Security in WAP
description
Transcript of Security in WAP
Security in WAP
Sanket Naik, Ameya VardeCS590F Fall 2000
Motivation and Goals• To study the security issues in WAP• To analyze an existing implementation
and implement enhancements• To investigate security holes in the
implementation and WAP in general• To suggest improvements for both
Implementation WAP stack from Kannel (www.kannel.org)
An on-going open source project implementing the WAP stack
No WTLS support WTLS layer from 3ui.com (www.3ui.com) We identified 2 security enhancements:
SSL connection between WAP gateway and Content (HTML) server
Authentication of the WAP gateway by the WAP client
Both missing in WTLS patch from 3ui
Kannel architecture
Security Enhancements
Development tools Platform – Linux OpenSSL crypto library (
http://www.openssl.org) NOKIA WAP Toolkit (
http://www.forum.nokia.com) Simulates a web-enabled NOKIA 7110
phone
WTLS optimizations Why optimize?
Low bandwidth Less processing power Less memory Weaker power supply
The optimizations Abbreviated handshake – using pre-master
secret from previous session Optional steps – Client can send NULL reply to
Certificate request, Anonymous key exchange etc.
The flaws Encryption not truly end-to-end Abbreviated handshake susceptible to replay
attack Chosen plain-text attack: IV for each packet =
Sequence number XOR Original IV DOS attack: Alerts are unauthenticated Man-in-the-middle attack: 40 bit XOR MAC
allows even bit changes Impersonation: Anonymous key exchange
methods allow key generation w/o Authentication (Kannel WTLS has only anonymous key exchange methods!)
Weaker encryption mechanisms due to export regulations
Suggestions WAP specifications
Enforce Client authentication rather than keep it optional
Make WTLS layer mandatory whether people use it or not.
Implementation Provide Gateway authentication in WAP
clients Add stronger algorithms, keys and key
exchange methods to the cipher suites
Conclusions WTLS Specs propose weak security Developers and Manufacturers are
deploying WAP stacks which do not meet even these weak security requirements
Mostly due to lack of security expertise Open source exposing these weaknesses Yet additional code review required Our 2 bits should be checked in soon…