensive, requiring a very fast processor, or a long time to complete. Other methods have relied on a large amount of memory. Therefore, when developing security for mobile networks, two major constraints inherent to mobile devices (or mobile nodes, or mobiles) must be considered: the availability of lower power consumption and the computing resources (e.g. processing power, memory, bandwidth) of a typical mobile device. These constraints are increasingly relevant due to the modern trend to develop smaller and lighter mobile nodes, since batteries and computational hardware must be integrated into a reduced volume. Therefore, in order to enable mobile users with the same services as the users of wired networks, and to preserve at the same time the service quality, it is imperative to se the hardware resources of mobile nodes as efficiently as possible. In this case, the impact of this requirement on the mobile devices is directly relevant to the security of the mobile networks.
For the reader's convenience, some acronyms used in this specification are listed below.
AES—Advanced Encryption Standard
The current approved algorithm for use by the US government for securing critical data. It specifies an algorithm (Rijndael) and appropriate key lengths for various uses.
DES—Data Encryption Standard
An algorithm used by the US government for securing critical data. This is a symmetric-key encryption system.
S-HTTP (or HTTPS)—Secure HyperText Transfer Protocol
A protocol for transmitting data securely over the Internet approved by the Internet Engineering Task Force (IETF) as a standard. By convention, URL's that require a secure connection start with https: instead of http:
IPSec—Internet Protocol Security
Standard set of network protocols defined by the Internet Engineering Task Force (IETF) to enable secure exchange of datagrams at the IP layer.
SSL—Secure Sockets Layer
A protocol developed by Netscape for transmitting private documents (e.g. credit card numbers) via the Internet, using a private key to encrypt data.
TLS—Transport Layer Security
A protocol that ensures privacy between communicating applications and their users on the Internet. When a server and client communicate, TLS ensures that no third party may eavesdrop or tamper with any message. TLS is the successor to the Secure Socket Layer (SSL).
GSM—Group Special Mobile
English translation is Global System for Mobile communications. GSM is the world's most widely used digital mobile telephony system.
UMTS network—Universal Mobile Telecommunication System network
It is one of the major Third Generation mobile communications technologies that are being developed within the framework of ITU.
WPA—Wi-Fi Protected Access
A Wi-Fi standard designed to improve the security features of the Wired Equivalence Protocol (WEP), the security mechanism specified by the 802.11 standard. WPA includes two improvements over WEP, namely data encryption using the Temporal Key Integrity Protocol (TKIP), and user authentication using the Extensible Authentication Protocol (EAP).
WiMax—Worldwide Interoperability for microwave access
WiMax is a wireless industry coalition whose members are organized to promote IEEE 802.16 standards for Broadband Wireless Access (BWA) networks. WiMax 802.16 technology is expected to enable multimedia applications with wireless connection and enable networks to have a wireless last mile solution
In current mobile network deployments, mobile nodes are sometimes required to perform multiple encryptions and decryptions. This is usually the case when application-specific security is used in conjunction with security mechanisms at the local access network. Firstly, IEEE 802.11i specifications require that communications over the radio link be encrypted using AES, or TKIP to protect the traffic over the air-interface. Secondly, application-specific security like HTTPS, which uses SSL for encryption, and integrity-protection are used to protect the communication between users and application servers; when a mobile user associates with an 802.11 network and connects to an application server, HTTPS is used to provide end-to-end protection over the Internet. This provides a very robust mechanism for protecting user traffic against eavesdropping and data modification.
The problem with this approach is that the traffic from the mobile node is first protected using SSL and then 802.11i protection using AES is applied to the SSL-encrypted traffic. The access point on receiving the traffic decrypts the related data using AES and then forwards the SSL-protected datagrams to the appropriate network element for further forwarding to the final destination (the application server). Therefore, the user traffic is double-encrypted between the device and the access point.
A similar double encryption approach is also used between nodes on a multi-hop wireless network. A concrete example of this is a laptop connecting to a VPN (virtual private network) gateway on the Internet through an IPSec tunnel, while using AES encryption for the local wireless network. In this case, encrypted IPSec traffic is encrypted again through WPA before being sent to the access point. This second encryption is redundant, as it does not contribute to security and degrades both performance and battery life of the laptop. For mobile nodes such as PDAs and cellular phones that are even more compact than laptops, judicious use of the battery power is crucial.
To summarize, the current security solutions for mobile networks include some form of double encryption/decryption, whether it is between the mobile and the access point or between the nodes of the wireless network. This causes CPU resource consumption since encryption is a very computationally intensive operation. Such computations also drain the battery faster, and as discussed above, the power supply of the mobile devices is at a premium when considering the limitation in current battery technology and sizes that are thought to be acceptable. Therefore, it would be highly beneficial if this duplication could be avoided.
Furthermore, ensuring that encryption and integrity protection mechanisms are not duplicated across the different layer of the OSI model is of stringent interest for devices that need to access services in an efficient and reliable way. This is especially the case for real-time applications that require fast packet processing and subsequent handling. Adding redundant protection mechanisms at different network layers can dramatically decrease the overall end-to-end performance rates associated to such applications. The difficult part is to find a way to make the layers to interact intelligently, embedding sufficient information into the network data flow, so that they can synchronize their security protection features at the network link level.
There is a need for a mechanism permitting two parties communicating over a wireless network to negotiate the best way to secure the networking communication channel, without duplicating protection features associated to a specific network layer.
There is also a need to provide a security mechanism that is generic, flexible, and can be used in conjunction with a wide variety of wireless networks. As more and more wireless networks are deployed, the need to reduce the complexity in multiple encryption/decryption process will be considered actively and this also means eventual changes to standards and the inter-working of different radio standards to perform only single encryption operations.