Details

<p>Preface xvii</p> <p>Acknowledgments xxiii</p> <p>About the Companion Website xxv</p> <p><b>Part I Introduction and Mathematics Background </b><b>1</b></p> <p><b>1 Introduction </b><b>3</b></p> <p>1.1 General Computer Communication Network Architecture 3</p> <p>1.1.1 Wired Communication Network Infrastructure 3</p> <p>1.1.2 Wireless Communication Network Infrastructure 4</p> <p>1.2 Different Types of Wireless Communication Systems 5</p> <p>1.2.1 Classification of Wireless Communication Systems 5</p> <p>1.2.1.1 Based on Coverage 5</p> <p>1.2.1.2 Based on Topology 6</p> <p>1.2.1.3 Based on Mobility 6</p> <p>1.2.2 Wireless Personal Area Networks 7</p> <p>1.2.3 Wireless Local Area Networks 7</p> <p>1.2.4 Wireless Wide Area Networks 7</p> <p>1.3 Network Security and Wireless Security 9</p> <p>1.3.1 Network Security 9</p> <p>1.3.2 Security Threats in Wireless Networks 10</p> <p>1.4 Summary 11</p> <p><b>2 Basic Network Security Concepts </b><b>13</b></p> <p>2.1 Security Attacks 13</p> <p>2.1.1 Passive Attacks 13</p> <p>2.1.1.1 Eavesdropping 13</p> <p>2.1.1.2 Traffic Analysis 14</p> <p>2.1.2 Active Attacks 15</p> <p>2.2 Security Services 16</p> <p>2.2.1 Access Control 17</p> <p>2.2.2 Authentication 17</p> <p>2.2.3 Confidentiality 18</p> <p>2.2.4 Integrity 18</p> <p>2.2.5 Non-repudiation 19</p> <p>2.2.6 Availability 19</p> <p>2.3 Security Mechanisms 21</p> <p>2.3.1 Encipherment 21</p> <p>2.3.2 Authentication 21</p> <p>2.3.3 Access Control 22</p> <p>2.3.4 Digital Signature 22</p> <p>2.3.5 Data Integrity 23</p> <p>2.3.6 Traffic Padding and Routing Control 23</p> <p>2.3.7 Notarization 24</p> <p>2.4 Other Security Concepts 24</p> <p>2.4.1 Levels of Impact 24</p> <p>2.4.2 Cryptographic Protocols 25</p> <p>2.5 Summary 25</p> <p><b>3 Mathematical Background </b><b>27</b></p> <p>3.1 Basic Concepts in Modern Algebra and Number Theory 27</p> <p>3.1.1 Group 27</p> <p>3.1.1.1 Abelian Group 28</p> <p>3.1.1.2 Cyclic Group 28</p> <p>3.1.2 Ring 29</p> <p>3.1.3 Field 29</p> <p>3.2 Prime Numbers, Modular Arithmetic, and Divisors 30</p> <p>3.2.1 Prime Numbers 30</p> <p>3.2.2 Modular Arithmetic 30</p> <p>3.2.3 Divisors and GCD 31</p> <p>3.2.4 Multiplicative Inverse 33</p> <p>3.3 Finite Field and Galois Field 34</p> <p>3.4 Polynomial Arithmetic 35</p> <p>3.4.1 Ordinary Polynomial Arithmetic 35</p> <p>3.4.2 Polynomial Arithmetic in Finite Fields 36</p> <p>3.4.3 Modular Polynomial Arithmetic 37</p> <p>3.4.4 Computational Considerations 39</p> <p>3.4.5 Generating a Finite Field with a Generator 40</p> <p>3.5 Fermat’s Little Theorem, Euler’s Totient Function, and Euler’s Theorem 41</p> <p>3.5.1 Fermat’s Little Theorem 41</p> <p>3.5.2 Euler Totient Function <i>𝜙</i>(<i>n</i>) 42</p> <p>3.5.3 Euler’s Theorem 43</p> <p>3.6 Primality Testing 44</p> <p>3.7 Chinese Remainder Theorem 46</p> <p>3.8 Discrete Logarithm 48</p> <p>3.9 Summary 49</p> <p><b>Part II Cryptographic Systems </b><b>51</b></p> <p><b>4 Cryptographic Techniques </b><b>53</b></p> <p>4.1 Symmetric Encryption 53</p> <p>4.2 