I Pv6 Over Bluetooth Security Challenges C 5.

1,604 views

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,604
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
41
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

I Pv6 Over Bluetooth Security Challenges C 5.

  1. 1. IPv6 over Bluetooth:Security Aspects,Issues and its Challenges J.Hanumanthappa1 ,Dr.Manjaiah.D.H.2 1 Teacher Fellow,Dos in Computer Science, University of Mysore, Manasagangothri, Mysore, Phone No: +91821-2419552; Fax: +91821-2510789; Email:hanums_ j@yahoo.com 2 Reader, Mangalore University, Mangalagangothri, Mangalore, Fax: 091- 0824 – 2287670 (o) / 2288973 (r) 2287424 (fax);Email:ylm321@yahoo.co.in Abstract Bluetooth is a recently proposed standard communications protocol for wireless personal area networks and it has become a defacto standard for short range ad-hoc radio connections.Security concern is one of the important problems delaying the mass adoption of Bluetooth and IPv6.This paper focuses study on security issues, security aspects of IPv6 over Bluetooth security mechanisms.It presents the security issues in various circumstances, and challenges arising from the integration of Internet ,IPv6 over the short range wireless communicating protocol called Bluetooth.Its explains briefly an overview of Bluetooth and describes some of the major issues that need to be addressed,if it is to be successful as a wireless networking technology.After an overview of general Bluetooth protocol a security frame work is introduced for the description of Bluetooth security paradigm, then both link level and service level schemes are discussed in detail on the basis of paradigms.It also explains how to analyze what are the various drawbacks of Bluetooth security issues over IPv6 security issues. Keywords :-Bluetooth, IPv6 Security, IPSec etc. 1. Introduction Interoperation of wireless standards and Internet protocols based services represents one of the main evolution in next generation of new services.The evolution in wireless networks has lead to wide variety of internet and wireless applications. Internet Protocol standards like IPv4 and IPv6 respectively the former and next generation of prominent Network protocols.Therefore integration of IPv6 and Bluetooth seems to be an interesting objective to conceive for next generation for next generation services of wireless networks.Further more the growth in Wireless networks, predicts an increasing role of wireless communication techniques in the future and consequently, Security is taking an important role in next generation services. Future evolution on portability and security has also effects on the use and performance of Internet Protocols.IP-Sec in IPv6 offers solution to handle security at a network layer protocol. Usually Bluetooth consumes a low power, cost effective, globally available, ease of use, applicable to wide range of devices[1][2]. In this paper, we present the security issues and the challenges of the integration of the new version of the Internet, IPv6 and the Standard communication protocol for wireless personal area networks.A complete architecture is presented, for which any security scenario is depicted from one designed technology to another design technology. New Security Solutions are developed and their enhancements are suggested in order to optimize such mechanisms. We know that Bluetooth is a new technology named after the 10th century Danish king Harald Bluetooth is standard proposed for local wireless communication and is becoming hotter and hotter a topic. The primary goal of Bluetooth is a cable replacement protocol for wireless connectivity.The Bluetooth system operates in the worldwide unlicensed 2.4 GHz ISM frequency band and employs Frequency Hopping (FH) technique in which the carrier frequency is changed at every packet transmission.To minimize complexity and to reduce the cost of the transceiver, a simple binary Gaussian frequency shift keying modulation is adopted. A diverse set of wired and wireless devices are Bluetooth connectable including office appliances : for example laptops, PDAS, printers, projectors, desktop PC’s,
