Fast and authenticated vertical handovers in heterogeneous ppt
802.11R Sarbjeet Singh NITTTR-CHD
With increase in WLAN , fast roaming services with uninterrupted services had become great issue in IEEE802.11. vertical handovers had made possible for user to transfer itself to other technology service without disturbances in ongoing process. Its is known that security problems in GSM authentication when it comes to high speed moving users, because of there frequent change of cell sites. Handover could be horizontal or vertical and per user requirement. MIH (media independent handover) though provide vertical handover but on other hand 802.11 r had provided us fast and secure connection oriented handover from one access point to another with in same mobility domain. Thus feature of security and authentication is integrated with handover for user security.
Introduction. Concept of handovers and approaches MIH(Media Independent Handover) Concept and procedure Fast and Seamless Handover Mechanism in 802.11r. RSNA establishment Handover Procedure Authentication. Summary.
Movement of mobile in different regions.(near far problem) Capacity of one BTS is almost full.(call setup/disconnection) Umbrella approach.
During this handover:-main requirement of user becomes Qualityof service Data encryption Authentication services Fast hand over Smooth handover Seamless handover
Here handover have 3 phases: Initiation Decision Execution Media independent handover (IEEE 802.21) provide seamless mobility among different networks. Initiation Network discovery Network selection Handover negotiation Decision handover algorithm(MIHF) Execution Mobility management Handover management
IEEE 802.11r-2008 or fast BSS transition (FT) is a standard to permit continuous connectivity aboard wireless devices in motion, with fast and secure handoffs from one base station to another managed in a seamless manner. PMK: pairwise master key. PTK: pairwise transient key GTK: group temporal key RSNA :robust security network association. In RSNA establishment few frame contain information element like:- mobility domain information element (MDIE) and fast BSS transition information element (FTIE).
It have 3tier key hierarchy which is the key management framework. Hierarchy is as follow: 1) 802.1x authenticator 2) FT key hierarchy at authenticator (AP) 3) Non-AP STA R0KH() R0 key holder identifier is set to identity of the co resident NAS client R1KH(R1 key holder) identifier is set to MAC address of physical link that store PMK-R1.
During handover procedure, mobile station(MS) searches for new healthy signal. Mobile station makes measurements of signal and may take up to 10sec. sowe see GSM encryption Algorithm A5/2 allows attackers to recover the encryption key by taking only few millisecond of encrypted traffic. GSM is much prone to man-in-middle attacks. So to overcome we use A5/3 algorithm, this algorithm is costly because of its conversion formula.
If an attacker records the UMTS communication and breaks the GSM encryption key after the handover to GSM, he can reverse engineer at least parts of the UMTS keys. This is possible, because the UMTS encryption (CK) and integrity protection (IK) keys are only converted into a GSM encryption key Kc and vice versa by the following equations: Κc= c3(CΚ, ΙΚ)= CΚ1⊕ CΚ2 ⊕ ΙΚ1⊕ ΙΚ2 .----(1) CΚ= c4(Κc)= Κc ∥Κc ----- (2) ΙΚ= c5(Κc)= Κc1⊕ Κc2∥Κc∥ Κc1⊕ Κc2. ---- (3) Where Kc = Kc1∥ Kc2 and Kc1 and Kc2 each consist of 32 bit. CK and IK are split into CK1 and CK2 and IK1 and IK2 respectively, each consisting of 64 bit, so that CK = CK1 ∥ CK2 and IK = IK1 ∥ IK2.
IEEE 802.21 MIH protocol defines a set of handover enabling fuction, and introduces a new logical entity called MIHF, which resides between the link layer and network layer. MIH users are anticipated to make handover and link making decisions based on internal policies, context and information received from MIHF. Mainly MIHF provide information to network selectors or mobility management entities. For the application, 802.11r provides seamless connectivity with a fast and secure handover from one AP to another within the same mobility domain. This is achieved by deriving all necessary encryption keys prior to a reassociation. Shortening handover preparation and execution makes it possible to add authentication into the handover process so that it will be checked if the MT that wants to access to the service offered by the new cell, is really the one whose handover was expected or is an unwanted guest. The time saved can be used to perform at least the authentication challenge and key computation. Anyway the authentication can be finished before the handover is completed.
 George Lapropoulos and Charalabos Skianis, "Optimized Fusion Of Heterogeneous Wireless Network Based on Media Independent Handover Operations," IEEE Wireless Communication , voU7, no. 2, pp. 78-87, Aug. 20 I O.  S.Tamilselvan and C.Tamizhselvan “IEEE 802.21 Media Independent Handover Mechanism for Heterogeneous Networks” Pondicherry Engineering College, 2012  Tu Jun, Zhang Ying-jiang, Ye zhi-Wei, Chen Zhi-lan, Performance Analysis of Vertical Handof in WiFi and WiMAX Heterogeneous Networks," IEEE Wireless Communication, pp. 1- 5, Jan. 2009,  ETSI, “Requirements and Architectures for Interworking between HIPERLAN/3 and 3rd Generation Cellular Systems”, ETSI TR 101 957, Aug. 2001.  J. Manner and M. Kojo, Mobility Related Terminology, IETF RFC 3753, June 2004; http://www.ietf.org/rfc/rfc3753.txt.  Y. Yorozu, M. Hirano, K. Oka, and Y. Tagawa, “Electron spectroscopy studies on magneto-optical media and plastic substrate interface.” IEEE Transl. J. Magn. Japan, vol. 2, pp.740-741, August 1987 [Digests 9th Annual Conf. Magnetics Japan, p.301, 1982].  M. Young, The Technical Writer’s Handbook. Mill Valley, CA: University Science, 1989.  Ahmad Ali Tabassam, Henning Trsek, Stefan Heiss, Jürgen Jasperneite” Fast and Seamless Handover for Secure Mobile Industrial Applications with 802.11r” Ostwestfalen-Lippe University of Applied Sciences,Germany.  802.11r-2008, IEEE Standard for Information Technology Telecommunications and information exchange between systems Local and metropolitan area networks Specific requirements - Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Spec., Amendment 2: Fast Basic Service Set (BSS) Transition, July 2008.  3GGP, TS 25.133, Requirements for support of radio resource management (FDD) (Release 6)  K. Kastell, A. Fernandez-Pello, D. Perez, U. Meyer, R. Jakoby,“Performance advantage and use of a location based handover algorithm,” Proceedings of the 60th IEEE Vehicular Technology Conference (VTC), pp. 2876-2883, September 2004.  E. Barkan, E. Biham, and N. Keller, “Instant ciphertextonly cryptanalysis of GSM encrypted Communication,” in Advances in Cryptology – CRYPTO  Kira Kastell and Rolf Jakoby” Fast Handover with Integrated Authentication for Hybrid Networks” Darmstadt, Germany.