Classical Cryptographic Schemes 53</p> <p>4.2.1 Classical Substitution Ciphers 54</p> <p>4.2.1.1 Caesar Cipher 54</p> <p>4.2.1.2 Monoalphabetic Cipher 55</p> <p>4.2.1.3 Playfair Cipher 57</p> <p>4.2.1.4 Polyalphabetic Cipher 58</p> <p>4.2.1.5 Autokey Cipher 59</p> <p>4.2.1.6 One-Time Pad 60</p> <p>4.2.2 Classical Transposition Ciphers 60</p> <p>4.2.2.1 Rail Fence Cipher 60</p> <p>4.2.2.2 Row Transposition Cipher 60</p> <p>4.2.2.3 Product Cipher 61</p> <p>4.2.3 More Advanced Classical Ciphers 61</p> <p>4.2.3.1 Rotor Machines 61</p> <p>4.2.3.2 Steganography 61</p> <p>4.3 Stream Cipher 62</p> <p>4.3.1 Rivest Cipher 4 62</p> <p>4.4 Modern Block Ciphers 63</p> <p>4.4.1 Overview of Modern Block Ciphers 63</p> <p>4.4.2 Feistel Block Cipher 64</p> <p>4.4.2.1 Ideal Block Cipher 64</p> <p>4.4.2.2 Feistel Cipher Structure 65</p> <p>4.4.3 Block Cipher Design 67</p> <p>4.5 Data Encryption Standards (DES) 67</p> <p>4.5.1 Overview of DES 67</p> <p>4.5.2 Initial Permutation (IP) 68</p> <p>4.5.3 DES Round Function 69</p> <p>4.5.3.1 DES S-Boxes 71</p> <p>4.5.3.2 DES Permutation Function 72</p> <p>4.5.4 DES Key Schedule 72</p> <p>4.5.5 DES Security 74</p> <p>4.5.6 Multiple Encryption and DES 75</p> <p>4.6 Summary 76</p> <p><b>5 More on Cryptographic Techniques </b><b>77</b></p> <p>5.1 Advanced Encryption Standards 77</p> <p>5.1.1 The AES Cipher: Rijndael 77</p> <p>5.1.2 AES Data Structure 77</p> <p>5.1.3 Details in Each Round 79</p> <p>5.1.3.1 Substitute Bytes 79</p> <p>5.1.3.2 Shift Rows 81</p> <p>5.1.3.3 Mix Columns 81</p> <p>5.1.3.4 Add Round Key 82</p> <p>5.1.3.5 AES Key Expansion 82</p> <p>5.1.3.6 AES Decryption 84</p> <p>5.1.3.7 AES Implementation Aspects 84</p> <p>5.2 Block Cipher Modes of Operation 85</p> <p>5.2.1 Electronic Codebook (ECB) Mode 85</p> <p>5.2.2 Cipher Block Chaining (CBC) Mode 86</p> <p>5.2.3 Cipher Feedback (CFB) Mode 87</p> <p>5.2.4 Output Feedback (OFB) Mode 88</p> <p>5.2.5 The Counter (CTR) Mode 89</p> <p>5.2.6 Last Block in Different Modes 90</p> <p>5.2.7 XTS-AES Mode 90</p> <p>5.3 Public Key Infrastructure 92</p> <p>5.3.1 Basics of Public Key Cryptography 92</p> <p>5.3.2 Public-Key Applications 94</p> <p>5.3.3 Security of Public Key Schemes 94</p> <p>5.4 The RSA Algorithm 95</p> <p>5.4.1 RSA Key Setup 95</p> <p>5.4.2 RSA Encryption and Decryption 96</p> <p>5.4.3 RSA Security Analysis 96</p> <p>5.4.3.1 Factoring Problem 97</p> <p>5.4.3.2 Timing attacks 97</p> <p>5.4.3.3 Chosen Ciphertext Attacks 97</p> <p>5.5 Diffie–Hellman (D–H) Key Exchange 97</p> <p>5.5.1 Finite-Field Diffie–Hellman 97</p> <p>5.5.2 Elliptic-Curve Diffie–Hellman 98</p> <p>5.5.3 Diffie–Hellman Key Exchange Vulnerability 98</p> <p>5.6 Summary 99</p> <p><b>6 Message Authentication, Digital Signature, and Key Management </b><b>101</b></p> <p>6.1 Message Authentication 101</p> <p>6.1.1 Message Authentication Functions 101</p> <p>6.1.2 Message Authentication Code 102</p> <p>6.1.3 Hash Functions 103</p> <p>6.1.4 Size of MAC and Hash Value 104</p> <p>6.2 MAC and Hash Algorithms 