  2. 2. communication appliances like mobile phones, speakers ,headsets etc, home appliances: for example DVD players, digital cameras etc. Bluetooth is not only applicable for all these applications , in one single statement Bluetooth is fit for all sorts of applications like wireless office , electrical paying , meeting room , intelligent parking ,banking ,insurance sectors etc. Any Bluetooth device can be either a master or a slave depending on the application scenario. Two or more Bluetooth units sharing a same channel form a piconet. Within a piconet a Bluetooth unit can act like a slave unit or a master unit. For multiple Bluetooth devices to communicate, they must all synchronize to the same hopping sequence. The master sets the hopping sequence and slaves synchronize to the Master piconet is formed by a master and upto seven active slaves. A Scatter net can be formed by linking two or more piconets.when a device is present in more than one piconet then it must time share and synchronize to the master of the piconet with which it is currently communicating. The topology and hierarchical structure of wireless local area networks are relatively simple, however Bluetooth networks are diverse and dynamic in nature. Bluetooth was developed by Bluetooth Special Interest Group (BSIG) formed in may 1998.Intel, IBM, Nokia, Toshiba have become the founding members of BSIG. All most all of the biggest telecom companies like Motorola, Lucent have joined the BSIG. This paper is organized as follows. We briefly described the salient features of the security issues of Bluetooth technology in Section 2.We describe Internet over IPv6 security in section 3.We discuss IPv6 Security aspects over Bluetooth Security aspects in Section 4 and briefly review the existing research in section 5.We describe our research approach in overcoming these challenges and provide some initial results in section 6 and 7.Finally we conclude paper in section 8. 2.Context and Motivations 2.1. Importance of Security in Bluetooth 2.1.1. Security Issues of Bluetooth The various Security issues related to Bluetooth are mentioned as follows: 1.The data is transmitted in clear unless encryption is selected. 2. Information can be stolen by using Bluetooth to transfer it. 3. Denial of Service attacks can be performed on Bluetooth devices. 4. Transmission of malware (viruses or worms) over Bluetooth is possible. Bluetooth worms already exist. 5. Services using Bluetooth are susceptible to the same vulnerabilities as any other standard services. Security support in Bluetooth represents an important parameter for the deployment of this technology. Security for wireless is provided on the various wireless links, in other words, link encryption and authentication may be provided, but true end to end security is not possible without providing higher layer security solutions on top of Bluetooth’s Radio standard and a communication protocol like Bluetooth specification which supports for following three important basic security services. 1. Authentication-The aim of Bluetooth is to identify various communicating devices. It gives an abort message when a device cannot authenticate properly. 2. Confidentiality-Another important security goal of Bluetooth is confidentiality. 3. Authorization-Third goal of Bluetooth is a security service developed to allow the control of resources. Security has played an important role in the invention of Bluetooth. The Bluetooth secure technology provides more security because of its BSIG.Generally the security aspects of Bluetooth are broadly divided into three modes. 1. Non Secure, 2.Service level enforced security, 3.Link level enforced security. 2.2.Next Generation IP Networks: IPv6 IPv6 is the new version of IP which is designed to be an evolutionary step from IPv4.There is numerous reasons could be appropriate to the next generation of networks. It solves the internet scaling problem, provides flexible transition mechanisms for the current internet, and was designed to meet the needs of new market such as nomadic computing devices, network entertainment and device control. It provides these features in an evolutionary way Which reduces the risk of architectural problems [1].
  3. 3. The advantages of incorporating IPv6 support in an interactive Bluetooth communication protocol are mainly focused on 1. Bluetooth and IPv6 Protocol form a great team to create an “always-on” world.-The IPv6 will enable us to connect everyone and everything to the internet, allowing real two way internet connectivity, similar as offered today by the phone system. 2. In general terms, Bluetooth technology has a good support of IPv6 protocol. 