Wireless Topology
Before we can delve into the workings of WTLS we must first achieve a familiarity with the wireless network topology required to accomplish our task. The WAP client (in our case the cell phone), will communicate directly with a gateway which we can call mobile.cyberarmy.net. The gateway acts as a proxy to our content server, which is cyberarmy.net, and will provide: protocol translations, compression, and other services. When mobile.cyberarmy.net receives a request from a WAP client, it's translated into HTTP to communicate with cyberarmy.net. To secure the above system of communication, the communication between the WAP client and gateway must be encrypted with WTLS. Mobile.cyberarmy.net will then decrypt WTLS and then re-encrypt using SSL to connect to cyberarmy.net.
The SSL-WTLS Interface
This may be considered the weak link in our WAP client ? gateway ? content server chain. As explained, SSL's reach only extends to web server and WAP gateway; WTLS only extends to WAP client and gateway. This poses a problem-within mobile.cyberarmy.net the communication is translated into cleartext at some point in the process and means that mobile.cyberarmy.net will have to go through a very thorough hardening process before becoming live. The architecture and processes can be seen below:
| |
[WAP device]-------[mobile.cyberarmy.net]------[www.cyberarmy.net]
<---WTLS--->{unprotected}<---SLL--->
| |
(Firewall) | | (Firewall)
Pass-through Mode
A possible solution for the above security flaw may be to upgrade all WAP gateways so that they can work in ?pass-through? mode. In this mode, a WAP gateway allows all traffic to pass intact. In this model, the WTLS encrypted data stream travels from the mobile phone to the server without being decrypted and the gateway would be a relay for the data stream. In other words, in a model like this the WAP gateway has two modes. One such mode is a "normal mode" where it works like WAP gateways work today, and the other is a "pass-through" mode where the gateway detects the WTLS stream and simply lets it pass through.
Pass-through mode
| |
[WAP device]--------[mobile.cyberarmy.net]--------[cyberarmy.net]
<---------------WTLS--------------->
| |
(Firewall) | | (Firewall)
WTLS
WTLS is a derivative of the Transport Layer Security protocol (TLS), which is based on the Secure Socket Layer Protocol (SSL). WTLS incorporates new features such as: datagram support, optimised packet size and handshake, and dynamic key refreshing. It has been optimised for low-bandwidth bearer networks with relatively long latency. Fast algorithms are chosen into the algorithm suite and the objective of WTLS is to be a lightweight and efficient protocol with respect to bandwidth, memory and processing power. The internal architecture of the WTLS protocol includes at the lowest layer, the 'record protocol', followed by: the handshake, alert, application, and change cipher spec protocols at the highest layer. Specific information regarding these protocols can be found at http://www.tml.hut.fi/Opinnot/Tik-110.501/1999/papers/wtls/wtls.html#chap2.4. Authentication in WTLS, like the protocols it's derived from, comes in the form of certificates.
Markku-Juhani Saarinen has produced a paper outlining several insecurities within the WTLS protocol entitled 'Attacks Against the WAP WTLS Protocol' including: the chosen plain-text data recovery attack, the datagram truncation attack, the message forgery attack, and the exportable key-search shortcut. It is notable that one should be selective about the type of cipher used with the implementation of the WTLS protocol (see ?Symmetric Block Ciphers: An Analytic Approach), as it is possible for WTLS to be implemented with some very weak ciphers. Several cryptosystems at different key strengths can be used in WTLS. The trade-off is security versus processing and transmission time.
References:
http://www.tml.hut.fi/Opinnot/Tik-110.501/1999/papers/wtls/wtls.html#chap2.4
http://www.thewirelessfaq.com/9.4.asp
http://www.advisor.com/Articles.nsf/aid/MIKAP001
http://csdl.computer.org/comp/proceedings/iscc/2003/1961/00/19611245abs.htm
http://www.cosic.esat.kuleuven.be/publications/article-549.pdf
'The Wireless Application Protocol': Dave Singelee, Bart Preneel - COSIC Internal Report
'Attacks Against the WAP WTLS Protocol'; Markku-Juhani Saarinen
Credit:
I'd like to thank Ladycray very much for her insightful resources for this article, she did an excellent job in finding them.
This article was originally published by CyberArmy.net in the CyberArmy Library.
|