105</p> <p>6.2.1 Data Authentication Algorithm 105</p> <p>6.2.2 A Basic Hash Function Structure 106</p> <p>6.2.3 Secure Hash Algorithm (SHA) 106</p> <p>6.2.4 SHA-512 107</p> <p>6.2.4.1 SHA-512 Compression Function 108</p> <p>6.2.4.2 SHA-512 Round Function 109</p> <p>6.2.5 Whirlpool 111</p> <p>6.2.6 Other MAC Functions 112</p> <p>6.2.6.1 Keyed Hash Functions as MACs 112</p> <p>6.2.6.2 Cipher-Based MAC 113</p> <p>6.3 Digital Signature and Authentication 114</p> <p>6.3.1 Digital Signature Properties 115</p> <p>6.3.2 Digital Signature Standard and Algorithm 116</p> <p>6.3.3 The Elliptic Curve Digital Signature Algorithm 117</p> <p>6.3.3.1 ECDSA Domain Parameters 117</p> <p>6.3.3.2 ECDSA Private/Public Keys 118</p> <p>6.3.3.3 ECDSA Digital Signature Generation 119</p> <p>6.3.3.4 ECDSA Digital Signature Verification 120</p> <p>6.3.4 Authentication Protocols 120</p> <p>6.4 Key Management 122</p> <p>6.4.1 Key Distribution with Symmetric Key Encryptions 122</p> <p>6.4.2 Symmetric Key Distribution Using Public Key Cryptosystems 123</p> <p>6.4.3 Distribution of Public Keys 124</p> <p>6.4.4 Public Key Infrastructure 126</p> <p>6.4.5 X.509 Authentication Service 126</p> <p>6.5 Summary 128</p> <p><b>Part III Security for Wireless Local Area Networks </b><b>129</b></p> <p><b>7 WLAN Security </b><b>131</b></p> <p>7.1 Introduction to WLAN 131</p> <p>7.1.1 Wi-Fi Operating Modes 131</p> <p>7.1.2 Challenges in WLAN Security 132</p> <p>7.1.3 Tricks that Fail to Protect WLAN 133</p> <p>7.2 Evolution of WLAN Security 133</p> <p>7.3 Wired Equivalent Privacy 135</p> <p>7.3.1 WEP Access Control 135</p> <p>7.3.2 WEP Integrity and Confidentiality 136</p> <p>7.3.3 WEP Key Management 136</p> <p>7.3.4 WEP Security Problems 137</p> <p>7.3.4.1 Problems in WEP Access Control 138</p> <p>7.3.4.2 Problems in WEP Integrity 138</p> <p>7.3.4.3 Problems in WEP Confidentiality 138</p> <p>7.3.4.4 Problems in WEP Key Management 139</p> <p>7.3.5 Possible WEP Security Enhancement 140</p> <p>7.4 IEEE 802.1X Authentication Model 140</p> <p>7.4.1 An Overview of IEEE 802.1X 140</p> <p>7.4.2 Protocols in IEEE 802.1X 141</p> <p>7.4.3 Mapping the IEEE 802.1X model to WLAN 143</p> <p>7.5 IEEE 802.11i Standard 143</p> <p>7.5.1 Overview of IEEE 802.11i 143</p> <p>7.5.2 IEEE 802.11i Access Control 143</p> <p>7.5.3 IEEE 802.1i Key Management 145</p> <p>7.5.4 IEEE 802.11i Integrity and Confidentiality 147</p> <p>7.5.4.1 TKIP Mode 147</p> <p>7.5.4.2 AES-CCMP Mode 148</p> <p>7.5.5 Function <i>Michael </i>148</p> <p>7.5.6 Weakness in 802.11i 150</p> <p>7.6 Wi-Fi Protected Access 3 and Opportunistic Wireless Encryption 150</p> <p>7.6.1 WPA3-Personal 150</p> <p>7.6.2 WPA3-Enterprise 150</p> <p>7.6.3 Opportunistic Wireless Encryption 151</p> <p>7.7 Summary 152</p> <p><b>8 Bluetooth Security </b><b>153</b></p> <p>8.1 Introduction to Bluetooth 153</p> <p>8.1.1 Overview of Bluetooth Technology 153</p> <p>8.1.2 Bluetooth Vulnerabilities and Threats 154</p> <p>8.1.2.1 Bluesnarfing 155</p> <p>8.1.2.2 Bluejacking 155</p> <p>8.1.2.3 