3. IPv6 will allow to develop new applications in very different and new areas like VOIP, 3G, 4G mobile phones, Home networks, Car-2-Car, IP mobility etc. 3.Internet over IPv6 Security During the last years it became clear, that good and standardized security mechanisms will be the requirement for the further success of the Internet. Many security mechanisms had to be implemented to ensure security for important data transfers via the Internet.SSL on base of the HTTP protocol or SSH as a replacement for the insecure telnet service are the most famous examples of security add-ons which were invented to make insecure services usable again. All of these security mechanisms have one thing in common; they are implemented on the Application Layer written for a special kind of application, using a special more or less secure encryption or authentication method. IP-Sec takes a different approach in implementing security. It implements security on top of the network layer, thus enabling all services working on top of IP to automatically use it’ security mechanisms [18]. 3.1. Attacks on Internet Services. There are basically three types of security threats on internet services, Disruption of Service or Denial of Service attacks, Fabrication, Modification or Deletion of Information, Electronic Eavesdropping Passive attacks [18]. Figure 1.Types of Attacks 1. Disruption of Service or Denial of Service attacks: This kind of attack stops services from running normal by stopping, overloading or simply Destroying them. They are easily detected cause they have an immediate and noticeable impact. 2. Fabrication, Modification or Deletion of Information: These attacks are not easily detected and are characterized by infiltrating false information in payment systems, email or any other trusted communication. 3. Electronic Eavesdropping: It’s a type of passive attacks.This are usually impossible to detect and in a Internet Impossible to prevent.Ex: Snipping IP traffic. 3.2. Common attacks on IPv6 We know that IPv6 cannot solve all the types security problems. Basically IPv6 cannot prevent any attack on layers above the network layer in the network protocol stack. The list of IPv6 attacks that cannot be prevent are mentioned as follows. 1.Application Layer Attacks,2.Brute-force attacks and password guessing attacks on authentication modules,3.Rogue Devices, Denial of Service, Social attacks: such as email spamming, phishing, etc. 4.IPv6 Security aspects over Bluetooth Security Aspects Attacks DOS attacks Deletion of Information attacks Electronic eavesdropping Attacks
  4. 4. 4.1. Related Work There have been a few investigations on different aspects of on Bluetooth security issues and challenges and IPv6 security issues and challenges Bluetooth security is robust, complex and simple, when compared with WLAN security. It is more complex in the sense that there are many different options for security based on different application scenarios. It is simpler in the sense that, for the most part, they are transparent to the user. Case 1: The below Table -1 shows the comparison between the security aspects of IPv6 over Bluetooth under various circumstances [18]. Table-1.Security features of Bluetooth per the parameters and IPv6 Security parameters. IPv6 Security parameters Bluetooth Security parameters 1.Security in IPv6 is provided by IP-Sec. 1. Security in Bluetooth is supported by BSIG. 2. In IP-Sec it contains two basic security services defined by IETF like 1.Encryption and Authentication. 2.Three basic security services defined by Bluetooth are 1. Confidentiality, 2.Authentication, 3.Authorization. 3.The IPv6 authentication procedure is not in the form of a ”challenge-response” scheme 3. The Bluetooth authentication procedure is in the form of a ”challenge-response” scheme. 4.Security Association(SA’s)is the internal base construct of IP-Sec. 4. Bluetooth provides a frequency-hopping scheme with 1,600 hops/second combined with radio link power control. 5. No 5. The security process during establishment of personal area networks based on the Link key generation. 6. In IP-Sec Security Associations are stored in Security Association Database (SAD). No 7. The MS-Windows SA’s are managed by IP-Sec policy agent. No 8. In the Linux IP-Sec Free/SWAN package SAs are managed by the spi command. No 9.SA’s support five important parameters like The Security Parameter Index (SPI),The desired IP-Sec service (AH or ESP),The transmission mode (Tunnel/Transport), Source and Destination address,. Used authentication/encryption method, Used Keys [18]. No Case 2: The below Table -2 shows the comparison between the security parameters of IPv6 Security and Bluetooth Security based on Encryption process[18]. Table-2.Comparison of Security features of Bluetooth and IPv6 Security mechanisms based on encryption level process. Bluetooth Security Mechanisms IPv6 Security Mechanisms 1. Bluetooth allows three various encryption modes support the confidentiality service. 1. Like authenticated data, encryption data can be sent in two different ways. 1. Payload encryption (Transport), Tunnel mode encryption. 