DIMACS Workshop on Mobile and Wireless Security

Event Detail

General Information
Dates:
Wednesday, November 3, 2004 - Thursday, November 4, 2004
Days of Week:
Wednesday
Thursday
Target Audience:
Practice Oriented
Location:
DIMACS Center, Rutgers University, Piscataway, NJ
Sponsor:
Event Details/Other Comments:

The rapid growth of both voice and data wireless communications has resulted in several serious security problems in both the voice and data spaces. Unfortunately, many of the early security mistakes made with wireless voice communications were repeated with data communications, i.e. the use of flawed authentication and confidentiality algorithms. For example, the standards committee for
802.11 left many of the difficult security issues such as key management and a robust authentication mechanism as open problems.
This has led many organizations to use either a permanent fixed cryptographic variable or no encryption with their wireless networks.
Since wireless networks provide an adversary a network access point that is beyond the physical security controls of the organization, security can be a problem. Similarly, attacks against WEP, the link-layer security protocol for 802.11 networks can exploit design failures to successfully attack such networks. This workshop will focus on addressing the many outstanding issues that remain in wireless cellular and WLAN networking such as (but not limited to):
Management and monitoring; ad-hoc trust establishment; secure roaming between overlay networks; availability and denial of service mitigation; and network and link layer security protocols. We will seek to extend work on ad hoc networking from a non-adversarial setting, assuming a trusted environment, to a more realistic setting in which an adversary may attempt to disrupt communication. We will investigate a variety of approaches to securing ad hoc networks, in particular ways to take advantage of their inherent redundancy (multiple routes between nodes), replication, and new cryptographic schemes such as threshold cryptography.