During the past decade, information transfer in open communication systems such as mobile phone communication systems and wireless LANs local area networks have been easily intercepted and decoded by hackers. According to report published by the Public Security Ministry of China (2008), the probability of security incidents has been increasing for 4 years. It is straightforward for individuals to obtain interceptors, download different sorts of effective interception and analysis software and gain private information. The cause has been considered to be the weak security open systems. However, the wide adoption of the open systems in the world leads to difficulty of total substitution until a new, highly efficient and secure system can be devised. Consequently, the need for new technologies the structure utilized at present is increasingly difficult to ignore. Fortunately, solutions have been invented by scientists. The first part of this essay will focus on the security problems in two open systems, namely mobile phone communication systems and wireless LANs (WLANs) and the second part will be the illustration and evaluation about the AES algorithm and the layered security design which are two possible solutions.
Get your grade
or your money back
using our Essay Writing Service!
Since the mobile phone was invented in April 1973, the improvements have not been ignored. Thus this advanced information-exchange appliance and its assorted signal transmission system such as GSM (global system for mobile communications) which is commonly utilized in the modern world have been widely accepted by citizens around the world. However, the neglect of the information security has not been concerned about seriously until a team of researchers from Technion published achievements in A5/1 cryptanalysis and GSM cryptographic protocol flaw in 2003 . It became palpable that the mobile communication could no longer be considered secure.
In fact, the most terrible flaw which leads to security problems in the mobile phone communication system can be the signal transmission process. The mobile phone communication process is a procedure including sending signals by mobile phones into the network, transferring the signals between base stations and at last the terminal receiving the signals. It is obvious that all the signals travel through the air as electromagnetic waves. In other words, every hacker in this open platform has capability of using simple interceptors to capture the signals resulting in high information reveal feasibility.
Although scientists add various encryption processes in the signal transmission procedure, most of encryption algorithms, for instance DES (data encryption standard), have been cracked. Therefore no obstacles will prevent hackers to achieve the private information.
Terrible conditions which are analogous with those in mobilie phone communication systems could be commonly found in WLANs. It does have developed rapidly but at the same time some serious drawbacks should be noticed.
The WLANs which has a major peer-to-peer network model named mobile ad hoc network (MANET) (Perkins, 2000) is the most likely candidate to become widely prevalent at present. But since ad hoc networks can be deployed rapidly, sensitive applications raise important security issues. Security requirements in ad hoc networks are different from those of fixed networks. While the security requirements are the common ones, namely availability, confidentiality, integrity, authentication and non-repudiation, they are considered differently for ad hoc networks due to system constraints in mobile devices (i.e. low power microprocessor, small memory and bandwidth, short battery life) and frequent network topology changes. Another four feasible leaks in MANET will be shown below.
First, MANET utilizes the uncontrolled medium. The signals can travel through the walls ceilings and windows up to thousands of feet outside of the area covered by airwave. Hence, it is shared medium that allows anyone in proximity to sniff the traffic. The risk of using a shared medium is increasing with the advent of readily-available hackers tools. Second, insecure WLANs devices, such as access points and user stations, can seriously compromise both the wireless network and the wired network, making them popular targets for hackers. In addition, access points are insecure, due to improper configurations and design flaws. Finally, insecure wireless user stations such as laptops or bar code scanners pose even a greater risk to the security of the enterprise network than insecure access points.
Experts have inverted various solutions to address those problems indeed. Wired equivalent privacy (WEP) which is a security protocol allows encryption of data portion of packets. Yet the encryption process in WEP is overt and has exposed some flaws. For example, the Initialization Vector (IV) is sent as plaintext with the encrypted packet. The IV space was too small and this forced reusing of the IVs. A flaw in the encryption algorithm enabled certain IVs to reveal more information about the WEP key. These IVs are known as weak IVs. Approximately 9000 weak IVs will exist out of 16000000 possible ones. WEP key can be cracked using a few thousands of these weak IVs and on a busy network this might be a few minutes. The security of WLANs will not be completely ensured.
Always on Time
Marked to Standard
Although the extant systems can not be totally changed and some subsistent solutions have serious flaws, scientists will not permit these troubles to exist for long. Numbers of methods has been exploited by experts. Two sorts of methods will be illustrated in the following part separately.
As mentioned above, the encryption algorithm in mobile phone communication system which is called DES has been cracked. Hence scientists have designed a new algorithm named AES (advanced encryption standard) to substitute for DES. The AES specifies a federal information processing standard (FIPS)-approved cryptographic algorithm that can be utilized to protect electronic data. This algorithm is capable of using cryptographic keys of 128, 192, and 256 bits to encrypt and decrypt data in blocks of 128 bits while the DES only has cryptographic key of 56 bits. The differences between the lengths of keys cause the encryption intensity disparity. Specifically, the brute force of AES requires 149 thousand billion years when the decryption equipment could accomplish the brute force of DES in one second. Actually the existence of the universe is considered to be less than 20 billion years. In other words, the AES can not be cracked in the modern world. Moreover, the project of substituting DES into AES will not lead to major changes to the main system since the hardware of these two algorithms are almost the same and the modification is merely rewriting new program in encryption chips.
Nevertheless, the AES algorithm is not perfect due to the data throughput. Despite of high encryption intensity, the performance of AES in data throughput is three times lower than DES which causes significant delay of data transmission. Fortunately the improvement of AES has been continued by experts all over the world which creates great confidence of AES global popularization.
In the meantime, new modifications in WLANs acquire certain success. When the security of a given network architecture is not properly designed from the beginning, then the above mentioned security goals are difficult to achieve during network deployment. It is essential, therefore, to design secure ad hoc networks that will result in multiple lines of defense against both known and unknown security threats. This design is layered security design.
The layered security mechanisms include prevention, detection and reaction operations to prevent intruders from entering the network. They could discover the intrusions and take actions to prevent persistent adverse effects. The prevention process can be embedded in secure routing and packet forwarding protocols to prevent the attacker from installing incorrect routing states at nodes. The detection process exploits ongoing attacks through identification of abnormal behavior by malicious or selfish nodes. Such misbehavior can be detected in the pre-secure session either by node-to-node authentication or by node availability mechanisms. Once the attacker is detected, reaction operations reconfigure routing and packet forwarding operations. The adjustments can range from avoiding this particular node in route selection to expelling the node from the network.
The above mentioned layered security solution poses grand yet exciting research challenges. The structuring process steps of layered security design can be expanded into a ''process framework''. A node has to properly select security mechanisms that fit well into its own available resources, deployment cost and other complex constraints. It expects best effort from each component. It is necessary to identify the systems' principles of how to build such link and network security mechanisms that will explore their methods and learn to prevent, detect and react to threats accordingly.
In conclusion, different kinds of serious leaks have been found in current communication systems which contain mobile phone communication systems and WLANs. In order to tackle the problem, some technologies such as DES algorithm and WEP were developed and have been utilized for decades. However, at present these technologies have been cracked totally which leads to information security problems. Therefore, AES algorithm and layered security design are invented to alternate the problematical technologies. Although these high-tech technologies satisfy the security intensity requirement indeed, imperfections also exist and require further improvements designed by scientists.