2.The Bluetooth specification also allows three different encryption modes to support the confidentiality Service. 1. Encryption Mode 1-No encryption is performed on any traffic. 2.Encryption Mode 2-Broadcast traffic goes unprotected (not encrypted), but individually addressed traffic is Encrypted according to the individual link keys. 3. Encryption Mode 3-All traffic is encrypted according to the master link key. 1.Pay Load encryption: If it is required to encrypt the Whole IP package, the encrypted IP package has to be wrapped with an outer IP package. Using the mechanisms shown above it’s possible to first encrypt and then authenticate the encrypted package. Using the mechanisms shown above it’s possible to first encrypt and then authenticate the encrypted package. Case 3:
  5. 5. We compare Bluetooth technology Security techniques and IPv6 Security techniques based on Trust levels, Service levels, and Authorization Table-3. Table-3.Security features of Bluetooth techniques and IPv6 Security techniques based on Trust levels, Service levels, and Authorization. Bluetooth Security techniques IPv6 Security techniques 1. Bluetooth allows two levels of trust and three levels of service security. Two trust levels are broadly divided into 1. Trusted and 2.Untrusted levels. Where trusted devices have a permanent relationship. Therefore all these instruments can be accessed fully for all kind of services. There is no permanent relationship in untrusted devices. In IPv6 IPSec uses two protocols, Authentication Header (AH) and Encapsulating Security y Payload ESP).The first protocol provides for authentication and data integrity. The second protocol provides for Authentication, data integrity, and confidentiality [20]. Case- 4:Comparison between IPv6 security mechanisms and Bluetooth mechanisms based on Security levels is Shown in Table-4. Table-4: Security characteristic features of IPv6 and Bluetooth. Bluetooth Security characteristic features IPv6 characteristic features. 1. Security levels in Bluetooth can be divided into three levels like 1. Service Level 1—Those that require authorization and authentication. Automatic access is granted only to trusted devices. Untrusted devices need manual authorization. 2. Service Level 2—Those that require authentication only. Access to an application is allowed only after an Authentication procedure. Authorization is not necessary. 3. Service Level 3—Those that are open to all devices. Authentication is not required, and access is granted automatically. The levels Service level -1,Service level-2,Service level- 3 will not play any major in an authentication supported by IPv6 IP-Sec. From all these four different tables we can see lot of differences between IPv6 Security mechanisms and Bluetooth security mechanisms under various circumstances. Both IPv6 and Bluetooth introduce several components to compare the contrast the security salient features with Bluetooth salient features. Finally we have determined efficiency, security, portability aspects of IPv6 and Bluetooth. 5.IPv6 Security Challenges In IPv6 we are using the various challenges issues like larger address space,IP-Sec, Neighbour discovery and address auto configuration etc.We see a short a description about these security challenges in IPv6 one by one. 1. Larger address space:Port scanning is one of the best known reconnaissance techniques in use today. Port scanning allows “black-hats” to listen to specific services (ports) that could be associated to well-known vulnerabilities [23]. 2.IP-Sec:IP-Sec uses two wire-level protocols, Authentication Header (AH) and Encapsulating Security. Payload ESP).The first protocol provides for authentication and data integrity. The second protocol provides for Authentication, data integrity, and confidentiality [20].In IPv6 networks both the AH header, and the ESP header are defined as extension headers.Additionally,IP-Sec provides for a third suite of protocols. for protocol negotiation and key exchange management known as the Internet Key Exchange (IKE). 2.1. Authentication Header.As mentioned before, the authentication header prevents IP packets from being tampered or altered. 2.2.In the ESP extension header, the security parameter index (SPI) field identifies what group of security parameters the sender is using to secure communication.ESP supports any number of encryption mechanisms.Also, ESP does not provide the same level of authentication available with AH. 2.3. Transport and Tunnel modes:-However, in IPv6 networks, there is no need for a tunnel mode because, as mentioned above, both the AH and ESP protocols provide enough functionality to secure IPv6 traffic [22].