Bluebugging 155</p> <p>8.1.2.4 Car Whisperer 155</p> <p>8.1.2.5 Fuzzing Attacks 155</p> <p>8.1.3 Bluetooth Security Services and Security Modes 156</p> <p>8.1.3.1 Bluetooth Security Services 156</p> <p>8.1.3.2 Bluetooth Security Modes 156</p> <p>8.2 Link Key Generation 157</p> <p>8.2.1 Link Key Generation for Security Modes 2 and 3 157</p> <p>8.2.2 Link Key Generation for Security Mode 4 158</p> <p>8.2.3 Association Model in Mode 4 159</p> <p>8.2.3.1 Numeric comparison 159</p> <p>8.2.3.2 Out-of-Band (OOB) 160</p> <p>8.2.3.3 Passkey entry 162</p> <p>8.3 Authentication, Confidentiality, and Trust and Service Levels 163</p> <p>8.3.1 Authentication 163</p> <p>8.3.2 Confidentiality 164</p> <p>8.3.3 Trust and Security Service Levels 165</p> <p>8.4 Cryptographic Functions for Security Modes 1, 2, and 3 166</p> <p>8.4.1 SAFER+ 166</p> <p>8.4.1.1 Overview of the SAFER+ Structure 166</p> <p>8.4.1.2 SAFER+ Round Function 166</p> <p>8.4.1.3 SAFER+ Key Schedule for 128-Bit Key 168</p> <p>8.4.2 Function <i>E</i>1(⋅) 168</p> <p>8.4.3 Function <i>E</i>21(⋅) 170</p> <p>8.4.4 Function <i>E</i>22(⋅) 170</p> <p>8.4.5 Function <i>E</i>3(⋅) 171</p> <p>8.4.6 Function <i>E</i>0(⋅) 171</p> <p>8.5 Cryptographic Functions in Security Mode 4 (SSP) 173</p> <p>8.5.1 Function <i>P</i>192(⋅) 173</p> <p>8.5.2 Function <i>f</i>1(⋅) 174</p> <p>8.5.3 Function <i>g</i>(⋅) 174</p> <p>8.5.3.1 Function <i>f</i>2(⋅) 174</p> <p>8.5.3.2 Function <i>f</i>3(⋅) 174</p> <p>8.6 Summary 174</p> <p><b>9 Zigbee Security </b><b>177</b></p> <p>9.1 Introduction to Zigbee 177</p> <p>9.1.1 Overview of Zigbee 177</p> <p>9.1.2 Security Threats Against Zigbee 178</p> <p>9.2 IEEE 802.15.4 Security Features 179</p> <p>9.2.1 Security Levels 179</p> <p>9.2.2 IEEE 802.15.4 Frame Structure 180</p> <p>9.3 Zigbee Upper Layer Security 182</p> <p>9.3.1 Zigbee Security Models 182</p> <p>9.3.2 Security Keys in Zigbee 183</p> <p>9.3.3 Zigbee Network Layer Security 184</p> <p>9.3.4 Zigbee Application Support Layer Security 184</p> <p>9.3.5 Other Security Features in Zigbee 185</p> <p>9.4 Security-Related MAC PIB Attributes 187</p> <p>9.5 Mechanisms Used in Zigbee Security 188</p> <p>9.5.1 AES-CTR 188</p> <p>9.5.2 AES-CBC-MAC 189</p> <p>9.5.3 Overview of the AES-CCM 189</p> <p>9.5.4 Nonces Applied to the Security Mechanisms 189</p> <p>9.5.5 Matyas–Meyer–Oseas Hash Function 190</p> <p>9.6 Summary 191</p> <p><b>10 RFID Security </b><b>193</b></p> <p>10.1 Introduction to RFID 193</p> <p>10.1.1 Overview of RFID Subsystems 193</p> <p>10.1.2 Types of RFID Tags 193</p> <p>10.1.3 RFID Transactions 194</p> <p>10.1.4 RFID Frequency Bands 194</p> <p>10.2 Security Attacks, Risks, and Objectives of RFID Systems 195</p> <p>10.2.1 Security Attacks to RFID Systems 195</p> <p>10.2.2 RFID Privacy Risks 195</p> <p>10.2.3 Security Objectives 196</p> <p>10.3 Mitigation Strategies and Countermeasures for RFID Security Risks 196</p> <p>10.3.1 Cryptographic Strategies 196</p> <p>10.3.1.1 Encryption 196</p> <p>10.3.1.2 One-Way Hash Locks 196</p> <p>10.3.1.3 