A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends

This paper examines the security vulnerabilities and threats imposed by the inherent open nature of wireless communications and to devise efficient defense mechanisms for improving the wireless network security. We first summarize the security requirements of wireless networks, including their authenticity, confidentiality, integrity and availability issues. Next, a comprehensive overview of security attacks encountered in wireless networks is presented in view of the network protocol architecture, where the potential security threats are discussed at each protocol layer. We also provide a survey of the existing security protocols and algorithms that are adopted in the existing wireless network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term evolution (LTE) systems. Then, we discuss the state-of-the-art in physical-layer security, which is an emerging technique of securing the open communications environment against eavesdropping attacks at the physical layer. We also introduce the family of various jamming attacks and their counter-measures, including the constant jammer, intermittent jammer, reactive jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the integration of physical-layer security into existing authentication and cryptography mechanisms for further securing wireless networks. Finally, some technical challenges which remain unresolved at the time of writing are summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201

Principles of Physical Layer Security in Multiuser Wireless Networks: A Survey

This paper provides a comprehensive review of the domain of physical layer security in multiuser wireless networks. The essential premise of physical-layer security is to enable the exchange of confidential messages over a wireless medium in the presence of unauthorized eavesdroppers without relying on higher-layer encryption. This can be achieved primarily in two ways: without the need for a secret key by intelligently designing transmit coding strategies, or by exploiting the wireless communication medium to develop secret keys over public channels. The survey begins with an overview of the foundations dating back to the pioneering work of Shannon and Wyner on information-theoretic security. We then describe the evolution of secure transmission strategies from point-to-point channels to multiple-antenna systems, followed by generalizations to multiuser broadcast, multiple-access, interference, and relay networks. Secret-key generation and establishment protocols based on physical layer mechanisms are subsequently covered. Approaches for secrecy based on channel coding design are then examined, along with a description of inter-disciplinary approaches based on game theory and stochastic geometry. The associated problem of physical-layer message authentication is also introduced briefly. The survey concludes with observations on potential research directions in this area.Comment: 23 pages, 10 figures, 303 refs. arXiv admin note: text overlap with arXiv:1303.1609 by other authors. IEEE Communications Surveys and Tutorials, 201

Secure Authentication

Many complicated authentication and encryption techniques have been embedded into WiMAX but it still facing a lot of challenging situations. This paper shows that, GTEK Hash chain algorithm for Multi and Broadcast service of IEEE 802.16e facing a reduced forward secrecy problem. These vulnerabilities are the possibilities to forge key messages in Multiand Broadcast operation, which are susceptible to forgery and reveals important management information. In this paper, we also propose three UAKE protocols with PFS (Perfect Forward Secrecy) that are efficient and practical for mobile devices

Near-Optimal Modulo-and-Forward Scheme for the Untrusted Relay Channel

This paper studies an untrusted relay channel, in which the destination sends artificial noise simultaneously with the source sending a message to the relay, in order to protect the source's confidential message. The traditional amplify-and-forward (AF) scheme shows poor performance in this situation because of the interference power dilemma: providing better security by using stronger artificial noise will decrease the confidential message power from the relay to the destination. To solve this problem, a modulo-and-forward (MF) operation at the relay with nested lattice encoding at the source is proposed. For this system with full channel state information at the transmitter (CSIT), theoretical analysis shows that the proposed MF scheme approaches the secrecy capacity within 1/2 bit for any channel realization, and hence achieves full generalized security degrees of freedom (G-SDoF). In contrast, the AF scheme can only achieve a small fraction of the G-SDoF. For this system without any CSIT, the total outage event, defined as either connection outage or secrecy outage, is introduced. Based on this total outage definition, analysis shows that the proposed MF scheme achieves the full generalized secure diversity gain (G-SDG) of order one. On the other hand, the AF scheme can only achieve a G-SDG of 1/2 at most

Formal security analysis of registration protocols for interactive systems: a methodology and a case of study

In this work we present and formally analyze CHAT-SRP (CHAos based Tickets-Secure Registration Protocol), a protocol to provide interactive and collaborative platforms with a cryptographically robust solution to classical security issues. Namely, we focus on the secrecy and authenticity properties while keeping a high usability. In this sense, users are forced to blindly trust the system administrators and developers. Moreover, as far as we know, the use of formal methodologies for the verification of security properties of communication protocols isn't yet a common practice. We propose here a methodology to fill this gap, i.e., to analyse both the security of the proposed protocol and the pertinence of the underlying premises. In this concern, we propose the definition and formal evaluation of a protocol for the distribution of digital identities. Once distributed, these identities can be used to verify integrity and source of information. We base our security analysis on tools for automatic verification of security protocols widely accepted by the scientific community, and on the principles they are based upon. In addition, it is assumed perfect cryptographic primitives in order to focus the analysis on the exchange of protocol messages. The main property of our protocol is the incorporation of tickets, created using digests of chaos based nonces (numbers used only once) and users' personal data. Combined with a multichannel authentication scheme with some previous knowledge, these tickets provide security during the whole protocol by univocally linking each registering user with a single request. [..]Comment: 32 pages, 7 figures, 8 listings, 1 tabl