  6. 6. 2.4. Protocol negotiation and key exchange management. In addition to AH and ESP, IPSec also specifies additional functionality for protocol negotiation and key exchange management [1]. 2.4. Neighbor discovery (ND) is the mechanism responsible for router and prefix discovery, duplicate address and network unreachability detection, parameter discovery,and link-layer address resolution [1] [22]. 6. Bluetooth Security Challenges In Bluetooth we are using the various challenges issues like Link Key Generation—Bluetooth Bonding, Bluetooth Authentication, 2.3 Bluetooth Encryption Process, Security Features of Bluetooth per the Specifications, Trust Levels, Service Levels, and Authorization. 7.Conclusions This paper was intended as a brief introduction to the many Security Challenges that the Bluetooth and IPv6 currently facing if it’s to succeed as a technology for building wireless networks. The interoperation of next generation IP networks technology, IPv6 and Wireless networks technology standard is an undoubtedly an important step to deploy for Next Generation Networks. Bluetooth is one of the several new wireless technologies that are changing the entire enterprise environment. Because it is very low Power, shorter range, lower bandwidth, used for less sensitive applications and more sparsely used than the other wireless technologies. In this paper we concluded that Bluetooth Security is reasonably robust to applications with less security requirements as compared to IPv6 Security mechanisms and granular in its form and is quite secure even in its default state. However we don’t know an application developers may or may not select to incorporate security into application layers, it is possible that the Blue tooth security will be more robust than the IPv6 security. Despite all criticism IP-Sec is the best network security solution currently available. It allows two networks to securely connect over the Internet, or just enabling secure data transmission for network services operating in clear text. It should be noted, however, that IP-Sec does not automatically secure everything, it’s as secure as the computer, operating system or application it is working on. IP-Sec does attempt to standardize security mechanisms in the Internet and is a great step toward a more secure Internet. 8.Acknowledgements This research paper has been supported by Department of studies in Computer Science,Manasagangothri, University of Mysore and Department of P.G. Studies and Research in Computer Science,Mangalagangothri,Mangalore University.And also I am very thankful to my beloved supervisor Dr.Manjaiah D.H for his encouragement during the preparation of this paper as a esteemed publications. 9.References [1].Dr.Manjaih.D.H. Hanumanthappa.J.A Study on Comparison and Contrast between IPv4 and IPv6 Feature sets. In Proceedings of ICCNS 2008, 2008. [2].Dr.Manjaih.D.H.,Hanumanthappa.J.,Transition of IPv4 Network Applications to IPv6 Applications, In Proceedings of ICETiC-2009, 2009. [3].B.Miller and C.Bisdikian,Bluetooth revealed :The insiders guide an open specification for global wireless communications.Prentice Hall 2000. [4].S.Deering and R.Hinden “Internet Protocol Version 6(IPv6) Specification”, RFC 2460, December 1998. [5].Bluetooth SIG, http://www.Bluetooth.com [6]Bluetooth Security Architecture white paper, http://www.Bluetooth.com/developer/whitepaper/whitepaper.asp. [7]Bluetooth support in Windows XP, http://www.microsoft.com/hwdev/tech/network/Bluetooth. [8].Hans Jacob Rivertz, “Bluetooth Security “, Nowergian computing centre, 3/3/2005. [9].Gehrmann, C. (2002). Bluetooth Security White Paper : Revision 1.0. Bluetooth Document. April 2002. [10].Jakobsson and Wetzel. 2001. Security Weaknesses in Bluetooth. RSA ’01. Available from http://www.informatics.indiana.edu/markus/papers.asp [Accessed 18th March 2003] [11].Muller T. Bluetooth Security Architecture: Version 1.0. Bluetooth White Paper,Document # 1.C.116/1.0, July 15, 1999. [12].Nichols and Lekkas (2002).Wireless Security: Models, Threats and Solutions. New York: McGraw-Hill. [13].Whitehouse. Bluetooth: Red fang, blue fang. CanSecWest/core 04. Available from: http://cansecwest.com/csw04/csw04-Whitehouse.pdf [Accessed 2nd October 2005]. [14].Traskback.(2000). Security of Bluetooth: An overview of Bluetooth Security. Available from: http://www.cs.hut.fi/Opinnot/Tik-86.174/Bluetooth_Security.pdf, [Accessed 27th April 2003] [15].Suvak,D.(1999).IrDA versus Bluetooth: A Complementary Comparison. Extended Systems White Paper. Available from: http://www.dpi.net.ir/pc/MobileComputing/articles/IrDA%20versus%20Bluetooth%20A%20Complementary%20Comparison.ht [Accessed 27th April 2003]. [16].Nichols and Lekkas (2002).Wireless Security: Models, Threats and Solutions.New York: McGraw-Hill. [17].Karygiannis and Owens.Wireless Network Security: 802.11,Bluetooth and Handheld devices. November 2002. NIST