EPC Tag PINs 197</p> <p>10.3.2 Anti-Collision Algorithms 197</p> <p>10.3.2.1 Tree-Walking 197</p> <p>10.3.2.2 The Selective Blocker Tag 197</p> <p>10.3.3 Other Mitigation Strategies 198</p> <p>10.3.3.1 Physical Shielding Sleeve (The Faraday Cage) 198</p> <p>10.3.3.2 Secure Reader Protocol 1.0 198</p> <p>10.4 RFID Security Mechanisms 199</p> <p>10.4.1 Hash Locks 199</p> <p>10.4.1.1 Default Hash Locking 199</p> <p>10.4.1.2 Randomized Hash Locking 200</p> <p>10.4.2 HB Protocol and the Enhancement 200</p> <p>10.4.2.1 HB Protocol 200</p> <p>10.4.2.2 HB+ Protocol 202</p> <p>10.4.2.3 HB++ Protocol 203</p> <p>10.5 Summary 205</p> <p><b>Part IV Security for Wireless Wide Area Networks </b><b>207</b></p> <p><b>11 GSM Security </b><b>209</b></p> <p>11.1 GSM System Architecture 209</p> <p>11.1.1 Mobile Station 209</p> <p>11.1.2 Base Station Subsystem 210</p> <p>11.1.3 Network Subsystem 211</p> <p>11.2 GSM Network Access Security Features 212</p> <p>11.2.1 GSM Entity Authentication 212</p> <p>11.2.2 GSM Confidentiality 214</p> <p>11.2.3 GSM Anonymity 215</p> <p>11.2.4 Detection of Stolen/Compromised Equipment in GSM 215</p> <p>11.3 GSM Security Algorithms 215</p> <p>11.3.1 Algorithm <i>A</i>3 216</p> <p>11.3.2 Algorithm <i>A</i>8 216</p> <p>11.3.3 Algorithm COMP128 216</p> <p>11.3.4 Algorithm <i>A</i>5 220</p> <p>11.3.4.1 <i>A</i>5∕1 220</p> <p>11.3.4.2 Algorithm <i>A</i>5∕2 223</p> <p>11.4 Attacks Against GSM Security 225</p> <p>11.4.1 Attacks Against GSM Authenticity 225</p> <p>11.4.1.1 Attacks Against GSM Confidentiality 226</p> <p>11.4.2 Other Attacks against GSM Security 227</p> <p>11.5 Possible GSM Security Improvements 227</p> <p>11.5.1 Improvement over Authenticity and Anonymity 227</p> <p>11.5.2 Improvement over Confidentiality 228</p> <p>11.5.3 Improvement of the Signaling Network 228</p> <p>11.6 Summary 228</p> <p><b>12 UMTS Security </b><b>229</b></p> <p>12.1 UMTS System Architecture 229</p> <p>12.1.1 User Equipment 229</p> <p>12.1.2 UTRAN 230</p> <p>12.1.3 Core Network 231</p> <p>12.2 UMTS Security Features 231</p> <p>12.3 UMTS Network Access Security 232</p> <p>12.3.1 Authentication and Key Agreement 232</p> <p>12.3.1.1 The AKA Mechanism 232</p> <p>12.3.1.2 Authentication Vector Generation 234</p> <p>12.3.1.3 AKA on the UE Side 236</p> <p>12.3.2 Confidentiality 237</p> <p>12.3.3 Data Integrity 238</p> <p>12.3.4 User Identity Confidentiality 239</p> <p>12.4 Algorithms in Access Security 240</p> <p>12.4.1 Encryption Algorithm f8 240</p> <p>12.4.1.1 Integrity Algorithm f9 241</p> <p>12.4.2 Description of KASUMI 242</p> <p>12.4.2.1 An Overview of KASUMI Algorithm 242</p> <p>12.4.2.2 Round Function <i>Fi</i>(⋅) 244</p> <p>12.4.2.3 Function <i>FL </i>244</p> <p>12.4.2.4 Function <i>FO </i>244</p> <p>12.4.2.5 Function FI 245</p> <p>12.4.2.6 S-boxes S7 and S9 245</p> <p>12.4.2.7 Key Schedule 247</p> <p>12.4.3 Implementation and Operational Considerations 248</p> <p>12.5 Other UMTS Security Features 249</p> <p>12.5.1 Mobile Equipment Identification 249</p> <p>12.5.2 