Interference
Superposition by other, stronger RF signals
can be mitigated by sophisticated transmission schemes
Absorption
By matter in the propagation path
(e. g. water molecules in air, walls, conducting structures
Scattering
Reflection in multiple directions due to small (e. g. Rayleigh scattering: d > 𝜆) or uneven objects
(e. g. dust, snow storm)
Diffraction
Bending of the signal path on sharp edges of objects
(e. g. buildings)
Multipath Propagation
Splitting up into multiple path components due to reflections (e. g. on walls) with possible destructive interference by the delayed path components at receiver
Can be exploited for higher data rates!
Wireless vs. wired networks – Important difference
Undefined range: in principle unlimited range
Shared medium: Wireless devices communicate over the same medium, wireless transmission is half-duplex only
Variable link quality: Overall quality can change rapidly in short time
Mobility of devices
All this makes the need for different routing protocols
Wireless Technologies - Overview
Fokus auf Wlan, Bluetooth, Zigbee und NFC
Basic Security Concepts
Confidentiality
Integrity
Availability
Authentication
Authorisation
Replay Protection
Key Management
Non-Repudiation
Protection of data in transit and at rest from unwanted disclosure
Typically achieved via Encryption
Protection of data in transit and at rest from undetected modification
Enabling use of services for legitimate (!) users, when needed
Proving the identity of devices, persons and services
Enforces access control for protected resources, dependent on proper Authentication
Detection of deliberately repeated transmissions
Establishment, Distribution and Update of cryptographic material
Proving that a transmission originated from a specific sender
Symmetric Encryption
Uses a shared Secret Key which must never be disclosed
Encryption and Decryption use the same key
Asymmetric Encryption
Uses a pair of Public and Private Keys, requires only Private Key to be secret
Encryption is performed with the Public Key of the receiver,
Decryption with the Private Key of the receiver
Attack Types
Reconnaissance
Eavesdropping (also: Capturing, Sniffing)
Cryptanalysis
Injection
Replay attack
Impersonation
Denial of Service
Gain information about target network, computers and users
Eavesdropping
Passive attack, capturing data in transit
Recovering the plaintext and/or key from captured data
Unauthorised sending of crafted messages
Spoofing … forging the origin of messages
Fuzzing … sending messages with invalid or unusual content
Re-sending previously captured messages
Assuming the identity of legitimate devices/users/services
Disrupting services, preventing access for legitimate users
Wireless Security Challenges
Physical access is MUCH easier than with wired networks
Significantly lowers the effort and risk for an attacker
Attacker can engage over long distances
Mobile attacker is much harder to detect and capture
Wireless network lies at the edge of the network infrastructure
Limited computing power and energy
High effort for Key Management
Complexity of wireless technology
Huge number of possible configurations
Market pressure leads to compromises regarding security
Wireless technology Denial-of-Service (DoS)
Physical DoS via RF interference
Logical DoS via forged messages
No effective way to mitigate DoS attempts
Zuletzt geändertvor einem Monat