  7. 7. Special Publication 800-48.Available from: http://csrc.nist.gov/publications/nistpubs/800-48/NIST_SP_800-48.pdf [Accessed 6th April 2003]. [18].S.Hagen, July 2002. IPv6 Essentials - Integrating IPv6 into your IPv4 Network,O’Reilly,p 1-4,12-16, 77-104. [19].W.Stallings,1998.Cryptography and Network Security: Principles and Practice, Prentice Hall,p 399-432. [20].Kent, S.; Seo, K., “Security Architecture for the Internet Protocol,” RFC 4301, Dec. 2005, http://tools.ietf.org/html/4301 [21]. Friedl,S., “An illustrated Guide to IPSec,”Unixwiz.net, Aug.2005, http://www.unixwiz.net/techtips/iguide- ipsec.html [22].Szigeti, S.; Risztics, P.,"Will IPv6 bring better security?,” Proceedings 30th Euromicro Conference,2004, vol., 532- 537, 31 Aug.-3 Sept. 2004. [22]. Popoviciu C.; Levy-Avegnoli, E.; Grossetete, P.,Deploying IPv6 Networks, Cisco Press, Indianapolis, IN,2006. [23].Ford, M., “New Internet Security and Privacy Models Enabled by IPv6,”The 2005 Symposium on Applications and the Internet Workshops, 2005. Saint Workshops 2005, vol., no.pp. 2-5, 31-04 Jan. 2005. Mr.Hanumanthappa.J. is Lecturer at the DoS in CS,University of Mysore, Manasagangothri,Mysore- 06 and currently pursuing Ph.D in Computer Science and Engineering, from Mangalore University under the supervision of Dr.Manjaih.D.H on entitled “IPv6 and Multimedia Stuffs”. His teaching and Research interests include Computer Networks,Wireless and Sensor Networks, Mobile Ad-Hoc Networks,Intrusion detection System,Network Security and Cryptography, Internet Protocols, Mobile and Client Server Computing,Traffic management,Quality of Service,RFID,Bluetooth,Unix internals, Linux internal, Kernel Programming ,Object Oriented Analysis and Design etc.His most recent research focus is in the areas of Internet Protocols and their applications. He received his Bachelor of Engineering Degree in Computer Science and Engineering from University B.D.T College of Engineering , Davanagere,Karnataka( S),India( C),Kuvempu University,Shimoga in the year 1998 and Master of Technology in CS&Engineering from NITK Surathkal,Karnataka( S ),India (C) in the year 2003.He has been associated as a faculty of the Department of Studies in Computer Science since 2004.He has worked as lecturer at SIR.M.V.I.T,Y.D.I.T,S.V.I.T,of Bangalore.He has guided about 50 Project thesis for BE,B.Tech,M.Tech,MCA,MSc/MS.He has Published about 10 technical articles in International ,and National Peer reviewed conferences.He is a Life member of CSI, ISTE,AMIE, IAENG, Embedded networking group of TIFAC – CORE in Network Engineering ,ACM.He is also a BOE Member of all the Universities of Karnataka, INDIA. Dr. Manjaiah D.H. is currently Reader and Chairman of BoS in both UG/PG in the Computer Science at Dept. of Computer Science, Mangalore University, Mangalore. He is also the BoE Member of all Universities of Karnataka and other reputed universities in India. He received PhD degree from University of Mangalore, M.Tech. from NITK, Surathkal and B.E., from Mysore University. Dr.Manjaiah D.H has an extensive academic, Industry and Research experience. He has worked at many technical bodies like IAENG, WASET, ISOC, CSI, ISTE, and ACS. He has authored more than - 25 research papers in international conferences and reputed journals. He is the recipient of the several talks for his area of interest in many public occasions. He is an expert committee member of an AICTE and various technical bodies. He had written Kannada text book, with an entitled, “COMPUTER PARICHAYA”, for the benefits of all teaching and Students Community of Karnataka. Dr .Manjaiah D.H’s areas interest are Computer Networking & Sensor Networks, Mobile Communication, Operations Research, E-commerce, Internet Technology and Web Programming.
  8. 8. This document was created with Win2PDF available at http://www.win2pdf.com. The unregistered version of Win2PDF is for evaluation or non-commercial use only. This page will not be added after purchasing Win2PDF.

×