Location Services 249</p> <p>12.5.3 User-to-USIM Authentication 249</p> <p>12.6 Summary 250</p> <p><b>13 LTE Security </b><b>251</b></p> <p>13.1 LTE System Architecture 251</p> <p>13.2 LTE Security Architecture 253</p> <p>13.3 LTE Security 255</p> <p>13.3.1 LTE Key Hierarchy 255</p> <p>13.3.2 LTE Authentication and Key Agreement 257</p> <p>13.3.3 Signaling Protection 258</p> <p>13.3.3.1 Protection of Radio-Specific Signaling 259</p> <p>13.3.3.2 Protection of User-Plane Traffic 259</p> <p>13.3.4 Overview of Confidentiality and Integrity Algorithms 259</p> <p>13.3.4.1 Confidentiality Mechanism 259</p> <p>13.3.4.2 Integrity Mechanism 260</p> <p>13.3.5 Non-3GPP Access 261</p> <p>13.4 Handover Between eNBs 261</p> <p>13.4.1 Overview 261</p> <p>13.4.2 Key Handling in Handover 262</p> <p>13.4.2.1 Initialization 262</p> <p>13.4.2.2 Intra-eNB Key Handling 264</p> <p>13.4.2.3 Intra-MME Key Handling 265</p> <p>13.4.2.4 Inter-MME Key Handling 266</p> <p>13.5 Security Algorithms 268</p> <p>13.5.1 128-EEA2 268</p> <p>13.5.2 128-EIA2 269</p> <p>13.5.3 EEA3 270</p> <p>13.5.4 EIA3 271</p> <p>13.6 Security for Interworking Between LTE and Legacy Systems 273</p> <p>13.6.1 Between LTE and UMTS 273</p> <p>13.6.1.1 Idle Mode Mobility from E-UTRAN to UTRAN 273</p> <p>13.6.1.2 Idle Mode Mobility from UTRAN to E-UTRAN 274</p> <p>13.6.1.3 Handover Mode from E-UTRAN to UTRAN 275</p> <p>13.6.1.4 Handover Mode from UTRAN to E-UTRAN 276</p> <p>13.6.2 Between E-UTRAN and GERAN 277</p> <p>13.6.2.1 Idle Mode 277</p> <p>13.6.2.2 Handover Mode 277</p> <p>13.7 Summary 278</p> <p><b>Part V Security for Next Generation Wireless Networks </b><b>279</b></p> <p><b>14 Security in 5G Wireless Networks </b><b>281</b></p> <p>14.1 Introduction to 5GWireless Network Systems 281</p> <p>14.1.1 The Advancement of 5G 281</p> <p>14.1.2 5GWireless Network Systems 282</p> <p>14.2 5G Security Requirements and Major Drives 283</p> <p>14.2.1 Security Requirements for 5GWireless Networks 283</p> <p>14.2.2 Major Drives for 5GWireless Security 284</p> <p>14.2.2.1 Supreme Built-in-Security 284</p> <p>14.2.2.2 Flexible Security Mechanisms 285</p> <p>14.2.2.3 Automation 285</p> <p>14.2.3 Attacks in 5G Wireless Networks 286</p> <p>14.2.3.1 Eavesdropping and Traffic Analysis 286</p> <p>14.2.3.2 Jamming 286</p> <p>14.2.3.3 DoS and DDoS 287</p> <p>14.2.3.4 Man-In-The-Middle (MITM) 287</p> <p>14.3 A 5G Wireless Security Architecture 287</p> <p>14.3.1 New Elements in 5G Wireless Security Architecture 287</p> <p>14.3.2 A 5G Wireless Security Architecture 288</p> <p>14.3.2.1 Network Access Security (I) 288</p> <p>14.3.2.2 Network Domain Security (II) 289</p> <p>14.3.2.3 User Domain Security (III) 289</p> <p>14.3.2.4 Application Domain Security (IV) 289</p> <p>14.4 5GWireless Security Services 289</p> <p>14.4.1 Cryptography in 5G 289</p> <p>14.4.2 Identity Management 290</p> <p>14.4.3 Authentication in 5G 291</p> <p>14.4.3.1 Flexible Authentication 291</p> <p>14.4.3.2 Authentication Through Legacy Cellular System 291</p> <p>14.4.3.3 SDN Based Authentication in 5G 293</p> <p>14.4.3.4 Authentication of D2D in 5G 294</p> <p>14.4.3.5 Authentication of RFID in 5G 294</p> <p>14.4.4 Data Confidentiality in 5G 295</p> <p>14.4.4.1 Power Control 295</p> <p>14.4.4.2 Artificial Noise and Signal Processing 297</p> <p>14.4.5 Handover Procedure and Signaling Load Analysis 297</p> <p>14.4.6 Availability in 5G 297</p> <p>14.4.7 Location and Identity Anonymity in 5G 300</p> <p>14.5 5G Key Management 300</p> <p>14.5.1 3GPP 5G Key Architecture 300</p> <p>14.5.2 Key Management in 5G Handover 301</p> <p>14.5.3 Key Management for D2D Users 302</p> <p>14.6 Security for New Communication Techniques in 5G 303</p> <p>14.6.1 Heterogeneous Network and Massive MIMO in 5G 303</p> <p>14.6.2 Device-to-Device Communications in 5G 304</p> <p>14.6.3 Software-Defined Network in 5G 306</p> <p>14.6.4 Internet-of-Things in 5G 308</p> <p>14.7 Challenges and Future Directions for 5G Wireless Security 308</p> <p>14.7.1 New Trust Models 308</p> <p>14.7.2 New Security Attack Models 308</p> <p>14.7.3 Privacy Protection 309</p> <p>14.7.4 Flexibility and Efficiency 309</p> <p>14.7.5 Unified Security Management 309</p> <p>14.8 Summary 310</p> <p><b>15 Security in V2X Communications </b><b>311</b></p> <p>15.1 Introduction to V2X Communications 311</p> <p>15.1.1 Generic System Architecture of V2X Communications 311</p> <p>15.1.2 Dedicated Short Range Communications 312</p> <p>15.1.3 Cellular Based V2X Communications 313</p> <p>15.2 Security Requirements and Possible Attacks in V2X Communications 314</p> <p>15.2.1 Security Requirements 314</p> <p>15.2.2 Attacks in V2X Communications 315</p> <p>15.2.3 Basic Solutions 316</p> <p>15.3 IEEEWAVE Security Services for Applications and Management Messages 316</p> <p>15.3.1 Overview of the WAVE Protocol Stack and Security Services 316</p> <p>15.3.2 Secure Data Service and Security Service Management Entity 318</p> <p>15.3.3 CRL Verification Entity and P2P Certificate Distribution Entity 319</p> <p>15.4 Security in Cellular Based V2X Communications 320</p> <p>15.4.1 LTE-V2X Communication Security 320</p> <p>15.4.2 5G-V2X Communication Security 322</p> <p>15.5 Cryptography and Privacy Preservation in V2X Communications 323</p> <p>15.5.1 Identity Based Schemes 323</p> <p>15.5.2 Group Signature Based Schemes 325</p> <p>15.5.3 Batch Verification Schemes 326</p> <p>15.5.4 Reputation and Trust Based Schemes 327</p> <p>15.5.5 Identity Anonymity Preservation 328</p> <p>15.5.6 Location Anonymity Preservation 328</p> <p>15.6 Challenges and Future Research Directions 329</p> <p>15.6.1 Highly Efficient Authentication Schemes 329</p> <p>15.6.2 Efficient Revocation Mechanisms 330</p> <p>15.6.3 Advancing OBU and TPD Technologies 330</p> <p>15.6.4 Advancing Cryptography and Privacy Preservation Schemes 330</p> <p>15.6.5 Advancing Solutions to HetNet, SDN, and NFV 330</p> <p>15.6.6 Advancing Artificial Intelligence in V2X Communication Security 330</p> <p>15.7 Summary 331</p> <p>References 333</p> <p>Index 345</p>

<p><b>Yi Qian, PhD,</b> is a Professor in the Department of Electrical and Computer Engineering at the University of Nebraska-Lincoln, USA. He is a recipient of the Henry Y. Kleinkauf Family Distinguished New Faculty Teaching Award in 2011, the Holling Family Distinguished Teaching Award in 2012, the Holling Family Distinguished Teaching/Advising/Mentoring Award in 2018, and the Holling Family Distinguished Teaching Award for Innovative Use of Instructional Technology in 2018, all from University of Nebraska-Lincoln, USA.</p> <p><b>Feng Ye, PhD,</b> is an Assistant Professor in the Department of Electrical and Computer Engineering at the University of Dayton, USA. He received his PhD from the University of Nebraska-Lincoln, USA, in 2015. He is the author or co-author over 60 technical papers. <p><b>Hsiao-Hwa Chen, PhD,</b> is Distinguished Professor in the Department of Engineering Science at the National Cheng Kung University in Taiwan. He received his PhD from the University of Oulu, Finland, in 1991. He is the author or co-author of over 400 technical papers.

<p><b>Receive comprehensive instruction on the fundamentals of wireless security from three leading international voices in the field</b></b> <p><i>Security in Wireless Communication Networks </i>delivers a thorough grounding in wireless communication security. The distinguished authors pay particular attention to wireless specific issues, like authentication protocols and key management schemes for various wireless communication networks, encryption algorithms and integrity schemes on radio channels, lessons learned from designing secure wireless systems and standardization for security in wireless systems. <p>The book addresses how engineers, administrators, and others involved in the design and maintenance of wireless networks can achieve security while retaining the broadcast nature of the system, with all of its inherent harshness and interference. Readers will learn: <ul><li>A comprehensive introduction to the background of wireless communication ­network security, including a broad overview of wireless communication networks, security services, the mathematics crucial to the subject, and ­cryptographic techniques</li> <li>An exploration of wireless local area network security, including Bluetooth security, Wi-Fi security, and body area network security</li> <li>An examination of wide area wireless network security, including treatments of 2G, 3G, and 4G</li> <li>Discussions of future development in wireless security, including 5G, and vehicular ad-hoc network security</li></ul> <p>Perfect for undergraduate and graduate students in programs related to wireless ­communications, <i>Security in Wireless Communication Networks</i> will also earn a place in the libraries of professors, researchers, scientists, engineers, industry managers, ­consultants, and members of government security agencies who seek to improve their understanding of wireless security protocols and practices.

GB